Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/3k2RNc8nOpI5pVeKVVodj87k92Q.roa
File: 3k2RNc8nOpI5pVeKVVodj87k92Q.roa (raw, json)
Hash identifier: 6soACMB79xxwKCV0km1CuU7goLsu+GqH48KD924axoQ=
Subject key identifier: DE:4D:91:35:CF:27:3A:92:39:A5:57:8A:55:5A:1D:8F:CE:E4:F7:64
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018404C8FEC62B467B4DD26B6900C5E07291
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/3k2RNc8nOpI5pVeKVVodj87k92Q.roa
Signing time: Sun 23 Oct 2022 12:19:51 +0000
ROA not before: Sun 23 Oct 2022 12:19:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.176.107.0/24 maxlen: 24
185.239.163.0/24 maxlen: 24
185.239.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:04:c8:fe:c6:2b:46:7b:4d:d2:6b:69:00:c5:e0:72:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 23 12:19:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de4d9135cf273a9239a5578a555a1d8fcee4f764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:56:d8:c9:6f:1d:8d:74:91:61:9e:e9:06:7e:
b6:f4:92:47:e2:fe:47:b7:cc:22:78:1b:93:46:79:
31:a8:61:bc:ee:cb:a2:a5:86:2f:37:f4:ce:52:f0:
94:f6:9f:a4:17:d8:fe:52:d8:5d:19:0d:2a:16:ed:
b7:6f:04:d0:e5:a4:b1:1f:16:09:54:ab:b5:5f:15:
31:2c:25:f7:68:1a:d8:cb:7e:4e:77:3e:83:78:f6:
36:9c:3e:d7:f3:a2:42:3e:2a:8a:f3:db:27:b9:8f:
eb:f7:35:94:3e:8b:6b:f4:37:f8:d8:57:30:7b:a3:
c9:0a:a9:79:90:d9:bc:27:b6:c8:dc:bc:a6:a3:3b:
73:04:0d:5b:81:1f:3b:a6:dc:f5:b7:24:d1:24:0e:
66:3c:76:fc:a5:61:5e:5e:ff:91:d8:d2:3e:53:15:
2a:92:55:ad:f0:81:99:62:d5:63:ed:47:35:e0:6a:
18:95:b6:ec:87:e2:17:89:5e:66:d1:d2:fb:bb:2f:
6f:a4:57:7b:03:f2:c8:91:c5:7c:ee:82:f3:26:f9:
1d:7e:8f:55:c9:c5:e8:63:cf:1a:4a:54:53:1c:6f:
09:25:79:72:5c:40:ea:f7:e5:8f:fe:8c:f4:3c:66:
ed:3f:f8:62:e9:94:41:b4:e3:8a:2c:69:5d:92:9c:
a6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4D:91:35:CF:27:3A:92:39:A5:57:8A:55:5A:1D:8F:CE:E4:F7:64
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/3k2RNc8nOpI5pVeKVVodj87k92Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/24
185.239.163.0/24
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
81:d3:c0:fb:83:32:7e:ab:c1:1f:ca:fd:a6:9c:9e:85:f4:0a:
e9:09:99:cb:15:ef:0e:c7:ec:8b:d5:91:ce:55:af:02:a4:bc:
1c:f6:bf:70:3b:6a:ce:d8:a5:5a:8e:30:e3:72:b8:f5:fb:03:
04:6d:6b:88:f5:9b:ee:0d:6a:90:d7:b4:60:54:87:51:84:b6:
5c:28:1d:32:54:b0:29:b6:4b:a2:07:18:a3:04:1e:47:99:27:
dd:ed:57:5a:72:bb:23:c1:c7:d8:c5:09:64:6f:e4:70:c6:1a:
d6:e6:38:5d:51:fd:a5:3e:e3:3e:4e:15:90:e2:0f:1d:f5:0b:
af:12:61:a5:fd:39:6e:e3:17:bb:3b:48:f4:31:01:74:cd:f1:
f7:dc:04:dd:72:aa:98:d4:11:b0:7f:71:31:96:c8:c0:b2:96:
d8:73:df:03:95:7e:2b:e7:99:99:f7:f4:b9:1f:56:5b:e2:30:
50:36:2a:2b:2c:42:67:22:56:c1:93:01:d4:f3:e3:87:33:71:
4e:3a:8e:7d:00:ff:f9:85:ab:9c:b6:85:29:95:6f:72:9c:5d:
5d:29:15:b9:a1:a7:55:2a:cc:b5:ed:22:96:d9:8c:a6:5f:8a:
e8:b7:70:37:80:cd:a7:0b:a2:4b:87:d7:6f:d4:18:f1:a7:89:
56:45:d1:c6
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYQEyP7GK0Z7TdJraQDF4HKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIzMTIxOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRkOTEzNWNmMjczYTkyMzlhNTU3OGE1NTVhMWQ4ZmNlZTRmNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslbYyW8djXSRYZ7pBn629JJH4v5H
t8wieBuTRnkxqGG87suipYYvN/TOUvCU9p+kF9j+UthdGQ0qFu23bwTQ5aSxHxYJ
VKu1XxUxLCX3aBrYy35Odz6DePY2nD7X86JCPiqK89snuY/r9zWUPotr9Df42Fcw
e6PJCql5kNm8J7bI3LymoztzBA1bgR87ptz1tyTRJA5mPHb8pWFeXv+R2NI+UxUq
klWt8IGZYtVj7Uc14GoYlbbsh+IXiV5m0dL7uy9vpFd7A/LIkcV87oLzJvkdfo9V
ycXoY88aSlRTHG8JJXlyXEDq9+WP/oz0PGbtP/hi6ZRBtOOKLGldkpymrwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFN5NkTXPJzqSOaVXilVaHY/O5PdkMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvM2syUk5jOG5PcEk1cFZlS1ZWb2RqODdrOTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQC
ubBoAwQCueR8AwQAue+gAwQAue+jMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQEL
BQADggEBAIHTwPuDMn6rwR/K/aacnoX0CukJmcsV7w7H7IvVkc5VrwKkvBz2v3A7
as7YpVqOMONyuPX7AwRta4j1m+4NapDXtGBUh1GEtlwoHTJUsCm2S6IHGKMEHkeZ
J93tV1pyuyPBx9jFCWRv5HDGGtbmOF1R/aU+4z5OFZDiDx31C68SYaX9OW7jF7s7
SPQxAXTN8ffcBN1yqpjUEbB/cTGWyMCylthz3wOVfivnmZn39LkfVlviMFA2Kiss
QmciVsGTAdTz44czcU46jn0A//mFq5y2hSmVb3KcXV0pFbmhp1UqzLXtIpbZjKZf
iui3cDeAzacLokuH12/UGPGniVZF0cY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org