Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/3jmWjGrxKUR7GXaki1k7MKCACDI.roa
File: 3jmWjGrxKUR7GXaki1k7MKCACDI.roa (raw, json)
Hash identifier: Gd2OZZRg9ScBBss1WYTAUSkPJL09L1WwpMZHHBy6C18=
Subject key identifier: DE:39:96:8C:6A:F1:29:44:7B:19:76:A4:8B:59:3B:30:A0:80:08:32
Certificate issuer: /CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Certificate serial: 0A1048DE
Authority key identifier: 79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/3jmWjGrxKUR7GXaki1k7MKCACDI.roa
Signing time: Sat 01 Jan 2022 15:59:52 +0000
ROA not before: Sat 01 Jan 2022 15:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44763
IP address blocks: 176.241.232.0/21 maxlen: 24
93.93.72.0/21 maxlen: 21
185.79.85.0/24 maxlen: 24
185.79.84.0/24 maxlen: 24
2a00:1548::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168839390 (0xa1048de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Validity
Not Before: Jan 1 15:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de39968c6af129447b1976a48b593b30a0800832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:63:3d:10:db:73:8e:eb:4c:5e:09:81:e6:70:
c1:93:f2:bd:1a:9f:cb:9a:d5:7c:03:c4:76:7b:c4:
31:ea:14:fb:da:1f:8b:30:61:46:fd:83:e3:0d:05:
53:5d:ae:f2:cc:b0:33:66:90:b7:1b:76:c3:cd:38:
d8:bf:a3:dc:5f:8f:d8:ee:94:79:c3:46:49:52:d0:
1a:44:3d:48:b6:de:2a:78:bc:cb:f0:0e:27:e0:af:
0d:fe:fc:66:26:4f:0c:09:4b:f7:35:a2:30:fb:48:
ba:0f:9e:76:c3:82:b8:e7:f0:cd:5b:77:4b:00:99:
24:80:27:d0:d1:cb:a2:ad:94:96:75:b7:b7:65:35:
2f:54:b3:1e:4f:ee:60:28:03:bf:a5:97:aa:07:f2:
d8:11:dd:e3:09:89:ad:42:a9:bb:35:99:f7:c4:c4:
f2:67:bb:de:02:2d:cc:22:1c:61:d1:d2:d9:6f:d6:
2f:16:da:f3:c1:97:82:53:52:6e:b8:4f:50:54:1a:
0c:53:92:74:2f:10:50:dd:16:a6:4c:e3:29:4f:60:
4d:da:6a:40:0d:04:5e:e2:a9:75:d9:e3:3d:99:13:
1d:ab:42:3a:53:65:33:9c:75:31:ef:1e:ca:6f:35:
4a:f4:2f:8b:7b:06:15:2d:5f:4f:59:c4:8a:ca:7f:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:96:8C:6A:F1:29:44:7B:19:76:A4:8B:59:3B:30:A0:80:08:32
X509v3 Authority Key Identifier:
keyid:79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/3jmWjGrxKUR7GXaki1k7MKCACDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/eW0p7jgbUfZF4FQVZo2Sqc56jdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.72.0/21
176.241.232.0/21
185.79.84.0/23
IPv6:
2a00:1548::/32
Signature Algorithm: sha256WithRSAEncryption
94:74:57:66:f4:2b:3d:24:3d:02:d1:91:99:3a:11:e5:bc:9c:
89:ec:c2:60:01:47:92:f0:74:54:c5:af:e9:35:47:5c:82:98:
ec:8a:ce:4e:47:34:ff:90:30:e9:5b:1f:42:04:d9:9b:ba:c3:
13:43:f7:52:3a:55:66:a5:ff:84:86:dc:84:b0:11:d6:40:86:
4e:5f:49:4c:3e:ce:ff:14:44:26:a0:d4:1c:cf:a2:91:44:48:
44:d6:b6:82:91:ae:49:9b:69:64:cc:78:44:52:2c:60:cf:7d:
67:09:e9:56:4b:da:39:5f:a8:8b:4b:19:fd:83:19:91:90:7c:
91:72:07:1f:33:74:98:de:2d:1d:8f:b6:86:81:b4:2f:c3:c1:
4e:12:89:66:6f:03:d4:a1:e1:40:24:af:8f:02:af:3d:0d:e8:
96:6b:0b:86:b1:bc:7c:a1:72:6f:b5:21:72:16:16:b5:fc:55:
01:49:1d:7c:e9:2b:fb:25:4b:c0:cc:ec:82:01:99:93:fd:0e:
09:4e:70:0f:6a:c0:f6:d7:7a:8f:04:e3:be:d6:1c:a7:6c:ea:
4a:42:d0:a8:a3:13:b4:5b:3b:15:21:93:a8:a5:00:53:25:38:
ee:06:cb:3a:f8:3d:c7:4e:22:7a:d5:40:b3:cd:d3:9d:e0:1a:
43:22:3a:6c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEChBI3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTZkMjllZTM4MWI1MWY2NDVlMDU0MTU2NjhkOTJhOWNlN2E4ZGQyMB4XDTIyMDEw
MTE1NTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUzOTk2OGM2YWYx
Mjk0NDdiMTk3NmE0OGI1OTNiMzBhMDgwMDgzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRjPRDbc47rTF4JgeZwwZPyvRqfy5rVfAPEdnvEMeoU+9of
izBhRv2D4w0FU12u8sywM2aQtxt2w8042L+j3F+P2O6UecNGSVLQGkQ9SLbeKni8
y/AOJ+CvDf78ZiZPDAlL9zWiMPtIug+edsOCuOfwzVt3SwCZJIAn0NHLoq2UlnW3
t2U1L1SzHk/uYCgDv6WXqgfy2BHd4wmJrUKpuzWZ98TE8me73gItzCIcYdHS2W/W
Lxba88GXglNSbrhPUFQaDFOSdC8QUN0WpkzjKU9gTdpqQA0EXuKpddnjPZkTHatC
OlNlM5x1Me8eym81SvQvi3sGFS1fT1nEisp/R3sCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTeOZaMavEpRHsZdqSLWTswoIAIMjAfBgNVHSMEGDAWgBR5bSnuOBtR9kXg
VBVmjZKpznqN0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VXMHA3amdiVWZaRjRGUVZabzJTcWM1NmpkSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvMmI4YjJkLWMwMjMtNGRmYi1hNTA0LTQxZjYyZGE0ZWRhYi8x
LzNqbVdqR3J4S1VSN0dYYWtpMWs3TUtDQUNESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
MmI4YjJkLWMwMjMtNGRmYi1hNTA0LTQxZjYyZGE0ZWRhYi8xL2VXMHA3amdiVWZa
RjRGUVZabzJTcWM1NmpkSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA11dSAMEA7Dx6AMEAblPVDANBAIA
AjAHAwUAKgAVSDANBgkqhkiG9w0BAQsFAAOCAQEAlHRXZvQrPSQ9AtGRmToR5byc
iezCYAFHkvB0VMWv6TVHXIKY7IrOTkc0/5Aw6VsfQgTZm7rDE0P3UjpVZqX/hIbc
hLAR1kCGTl9JTD7O/xREJqDUHM+ikURIRNa2gpGuSZtpZMx4RFIsYM99ZwnpVkva
OV+oi0sZ/YMZkZB8kXIHHzN0mN4tHY+2hoG0L8PBThKJZm8D1KHhQCSvjwKvPQ3o
lmsLhrG8fKFyb7UhchYWtfxVAUkdfOkr+yVLwMzsggGZk/0OCU5wD2rA9td6jwTj
vtYcp2zqSkLQqKMTtFs7FSGTqKUAUyU47gbLOvg9x04ietVAs83TneAaQyI6bA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:20 2025 by rpki-client