Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3NH0k6p8I1rzxbe-fnRCpvP8iOk.roa
File: 3NH0k6p8I1rzxbe-fnRCpvP8iOk.roa (raw, json)
Hash identifier: OMA/8B8ybRbFp4BTdlmol0SqtyoODUOumdwTKUPnUe4=
Subject key identifier: DC:D1:F4:93:AA:7C:23:5A:F3:C5:B7:BE:7E:74:42:A6:F3:FC:88:E9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2795DAB6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3NH0k6p8I1rzxbe-fnRCpvP8iOk.roa
Signing time: Sat 01 Jan 2022 16:08:21 +0000
ROA not before: Sat 01 Jan 2022 16:08:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44546
IP address blocks: 151.249.128.0/17 maxlen: 24
31.148.0.0/16 maxlen: 24
91.201.20.0/22 maxlen: 24
93.170.0.0/15 maxlen: 24
92.253.128.0/17 maxlen: 24
146.120.0.0/16 maxlen: 24
92.38.0.0/17 maxlen: 24
146.158.0.0/17 maxlen: 24
95.46.0.0/15 maxlen: 24
185.67.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664132278 (0x2795dab6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcd1f493aa7c235af3c5b7be7e7442a6f3fc88e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:49:f7:08:06:6d:3c:a4:a3:58:82:21:ed:
e2:b5:39:61:64:f0:aa:3f:8d:f1:82:96:cd:fa:02:
bc:ff:b7:c9:56:49:8e:b7:c4:9c:80:fc:4d:af:51:
7f:73:ea:bd:a6:7f:9d:2d:61:d8:92:0f:e7:7f:e1:
ce:a7:df:5a:1a:06:e6:5a:bc:af:0b:9f:b6:b5:ba:
91:5e:d4:27:9d:89:99:ea:b1:b5:19:25:c0:52:ce:
53:c5:ed:aa:1a:e7:76:b6:50:23:0a:0d:85:24:11:
ae:80:7b:0a:ce:a7:02:c3:ea:e1:25:00:6f:9a:e3:
c0:b8:a4:28:53:f9:cc:5e:31:c3:44:bf:62:54:1c:
15:05:16:0a:1a:c4:2c:88:fd:7c:b1:3d:52:cb:29:
9d:62:a0:3f:a0:26:91:e9:90:64:49:56:1a:56:45:
e1:4a:fd:dc:31:93:53:19:51:71:6c:25:c0:1e:d8:
9b:27:a9:6c:ca:8f:8a:fa:2a:7a:45:2f:b1:16:9a:
ce:a8:a7:8c:da:43:44:4b:5e:69:12:89:d2:53:ec:
f7:08:2a:fe:c6:1e:55:3e:d4:07:d2:02:d4:a6:c8:
e9:a1:55:50:5c:43:43:85:30:79:56:bd:97:98:ab:
5f:5c:02:a4:e5:e1:af:41:8f:37:d4:64:a9:4d:b9:
23:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D1:F4:93:AA:7C:23:5A:F3:C5:B7:BE:7E:74:42:A6:F3:FC:88:E9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3NH0k6p8I1rzxbe-fnRCpvP8iOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.0.0/16
91.201.20.0/22
92.38.0.0/17
92.253.128.0/17
93.170.0.0/15
95.46.0.0/15
146.120.0.0/16
146.158.0.0/17
151.249.128.0/17
185.67.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:eb:61:b5:a4:f9:f2:85:ec:f1:f1:01:9f:77:dc:97:e3:0d:
fc:6a:f8:fe:ca:a7:87:5c:df:12:f9:0f:3c:d9:c8:63:7f:49:
f9:e6:6a:5e:4d:2b:3b:6e:82:56:8a:3b:95:79:28:56:f1:e7:
0f:11:8a:70:03:46:e9:5f:d8:42:f9:c8:ce:a1:5d:86:8a:d3:
8f:16:95:0e:ce:75:68:f5:7a:c1:8e:c2:69:8b:4f:22:04:4c:
76:60:f6:8d:43:03:1c:c3:d4:8c:58:a4:14:77:8c:09:8a:35:
fb:f3:0f:b1:83:68:9e:bc:64:a0:a1:73:26:07:49:0f:b0:48:
22:9d:17:d4:9a:06:e2:a4:25:e6:a2:5c:ad:f3:37:82:df:3a:
9b:bb:fa:7a:4f:6a:8e:06:d3:b3:a4:1e:fa:0f:1b:3e:28:8c:
00:96:20:1e:16:30:20:b0:b2:78:0f:b4:6e:f2:55:81:eb:b9:
09:4c:1f:4c:b2:ca:2f:5c:6f:9b:15:eb:35:3e:27:cb:b3:cb:
2c:68:56:4d:26:dd:2a:b2:07:d9:9e:3b:b8:e2:85:07:de:38:
96:cd:43:21:d3:6a:b4:3c:73:3a:77:c8:09:08:55:a9:86:5b:
ee:df:42:a0:74:6b:7b:e1:40:e2:e1:47:c3:3a:28:6b:22:a3:
f7:46:6e:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEJ5XatjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNkMWY0OTNhYTdj
MjM1YWYzYzViN2JlN2U3NDQyYTZmM2ZjODhlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKakSfcIBm08pKNYgiHt4rU5YWTwqj+N8YKWzfoCvP+3yVZJ
jrfEnID8Ta9Rf3PqvaZ/nS1h2JIP53/hzqffWhoG5lq8rwuftrW6kV7UJ52Jmeqx
tRklwFLOU8XtqhrndrZQIwoNhSQRroB7Cs6nAsPq4SUAb5rjwLikKFP5zF4xw0S/
YlQcFQUWChrELIj9fLE9UsspnWKgP6AmkemQZElWGlZF4Ur93DGTUxlRcWwlwB7Y
myepbMqPivoqekUvsRaazqinjNpDREteaRKJ0lPs9wgq/sYeVT7UB9IC1KbI6aFV
UFxDQ4UweVa9l5irX1wCpOXhr0GPN9RkqU25I70CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTc0fSTqnwjWvPFt75+dEKm8/yI6TAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
LzNOSDBrNnA4STFyenhiZS1mblJDcHZQOGlPay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMDAB+UAwQCW8kUAwQHXCYAAwQHXP2A
AwMBXaoDAwFfLgMDAJJ4AwQHkp4AAwQHl/mAAwQCuUP8MA0GCSqGSIb3DQEBCwUA
A4IBAQCM62G1pPnyhezx8QGfd9yX4w38avj+yqeHXN8S+Q882chjf0n55mpeTSs7
boJWijuVeShW8ecPEYpwA0bpX9hC+cjOoV2GitOPFpUOznVo9XrBjsJpi08iBEx2
YPaNQwMcw9SMWKQUd4wJijX78w+xg2ievGSgoXMmB0kPsEginRfUmgbipCXmolyt
8zeC3zqbu/p6T2qOBtOzpB76Dxs+KIwAliAeFjAgsLJ4D7Ru8lWB67kJTB9Mssov
XG+bFes1PifLs8ssaFZNJt0qsgfZnju44oUH3jiWzUMh02q0PHM6d8gJCFWphlvu
30KgdGt74UDi4UfDOihrIqP3Rm77
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:41 2023 by rpki-client on console-fra.rpki-client.org