Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/3gUDZN1E_3vs3dSnW1xggWB_Wpg.roa
File: 3gUDZN1E_3vs3dSnW1xggWB_Wpg.roa (raw, json)
Hash identifier: iIVhnjTd1YnS0kkxKOVJ4KDEeMAK2Su3CNwxqOI3dwc=
Subject key identifier: DE:05:03:64:DD:44:FF:7B:EC:DD:D4:A7:5B:5C:60:81:60:7F:5A:98
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 01856DC1B66CBFBC34923072A4D372804F31
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/3gUDZN1E_3vs3dSnW1xggWB_Wpg.roa
Signing time: Sun 01 Jan 2023 14:34:49 +0000
ROA not before: Sun 01 Jan 2023 14:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47262
IP address blocks: 212.120.192.0/19 maxlen: 19
46.245.0.0/18 maxlen: 20
95.81.64.0/24 maxlen: 24
95.81.66.0/23 maxlen: 23
95.81.65.0/24 maxlen: 24
95.81.68.0/22 maxlen: 22
95.81.68.0/23 maxlen: 23
95.81.104.0/21 maxlen: 21
2a00:d20::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b6:6c:bf:bc:34:92:30:72:a4:d3:72:80:4f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Jan 1 14:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de050364dd44ff7becddd4a75b5c6081607f5a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:04:c4:39:03:f7:f4:af:d1:1a:bb:76:87:
e8:ae:3e:c8:ef:2b:32:c9:ec:0a:0f:c1:9c:83:b9:
2a:1a:db:3f:a3:38:03:57:0f:f3:55:4e:eb:b2:5e:
ec:3d:54:7e:ff:9b:7f:91:1d:6d:16:d3:3e:a9:14:
a9:00:64:e1:26:63:35:c9:dc:44:e1:63:ab:dd:a3:
f8:a8:89:89:bc:b1:44:17:b9:c2:71:77:94:7d:94:
c5:35:58:36:7e:3b:55:57:14:7e:9f:cd:76:16:e5:
71:04:93:2c:cb:1e:c6:23:eb:5b:f2:7f:76:ec:89:
49:fc:d9:6c:23:81:4a:15:d8:c5:ce:c5:40:67:17:
ca:7e:8d:8f:99:6b:d5:26:2d:fe:3f:da:36:62:15:
10:9a:9a:21:97:84:5a:69:d0:8b:61:1c:1f:b1:bf:
d1:81:9c:6e:6b:29:a8:b1:b7:59:55:58:fc:ba:d1:
df:ff:0f:62:5b:d6:a5:ca:8e:6f:c3:53:a7:62:29:
6c:b3:e5:01:bb:a6:aa:e5:3d:12:77:5b:fe:e2:89:
4d:4f:2b:c0:8b:27:06:c5:bd:be:58:c1:c8:2e:3f:
c8:a8:b0:eb:71:5a:2e:5e:3f:95:7a:f1:6c:07:dc:
79:66:1a:64:e1:6e:45:db:e7:bd:45:48:15:f2:bc:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:05:03:64:DD:44:FF:7B:EC:DD:D4:A7:5B:5C:60:81:60:7F:5A:98
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/3gUDZN1E_3vs3dSnW1xggWB_Wpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.0.0/18
95.81.64.0/21
95.81.104.0/21
212.120.192.0/19
IPv6:
2a00:d20::/32
Signature Algorithm: sha256WithRSAEncryption
3d:2f:bb:7d:d9:4c:98:18:fe:b4:c7:78:02:f1:94:02:39:6a:
d8:0c:ff:6c:71:21:8d:b5:cf:a4:40:88:51:b4:b6:ca:f4:19:
fb:6c:cf:1e:e3:78:28:d6:a9:5e:31:62:a9:6a:b1:1d:24:fe:
3e:8a:24:bd:20:20:68:42:4b:4f:74:81:a4:4b:29:d5:12:bb:
06:0e:45:37:e8:0c:36:27:fc:4d:e2:f3:11:a3:ac:1b:70:7c:
33:4f:9f:3b:50:44:4f:e3:d8:93:c1:f1:af:4d:55:5a:16:2c:
c9:89:1a:90:61:5d:c6:93:14:90:50:b5:b4:9b:d7:c1:20:58:
17:fa:32:ab:44:cf:9d:51:5c:d4:ee:d9:26:6e:18:49:52:82:
fa:a1:8b:41:8a:8b:6b:5e:8f:0b:6f:71:80:6e:6a:17:6c:74:
f8:4d:92:64:2c:c3:09:fb:cc:fc:43:f3:a2:42:b1:bb:fc:72:
ac:16:90:89:48:d5:89:72:7b:83:b3:92:98:6e:18:f8:78:ca:
17:63:99:cf:c5:cb:3f:e9:58:c6:ed:f6:db:3a:dd:43:c8:52:
42:f1:22:bc:86:47:21:a6:90:41:66:1c:3e:ed:12:3b:72:c1:
8e:fd:dd:84:67:b0:4f:31:ca:fc:06:77:e3:f1:1d:e2:8e:60:
1d:5d:9f:d1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtwbZsv7w0kjBypNNygE8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjMwMTAxMTQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA1MDM2NGRkNDRmZjdiZWNkZGQ0YTc1YjVjNjA4MTYwN2Y1YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE8ExDkD9/Sv0Rq7doforj7I7ysy
yewKD8Gcg7kqGts/ozgDVw/zVU7rsl7sPVR+/5t/kR1tFtM+qRSpAGThJmM1ydxE
4WOr3aP4qImJvLFEF7nCcXeUfZTFNVg2fjtVVxR+n812FuVxBJMsyx7GI+tb8n92
7IlJ/NlsI4FKFdjFzsVAZxfKfo2PmWvVJi3+P9o2YhUQmpohl4RaadCLYRwfsb/R
gZxuaymosbdZVVj8utHf/w9iW9alyo5vw1OnYilss+UBu6aq5T0Sd1v+4olNTyvA
iycGxb2+WMHILj/IqLDrcVouXj+VevFsB9x5Zhpk4W5F2+e9RUgV8rw3XQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN4FA2TdRP977N3Up1tcYIFgf1qYMB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEvM2dVRFpOMUVfM3ZzM2RTblcxeGdnV0JfV3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLvUAAwQD
X1FAAwQDX1FoAwQF1HjAMA0EAgACMAcDBQAqAA0gMA0GCSqGSIb3DQEBCwUAA4IB
AQA9L7t92UyYGP60x3gC8ZQCOWrYDP9scSGNtc+kQIhRtLbK9Bn7bM8e43go1qle
MWKparEdJP4+iiS9ICBoQktPdIGkSynVErsGDkU36Aw2J/xN4vMRo6wbcHwzT587
UERP49iTwfGvTVVaFizJiRqQYV3GkxSQULW0m9fBIFgX+jKrRM+dUVzU7tkmbhhJ
UoL6oYtBiotrXo8Lb3GAbmoXbHT4TZJkLMMJ+8z8Q/OiQrG7/HKsFpCJSNWJcnuD
s5KYbhj4eMoXY5nPxcs/6VjG7fbbOt1DyFJC8SK8hkchppBBZhw+7RI7csGO/d2E
Z7BPMcr8Bnfj8R3ijmAdXZ/R
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:22:57 2025 by rpki-client