Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/343dQIWmr1W1cjtIo2zmLfivgGc.roa
File: 343dQIWmr1W1cjtIo2zmLfivgGc.roa (raw, json)
Hash identifier: WdYCRlcELKDIC6RZRtMspP8CzFWIX9GGXW7LuJYa2Wg=
Subject key identifier: DF:8D:DD:40:85:A6:AF:55:B5:72:3B:48:A3:6C:E6:2D:F8:AF:80:67
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 018750980C6B8D1DDB681FF98E322FB6D554
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/343dQIWmr1W1cjtIo2zmLfivgGc.roa
Signing time: Wed 05 Apr 2023 08:45:54 +0000
ROA not before: Wed 05 Apr 2023 08:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 109.198.32.0/20 maxlen: 32
109.198.48.0/20 maxlen: 32
43.252.28.0/22 maxlen: 32
89.184.192.0/19 maxlen: 32
103.211.184.0/23 maxlen: 32
37.61.226.0/24 maxlen: 32
103.225.128.0/22 maxlen: 32
185.10.7.0/24 maxlen: 32
37.200.104.0/21 maxlen: 32
37.61.227.0/24 maxlen: 32
193.151.52.0/22 maxlen: 32
103.30.12.0/22 maxlen: 32
85.208.148.0/22 maxlen: 32
206.204.0.0/18 maxlen: 32
194.32.88.0/22 maxlen: 32
139.5.104.0/22 maxlen: 32
45.114.240.0/22 maxlen: 32
89.104.110.0/23 maxlen: 32
78.156.160.0/20 maxlen: 32
78.156.176.0/20 maxlen: 32
216.194.80.0/20 maxlen: 32
94.46.32.0/21 maxlen: 32
46.182.168.0/22 maxlen: 32
45.130.120.0/22 maxlen: 32
45.12.56.0/22 maxlen: 32
180.94.216.0/22 maxlen: 32
94.46.2.0/23 maxlen: 32
94.46.0.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:98:0c:6b:8d:1d:db:68:1f:f9:8e:32:2f:b6:d5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Apr 5 08:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df8ddd4085a6af55b5723b48a36ce62df8af8067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d3:30:0e:0f:8f:dd:40:cf:d5:05:40:96:ca:
9b:5c:ef:6c:f5:15:4d:4f:d9:33:e0:c7:6f:3d:3c:
c1:56:8a:89:5a:37:8b:11:66:e9:dc:7f:06:91:36:
7d:d6:94:67:23:76:59:60:3a:77:15:25:84:8d:6b:
8d:7b:8e:20:e9:88:4b:f0:ad:85:02:cc:24:fa:71:
6f:48:ab:33:f6:49:42:9f:6b:d0:ca:20:3e:76:62:
a9:c2:68:73:c6:42:04:54:dc:21:06:81:e4:74:e8:
f1:61:f1:90:6d:7c:28:05:39:a2:0d:b8:b4:fd:0f:
44:0c:b1:1a:90:0a:10:b3:88:bd:a9:da:44:85:e5:
97:e5:6e:09:ef:54:e4:85:e8:78:72:99:db:4f:d4:
9b:d7:11:8f:2c:55:f5:a3:e5:8b:ce:c5:9a:fd:61:
e8:49:4b:39:02:e6:c9:f5:36:e5:d9:01:2b:d0:a6:
09:c8:9e:0c:ef:92:f0:1f:d5:71:01:37:0b:d1:5d:
4c:7f:b0:b1:cd:2c:90:a5:a2:c8:35:e7:05:3b:15:
0a:03:66:5b:d1:85:29:4c:05:5a:f1:a2:79:5a:e4:
f9:ae:fb:d8:8c:12:cb:71:96:1a:2e:a0:c0:29:48:
c0:ca:cf:8a:3a:d5:59:ac:c0:26:d9:ca:77:b5:45:
db:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8D:DD:40:85:A6:AF:55:B5:72:3B:48:A3:6C:E6:2D:F8:AF:80:67
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/343dQIWmr1W1cjtIo2zmLfivgGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/23
37.200.104.0/21
43.252.28.0/22
45.12.56.0/22
45.114.240.0/22
45.130.120.0/22
46.182.168.0/22
78.156.160.0/19
85.208.148.0/22
89.104.110.0/23
89.184.192.0/19
94.46.0.0/21
94.46.32.0/21
103.30.12.0/22
103.211.184.0/23
103.225.128.0/22
109.198.32.0/19
139.5.104.0/22
180.94.216.0/22
185.10.7.0/24
193.151.52.0/22
194.32.88.0/22
206.204.0.0/18
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
65:30:c7:8d:95:cb:f3:26:71:3f:a4:d8:72:1a:bc:23:94:08:
cf:8a:03:8a:be:f7:a5:00:42:35:5d:0b:c8:b5:e4:f6:bc:8a:
b5:cf:2d:64:a8:a1:36:61:af:50:ad:63:24:61:ef:e5:5e:64:
ea:88:f7:e0:c5:4c:10:9f:d8:80:06:96:4f:93:ca:f0:8b:68:
e1:61:2b:67:f6:97:aa:b2:9a:f5:b0:e4:78:04:bc:86:e7:6d:
42:b0:e3:a0:42:08:4b:42:eb:8c:96:99:ce:c6:b4:8e:23:62:
74:8c:51:5e:3c:9c:62:c0:24:7a:d9:f8:fc:dc:c3:3c:11:6c:
91:c7:92:14:9d:3c:07:ba:8c:60:64:11:13:0b:33:3d:2f:d4:
6d:ab:16:b7:b2:41:4a:d3:a0:53:7d:3b:85:88:49:0a:56:6f:
b8:01:74:24:6c:2c:59:0e:18:0c:fd:a3:65:53:7b:18:1e:ab:
62:18:ab:38:71:d0:af:99:58:a4:77:4e:ee:5f:1e:05:71:34:
83:40:a8:3e:58:2e:53:4f:c8:26:75:d6:55:94:df:07:ce:5a:
2c:95:47:09:9d:e0:80:c8:b7:80:85:24:97:a3:4a:aa:62:cc:
8e:ec:18:03:b3:ea:29:13:02:99:1d:e5:93:c8:7d:cf:bf:cb:
18:86:57:c0
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYdQmAxrjR3baB/5jjIvttVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNDA1MDg0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhkZGQ0MDg1YTZhZjU1YjU3MjNiNDhhMzZjZTYyZGY4YWY4MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNMwDg+P3UDP1QVAlsqbXO9s9RVN
T9kz4MdvPTzBVoqJWjeLEWbp3H8GkTZ91pRnI3ZZYDp3FSWEjWuNe44g6YhL8K2F
Aswk+nFvSKsz9klCn2vQyiA+dmKpwmhzxkIEVNwhBoHkdOjxYfGQbXwoBTmiDbi0
/Q9EDLEakAoQs4i9qdpEheWX5W4J71Tkheh4cpnbT9Sb1xGPLFX1o+WLzsWa/WHo
SUs5AubJ9Tbl2QEr0KYJyJ4M75LwH9VxATcL0V1Mf7CxzSyQpaLINecFOxUKA2Zb
0YUpTAVa8aJ5WuT5rvvYjBLLcZYaLqDAKUjAys+KOtVZrMAm2cp3tUXb3QIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFN+N3UCFpq9VtXI7SKNs5i34r4BnMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvMzQzZFFJV21yMVcxY2p0SW8yem1MZml2Z0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAEl
PeIDBAMlyGgDBAIr/BwDBAItDDgDBAItcvADBAItgngDBAIutqgDBAVOnKADBAJV
0JQDBAFZaG4DBAVZuMADBANeLgADBANeLiADBAJnHgwDBAFn07gDBAJn4YADBAVt
xiADBAKLBWgDBAK0XtgDBAC5CgcDBALBlzQDBALCIFgDBAbOzAADBATYwlAwDQYJ
KoZIhvcNAQELBQADggEBAGUwx42Vy/MmcT+k2HIavCOUCM+KA4q+96UAQjVdC8i1
5Pa8irXPLWSooTZhr1CtYyRh7+VeZOqI9+DFTBCf2IAGlk+TyvCLaOFhK2f2l6qy
mvWw5HgEvIbnbUKw46BCCEtC64yWmc7GtI4jYnSMUV48nGLAJHrZ+PzcwzwRbJHH
khSdPAe6jGBkERMLMz0v1G2rFreyQUrToFN9O4WISQpWb7gBdCRsLFkOGAz9o2VT
exgeq2IYqzhx0K+ZWKR3Tu5fHgVxNINAqD5YLlNPyCZ11lWU3wfOWiyVRwmd4IDI
t4CFJJejSqpizI7sGAOz6ikTApkd5ZPIfc+/yxiGV8A=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:29 2025 by rpki-client