Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/3NT--2Tih2aeoqjJV-V_0F5-GCU.roa
File: 3NT--2Tih2aeoqjJV-V_0F5-GCU.roa (raw, json)
Hash identifier: jqRED7aSyIygxwuh+pbxB3qOTnYu8RTktsWl3xsqC3w=
Subject key identifier: DC:D4:FE:FB:64:E2:87:66:9E:A2:A8:C9:57:E5:7F:D0:5E:7E:18:25
Certificate issuer: /CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Certificate serial: 01856FC26072CD435BD3866DAD60669129F2
Authority key identifier: 3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/3NT--2Tih2aeoqjJV-V_0F5-GCU.roa
Signing time: Sun 01 Jan 2023 23:54:47 +0000
ROA not before: Sun 01 Jan 2023 23:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 194.246.8.0/23 maxlen: 23
194.246.14.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:60:72:cd:43:5b:d3:86:6d:ad:60:66:91:29:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Validity
Not Before: Jan 1 23:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd4fefb64e287669ea2a8c957e57fd05e7e1825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7c:05:e6:10:d0:43:c9:54:61:2f:ff:8f:90:
84:37:ef:ea:36:81:4b:ad:4e:f3:ef:47:30:49:3d:
64:f7:84:bb:ed:c6:c8:b6:60:cf:9f:aa:a0:69:c0:
a8:00:ca:36:a9:ac:16:1e:83:f6:0e:1a:2c:d3:98:
42:bd:3f:50:54:2c:9b:a2:17:c6:1a:3c:66:65:cb:
6b:af:23:67:70:7a:6b:ff:a6:a7:3c:72:5e:b6:a6:
ed:79:9a:73:72:16:f0:b5:71:0f:28:88:9b:c3:ea:
0e:c7:c2:98:50:a2:70:6c:9d:97:64:38:f0:be:a0:
57:f1:58:20:a8:10:f9:5c:de:7f:bb:8f:0b:99:a7:
52:39:77:6c:61:38:40:eb:20:fc:d1:e1:86:f6:8d:
9b:6f:ca:16:26:b7:c8:fe:1e:f9:d9:e5:db:00:97:
7c:32:3f:92:ef:ea:c4:3d:7c:a6:17:b1:27:d8:52:
a6:fa:57:dc:7d:2d:88:b8:d9:5a:2d:d9:57:b7:ef:
ed:b6:e2:dd:b1:da:dc:2c:6e:42:5d:b4:20:f6:bb:
ae:40:22:8e:de:8b:46:07:71:cd:84:38:fe:36:49:
2d:0c:92:26:d5:4a:9f:ca:86:b6:d4:1d:90:d4:f4:
4d:78:82:2a:0d:6b:67:d1:14:3f:47:49:43:5d:24:
78:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D4:FE:FB:64:E2:87:66:9E:A2:A8:C9:57:E5:7F:D0:5E:7E:18:25
X509v3 Authority Key Identifier:
keyid:3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/3NT--2Tih2aeoqjJV-V_0F5-GCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.8.0/23
194.246.14.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:73:86:00:ac:26:a7:4a:5a:45:14:bc:34:fb:64:af:e0:81:
c1:87:d1:88:00:0d:f0:c5:ff:82:ed:2d:dc:48:2f:3a:bc:27:
f0:c4:1e:f8:fb:32:51:26:3d:81:3f:c1:5c:98:c9:91:e3:b7:
6b:96:7c:5a:cf:85:36:4f:d6:84:ff:43:cc:58:52:fc:55:1a:
9b:6b:39:4b:40:c4:d4:73:1c:13:a3:2a:26:d4:b2:8e:7f:c3:
60:05:4b:b4:e6:e9:e7:1b:d8:79:82:92:e0:58:60:7f:55:36:
c2:43:87:36:e0:ec:c9:e5:8b:82:18:5d:c8:a3:e9:3d:11:37:
be:22:0c:90:42:0c:e6:1d:59:ce:8c:cc:7a:8d:63:04:a9:ba:
5d:4c:b4:ac:ae:d8:25:d6:b2:2b:57:40:be:bb:34:78:87:05:
f9:ef:c3:ce:24:02:f1:c2:24:99:a8:82:6d:af:db:9b:cf:d3:
d7:34:c3:3f:b1:e2:50:9a:7c:18:da:58:eb:df:f0:a0:d7:86:
cf:12:21:80:4d:8c:5a:a2:2c:13:6b:6d:6e:d0:ef:ef:96:b7:
61:65:f0:1b:db:c5:15:48:3b:5a:17:bf:8e:08:be:58:34:0f:
b3:ba:54:de:70:50:63:e5:2e:89:d6:59:a4:1f:6f:ba:16:fb:
6b:78:b6:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvwmByzUNb04ZtrWBmkSnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTZjZWNmZmQ5YjhiYmExOGQ0NzRlN2IzOTkzZTBhMWQx
NGRiYjMwHhcNMjMwMTAxMjM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q0ZmVmYjY0ZTI4NzY2OWVhMmE4Yzk1N2U1N2ZkMDVlN2UxODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHwF5hDQQ8lUYS//j5CEN+/qNoFL
rU7z70cwST1k94S77cbItmDPn6qgacCoAMo2qawWHoP2Dhos05hCvT9QVCybohfG
GjxmZctrryNncHpr/6anPHJetqbteZpzchbwtXEPKIibw+oOx8KYUKJwbJ2XZDjw
vqBX8VggqBD5XN5/u48LmadSOXdsYThA6yD80eGG9o2bb8oWJrfI/h752eXbAJd8
Mj+S7+rEPXymF7En2FKm+lfcfS2IuNlaLdlXt+/ttuLdsdrcLG5CXbQg9ruuQCKO
3otGB3HNhDj+NkktDJIm1Uqfyoa21B2Q1PRNeIIqDWtn0RQ/R0lDXSR4VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNzU/vtk4odmnqKoyVflf9BefhglMB8GA1UdIwQY
MBaAFD7mzs/9m4u6GNR057OZPgodFNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHViT3pfMmJpN29ZMUhUbnM1ay1DaDBVMjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNjFjYWEtMjUwMC00Mzg4LWE5ZmEt
NzMyNDkxMzk3NWQ1LzEvM05ULS0yVGloMmFlb3FqSlYtVl8wRjUtR0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNjFjYWEtMjUwMC00Mzg4LWE5ZmEtNzMyNDkxMzk3NWQ1
LzEvUHViT3pfMmJpN29ZMUhUbnM1ay1DaDBVMjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwvYIAwQB
wvYOMA0GCSqGSIb3DQEBCwUAA4IBAQCfc4YArCanSlpFFLw0+2Sv4IHBh9GIAA3w
xf+C7S3cSC86vCfwxB74+zJRJj2BP8FcmMmR47drlnxaz4U2T9aE/0PMWFL8VRqb
azlLQMTUcxwToyom1LKOf8NgBUu05unnG9h5gpLgWGB/VTbCQ4c24OzJ5YuCGF3I
o+k9ETe+IgyQQgzmHVnOjMx6jWMEqbpdTLSsrtgl1rIrV0C+uzR4hwX578POJALx
wiSZqIJtr9ubz9PXNMM/seJQmnwY2ljr3/Cg14bPEiGATYxaoiwTa21u0O/vlrdh
ZfAb28UVSDtaF7+OCL5YNA+zulTecFBj5S6J1lmkH2+6FvtreLa0
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:27:28 2025 by rpki-client