Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/3oLcllf7yZJclvlRwW-rY9BDf5A.roa
File: 3oLcllf7yZJclvlRwW-rY9BDf5A.roa (raw, json)
Hash identifier: rN+Bmpq0FFRxcZ08qPbbpzLJxtTe7omXPEXzwX6fpgM=
Subject key identifier: DE:82:DC:96:57:FB:C9:92:5C:96:F9:51:C1:6F:AB:63:D0:43:7F:90
Certificate issuer: /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial: 0724D4FB
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/3oLcllf7yZJclvlRwW-rY9BDf5A.roa
Signing time: Thu 30 Jun 2022 11:46:02 +0000
ROA not before: Thu 30 Jun 2022 11:46:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198537
IP address blocks: 45.159.238.0/24 maxlen: 24
45.159.239.0/24 maxlen: 24
45.159.237.0/24 maxlen: 24
45.159.238.0/23 maxlen: 23
45.159.236.0/24 maxlen: 24
45.159.236.0/22 maxlen: 22
45.159.236.0/23 maxlen: 23
185.146.54.0/23 maxlen: 23
185.146.55.0/24 maxlen: 24
185.146.53.0/24 maxlen: 24
185.146.54.0/24 maxlen: 24
185.146.52.0/24 maxlen: 24
185.146.52.0/22 maxlen: 22
185.146.52.0/23 maxlen: 23
91.236.35.0/24 maxlen: 24
91.236.32.0/22 maxlen: 22
91.236.32.0/23 maxlen: 23
91.236.33.0/24 maxlen: 24
91.236.34.0/24 maxlen: 24
91.236.34.0/23 maxlen: 23
91.236.32.0/24 maxlen: 24
77.83.42.0/24 maxlen: 24
77.83.43.0/24 maxlen: 24
77.83.40.0/23 maxlen: 23
77.83.40.0/22 maxlen: 22
77.83.40.0/24 maxlen: 24
77.83.41.0/24 maxlen: 24
77.83.42.0/23 maxlen: 23
37.221.102.0/23 maxlen: 23
37.221.102.0/24 maxlen: 24
37.221.103.0/24 maxlen: 24
37.221.100.0/24 maxlen: 24
37.221.101.0/24 maxlen: 24
37.221.100.0/23 maxlen: 23
37.221.100.0/22 maxlen: 22
194.53.1.0/24 maxlen: 24
194.53.2.0/24 maxlen: 24
2a07:4bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119854331 (0x724d4fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
Validity
Not Before: Jun 30 11:46:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de82dc9657fbc9925c96f951c16fab63d0437f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:90:d8:44:86:fb:91:66:51:31:73:36:4c:ac:
68:d6:ac:fe:11:98:79:1b:37:8c:92:82:06:02:8a:
61:26:a3:d3:c2:59:1a:67:d4:21:a6:1c:b8:49:da:
f4:03:a7:cc:39:84:52:d8:45:87:e8:4f:78:12:29:
a5:37:49:a7:aa:3f:94:55:f5:ff:4b:26:49:fd:68:
e7:d7:4c:58:3f:1e:c6:e4:57:18:6b:df:e3:15:95:
c7:2f:4d:b0:ed:8d:26:e4:fe:5e:a5:b7:b0:2d:6e:
ab:71:4a:4c:6b:82:72:8c:e4:36:a2:c2:53:72:38:
92:95:78:2b:64:da:03:f9:5f:53:00:e9:85:f5:8b:
43:37:3c:be:7d:60:f9:7c:30:c6:ad:04:1f:d5:71:
e3:af:31:2f:29:9d:67:88:35:da:95:c5:30:b4:6a:
ac:db:cd:1f:58:87:b7:1c:44:05:81:2e:ca:1e:ab:
60:79:e9:5f:8f:1e:94:70:09:52:fe:80:89:9c:bd:
64:d1:25:9b:53:9d:26:05:06:19:b2:bc:55:e1:4d:
7d:13:d4:65:fd:8c:4e:8b:00:ae:dd:97:d5:b6:3d:
91:bc:f9:6e:97:12:78:4d:75:86:ab:69:2b:17:e6:
00:18:ec:a8:4e:8a:0f:6b:40:66:80:d8:45:88:fa:
53:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:82:DC:96:57:FB:C9:92:5C:96:F9:51:C1:6F:AB:63:D0:43:7F:90
X509v3 Authority Key Identifier:
keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/3oLcllf7yZJclvlRwW-rY9BDf5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.100.0/22
45.159.236.0/22
77.83.40.0/22
91.236.32.0/22
185.146.52.0/22
194.53.1.0-194.53.2.255
IPv6:
2a07:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
20:22:0f:85:f2:43:a6:56:2e:15:be:45:35:45:30:6a:8b:d5:
7d:9a:d9:34:12:5d:ed:32:d8:c6:32:ee:fd:e9:b9:13:fd:ca:
a3:dc:9b:f1:34:de:15:3f:2c:30:98:fd:8d:8b:b1:06:83:d0:
c0:48:af:7b:70:c6:59:0c:7f:34:a4:51:1d:f8:37:e8:ca:64:
40:b9:f6:0f:6d:50:35:7c:6c:76:b0:13:b8:cb:0a:2d:18:85:
ed:1e:b4:04:50:f3:12:3b:89:0d:45:6b:5a:d7:00:9b:8f:e0:
36:70:dc:60:ac:7f:97:57:70:2d:be:c1:13:63:12:c1:67:8b:
2b:c8:53:ee:1e:fe:49:40:64:d5:1d:ef:95:05:c5:d4:16:2e:
4a:0d:80:a0:8d:2a:7d:98:68:6b:b6:29:0c:01:59:65:99:3b:
6d:78:ef:7e:d9:fe:73:a7:8a:18:a1:0c:87:1d:d4:f2:38:9c:
de:4d:97:41:ad:0e:66:ea:a9:98:da:01:c0:71:65:22:a7:9e:
03:5f:30:23:c4:be:9e:0b:68:17:fd:8c:e7:52:fc:a0:b2:de:
b3:e3:26:50:68:99:9a:dd:44:ec:f9:a5:39:0e:09:71:02:3d:
b0:2f:50:ef:e8:03:63:e2:b5:d1:ab:f1:dd:b8:1c:44:00:69:
13:db:ff:bc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEByTU+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmJjYWUyYjI5MGM4MDFkNTdkMDlkMDI1YTkzNDhlMTY3MDZmMTgyMB4XDTIyMDYz
MDExNDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU4MmRjOTY1N2Zi
Yzk5MjVjOTZmOTUxYzE2ZmFiNjNkMDQzN2Y5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuQ2ESG+5FmUTFzNkysaNas/hGYeRs3jJKCBgKKYSaj08JZ
GmfUIaYcuEna9AOnzDmEUthFh+hPeBIppTdJp6o/lFX1/0smSf1o59dMWD8exuRX
GGvf4xWVxy9NsO2NJuT+XqW3sC1uq3FKTGuCcozkNqLCU3I4kpV4K2TaA/lfUwDp
hfWLQzc8vn1g+Xwwxq0EH9Vx468xLymdZ4g12pXFMLRqrNvNH1iHtxxEBYEuyh6r
YHnpX48elHAJUv6AiZy9ZNElm1OdJgUGGbK8VeFNfRPUZf2MTosArt2X1bY9kbz5
bpcSeE11hqtpKxfmABjsqE6KD2tAZoDYRYj6U+sCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBTegtyWV/vJklyW+VHBb6tj0EN/kDAfBgNVHSMEGDAWgBT/vK4rKQyAHVfQ
nQJak0jhZwbxgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L183eXVLeWtNZ0IxWDBKMENXcE5JNFdjRzhZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNTliY2QxLTFlMGItNDg1ZC05NTEwLTA5NmFmNDc4ZjA0Yi8x
LzNvTGNsbGY3eVpKY2x2bFJ3Vy1yWTlCRGY1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NTliY2QxLTFlMGItNDg1ZC05NTEwLTA5NmFmNDc4ZjA0Yi8xL183eXVLeWtNZ0Ix
WDBKMENXcE5JNFdjRzhZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAiXdZAMEAi2f7AMEAk1TKAMEAlvs
IAMEArmSNDAMAwQAwjUBAwQAwjUCMA0EAgACMAcDBQMqB0vAMA0GCSqGSIb3DQEB
CwUAA4IBAQAgIg+F8kOmVi4VvkU1RTBqi9V9mtk0El3tMtjGMu796bkT/cqj3Jvx
NN4VPywwmP2Ni7EGg9DASK97cMZZDH80pFEd+DfoymRAufYPbVA1fGx2sBO4ywot
GIXtHrQEUPMSO4kNRWta1wCbj+A2cNxgrH+XV3AtvsETYxLBZ4sryFPuHv5JQGTV
He+VBcXUFi5KDYCgjSp9mGhrtikMAVllmTtteO9+2f5zp4oYoQyHHdTyOJzeTZdB
rQ5m6qmY2gHAcWUip54DXzAjxL6eC2gX/YznUvygst6z4yZQaJma3UTs+aU5Dglx
Aj2wL1Dv6ANj4rXRq/HduBxEAGkT2/+8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:25 2023 by rpki-client on console-fra.rpki-client.org