Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/3B5usj5ZTeBuqoQWa4RJkvcYvbk.roa
File: 3B5usj5ZTeBuqoQWa4RJkvcYvbk.roa (raw, json)
Hash identifier: HV+yc3fWRtorXTZtMRktUeaFvY79NvvUlrphCXWryKo=
Subject key identifier: DC:1E:6E:B2:3E:59:4D:E0:6E:AA:84:16:6B:84:49:92:F7:18:BD:B9
Certificate issuer: /CN=985d472fa538204f1c23e8b6a758073b80cfc199
Certificate serial: 01856DCAEDB5F51D9F05B2405AF2979C2213
Authority key identifier: 98:5D:47:2F:A5:38:20:4F:1C:23:E8:B6:A7:58:07:3B:80:CF:C1:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/3B5usj5ZTeBuqoQWa4RJkvcYvbk.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212603
IP address blocks: 195.200.194.0/24 maxlen: 24
45.143.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ed:b5:f5:1d:9f:05:b2:40:5a:f2:97:9c:22:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985d472fa538204f1c23e8b6a758073b80cfc199
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc1e6eb23e594de06eaa84166b844992f718bdb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e8:6f:90:0d:7d:bf:10:36:c1:b6:37:90:14:
fe:9c:a3:87:64:dc:9d:98:5a:82:93:2c:88:e8:62:
4f:0b:59:88:61:a2:07:63:26:72:6e:0b:96:ed:72:
54:85:63:d7:b3:87:c6:bd:34:82:d9:86:ed:4d:ac:
b8:b5:37:bf:cd:09:3b:da:cd:d0:b3:19:2d:51:c3:
ce:64:e7:03:e3:36:c7:f9:d8:d2:c0:1c:d5:64:65:
e1:f2:8b:8b:8d:3b:c0:fb:f2:15:bb:1e:04:7c:16:
4a:96:f7:ea:f9:f6:9f:1a:53:b8:76:c3:e3:3c:1f:
73:f1:9f:90:9c:20:4f:9c:59:58:b9:1e:a2:f4:80:
63:94:5f:d8:2f:d4:5f:c3:23:15:a2:c2:76:43:36:
ca:b7:2d:72:9b:5d:43:23:df:03:f0:b6:84:24:f8:
f5:b5:61:21:95:ac:a4:f1:8c:4a:86:5a:4c:cb:61:
93:b3:44:53:d3:7f:ce:5c:f4:a1:45:c5:c9:59:ef:
12:cf:16:60:2f:15:df:95:4f:85:08:aa:47:99:59:
07:ae:20:94:05:b6:73:4d:d3:d5:32:ea:87:b8:6d:
f4:da:60:25:32:d5:64:e4:a1:81:eb:94:81:bf:38:
01:79:00:48:e2:8f:5e:95:19:e4:af:61:16:fc:aa:
ab:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1E:6E:B2:3E:59:4D:E0:6E:AA:84:16:6B:84:49:92:F7:18:BD:B9
X509v3 Authority Key Identifier:
keyid:98:5D:47:2F:A5:38:20:4F:1C:23:E8:B6:A7:58:07:3B:80:CF:C1:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/3B5usj5ZTeBuqoQWa4RJkvcYvbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/mF1HL6U4IE8cI-i2p1gHO4DPwZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.176.0/22
195.200.194.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fc:78:a0:76:a3:35:52:45:eb:cc:2b:cc:4e:cb:3f:0a:f2:
8f:f9:fe:6c:63:c0:ff:b3:67:9b:e2:6e:d4:e1:24:23:a7:d1:
ae:f0:73:a8:9e:72:be:e4:34:28:55:28:40:f3:fb:0a:61:d5:
84:f5:29:f1:86:c6:7f:f9:b0:bb:92:c0:64:a6:ff:69:6f:51:
eb:16:f6:55:6b:40:a1:18:43:ab:0f:0e:d9:7c:87:8d:5f:2f:
19:3d:6b:cd:ca:02:80:20:be:cf:df:c5:47:b9:62:d9:88:ed:
da:4e:03:8f:75:62:a8:6a:ce:b4:d9:5e:f7:75:95:a9:08:c6:
ed:70:57:7d:3e:1f:c0:5a:e9:cf:ab:b7:b3:b1:98:47:e6:34:
72:35:47:cc:0e:f0:70:37:3d:c6:0c:cb:7f:34:78:01:34:02:
88:60:1e:4c:cb:60:f9:39:32:1a:81:c2:6e:09:88:9d:38:70:
22:c6:c9:65:86:2c:01:4f:86:ea:bf:65:77:d9:81:de:ab:d2:
22:10:7f:1c:cf:08:d4:5c:23:88:1f:99:46:cf:43:af:41:37:
f9:6d:c6:68:a3:ce:34:9e:b4:37:87:27:87:e5:f6:14:df:a1:
57:de:c9:62:be:da:29:e1:b3:4b:89:4c:e3:63:8b:e2:f1:e5:
b6:16:7f:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtyu219R2fBbJAWvKXnCITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWQ0NzJmYTUzODIwNGYxYzIzZThiNmE3NTgwNzNiODBj
ZmMxOTkwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzFlNmViMjNlNTk0ZGUwNmVhYTg0MTY2Yjg0NDk5MmY3MThiZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+hvkA19vxA2wbY3kBT+nKOHZNyd
mFqCkyyI6GJPC1mIYaIHYyZybguW7XJUhWPXs4fGvTSC2YbtTay4tTe/zQk72s3Q
sxktUcPOZOcD4zbH+djSwBzVZGXh8ouLjTvA+/IVux4EfBZKlvfq+fafGlO4dsPj
PB9z8Z+QnCBPnFlYuR6i9IBjlF/YL9RfwyMVosJ2QzbKty1ym11DI98D8LaEJPj1
tWEhlayk8YxKhlpMy2GTs0RT03/OXPShRcXJWe8SzxZgLxXflU+FCKpHmVkHriCU
BbZzTdPVMuqHuG302mAlMtVk5KGB65SBvzgBeQBI4o9elRnkr2EW/KqrjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNwebrI+WU3gbqqEFmuESZL3GL25MB8GA1UdIwQY
MBaAFJhdRy+lOCBPHCPotqdYBzuAz8GZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUYxSEw2VTRJRThjSS1pMnAxZ0hPNERQd1prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jMjhlYmMtNzQ5Zi00OGY2LTg5YTIt
ZWRjMzE2MjIyNjQ0LzEvM0I1dXNqNVpUZUJ1cW9RV2E0UkprdmNZdmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jMjhlYmMtNzQ5Zi00OGY2LTg5YTItZWRjMzE2MjIyNjQ0
LzEvbUYxSEw2VTRJRThjSS1pMnAxZ0hPNERQd1prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY+wAwQA
w8jCMA0GCSqGSIb3DQEBCwUAA4IBAQA6/HigdqM1UkXrzCvMTss/CvKP+f5sY8D/
s2eb4m7U4SQjp9Gu8HOonnK+5DQoVShA8/sKYdWE9SnxhsZ/+bC7ksBkpv9pb1Hr
FvZVa0ChGEOrDw7ZfIeNXy8ZPWvNygKAIL7P38VHuWLZiO3aTgOPdWKoas602V73
dZWpCMbtcFd9Ph/AWunPq7ezsZhH5jRyNUfMDvBwNz3GDMt/NHgBNAKIYB5My2D5
OTIagcJuCYidOHAixsllhiwBT4bqv2V32YHeq9IiEH8czwjUXCOIH5lGz0OvQTf5
bcZoo840nrQ3hyeH5fYU36FX3slivtop4bNLiUzjY4vi8eW2Fn/2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:37 2025 by rpki-client