Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/3HY_5hWraXMJUpXibt4q6p5TLYg.roa
File: 3HY_5hWraXMJUpXibt4q6p5TLYg.roa (raw, json)
Hash identifier: Pepd8V4M5ORK1vpNIWv7kIlZg92pGe7Yuenbuq7aAD4=
Subject key identifier: DC:76:3F:E6:15:AB:69:73:09:52:95:E2:6E:DE:2A:EA:9E:53:2D:88
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0184AE0234003AA214C57BA427FC2EC34A9D
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/3HY_5hWraXMJUpXibt4q6p5TLYg.roa
Signing time: Fri 25 Nov 2022 08:58:10 +0000
ROA not before: Fri 25 Nov 2022 08:58:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39251
IP address blocks: 193.37.238.0/24 maxlen: 24
185.229.252.0/22 maxlen: 24
91.223.66.0/24 maxlen: 24
185.163.140.0/22 maxlen: 24
194.169.230.0/24 maxlen: 24
194.169.237.0/24 maxlen: 24
91.245.192.0/24 maxlen: 24
194.169.242.0/24 maxlen: 24
213.232.88.0/22 maxlen: 24
185.225.84.0/22 maxlen: 24
91.92.72.0/21 maxlen: 24
91.92.80.0/20 maxlen: 24
91.92.96.0/21 maxlen: 24
194.169.223.0/24 maxlen: 24
2a0b:f800::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:02:34:00:3a:a2:14:c5:7b:a4:27:fc:2e:c3:4a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Nov 25 08:58:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc763fe615ab6973095295e26ede2aea9e532d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:cf:ba:c0:39:7e:51:73:74:b7:c3:33:01:
38:46:7d:3e:99:4e:6c:ee:f0:64:fe:49:7e:77:df:
df:5d:f5:59:df:64:79:33:af:23:f0:bf:36:e6:b0:
9a:62:60:fa:03:e5:c9:21:91:73:38:da:10:75:7c:
9b:3c:a0:e6:46:33:c2:0c:9a:7d:dd:09:5f:91:80:
2e:8d:ed:52:d8:91:aa:d9:a4:b2:ff:3e:25:19:f2:
d7:7e:3d:09:81:b5:45:da:9f:46:c6:75:87:ba:ce:
46:bb:d1:90:90:79:08:89:eb:ec:60:1e:b1:34:ab:
1e:aa:ce:ee:b5:cd:45:e0:aa:73:42:c4:a9:b2:6b:
5a:2a:84:24:e1:9a:c6:d7:c3:44:a6:c9:9a:5f:ca:
1e:ff:fc:19:a9:a8:e3:bd:a1:c8:d1:ad:fc:99:d9:
a4:7e:43:84:dd:83:ba:c5:c2:13:fd:40:5f:e5:46:
f0:7a:94:ce:7e:3c:ff:a0:1c:bf:95:f5:e4:8e:f9:
cc:c8:b1:24:04:87:46:96:d7:e4:0b:22:35:87:41:
5a:8b:b5:eb:99:e1:8c:f0:73:8e:4f:fd:fe:c8:62:
6d:e9:ef:a3:78:bd:42:4b:ca:6f:a4:99:cd:dc:a9:
ba:94:68:2e:29:f9:8b:af:9c:2e:55:96:f4:57:e1:
05:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:76:3F:E6:15:AB:69:73:09:52:95:E2:6E:DE:2A:EA:9E:53:2D:88
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/3HY_5hWraXMJUpXibt4q6p5TLYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.72.0-91.92.103.255
91.223.66.0/24
91.245.192.0/24
185.163.140.0/22
185.225.84.0/22
185.229.252.0/22
193.37.238.0/24
194.169.223.0/24
194.169.230.0/24
194.169.237.0/24
194.169.242.0/24
213.232.88.0/22
IPv6:
2a0b:f800::/32
Signature Algorithm: sha256WithRSAEncryption
1c:35:a9:f9:4b:dc:49:35:b2:cd:4c:99:9c:1c:8b:53:1d:cf:
ac:6c:61:b8:a6:a6:03:08:39:bb:b5:08:0e:7c:62:06:09:81:
90:f9:a6:7d:d0:4f:af:ce:de:f1:db:cf:f7:b8:91:e7:42:dc:
2f:49:38:a8:07:dc:77:8d:55:0c:ec:cb:fd:0c:9d:09:98:51:
b2:d6:25:5e:b4:50:bd:e1:ed:8f:ec:9d:f4:0c:cb:3f:21:f9:
be:fc:89:21:4b:ba:e0:52:92:3c:27:d7:fe:b0:85:03:01:93:
d5:a5:8e:2d:2a:38:4b:6d:35:46:6d:64:70:4d:ff:3d:4a:4f:
1b:55:f9:d0:e1:27:0a:5b:22:f5:1f:bb:65:76:98:7f:8f:fe:
b8:0e:8d:0e:07:6e:8e:9b:f4:d8:cb:f7:ee:b5:1c:80:7f:57:
a7:21:13:cc:3d:99:ef:4a:3c:83:6c:26:33:32:21:85:75:f3:
93:03:d5:d4:87:0b:77:7b:e4:6e:e5:63:67:fa:b5:98:cb:90:
1e:4c:93:2f:04:a7:d5:d1:1e:77:3d:30:3e:0e:59:38:ae:e0:
23:e1:21:36:6b:59:be:ee:d3:63:34:62:4d:55:87:27:38:b0:
38:e4:40:14:4e:d0:a1:ed:5d:d7:ea:19:a6:97:ba:04:ca:08:
23:92:4d:d4
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYSuAjQAOqIUxXukJ/wuw0qdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjIxMTI1MDg1ODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc2M2ZlNjE1YWI2OTczMDk1Mjk1ZTI2ZWRlMmFlYTllNTMyZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+bPusA5flFzdLfDMwE4Rn0+mU5s
7vBk/kl+d9/fXfVZ32R5M68j8L825rCaYmD6A+XJIZFzONoQdXybPKDmRjPCDJp9
3QlfkYAuje1S2JGq2aSy/z4lGfLXfj0JgbVF2p9GxnWHus5Gu9GQkHkIievsYB6x
NKseqs7utc1F4KpzQsSpsmtaKoQk4ZrG18NEpsmaX8oe//wZqajjvaHI0a38mdmk
fkOE3YO6xcIT/UBf5UbwepTOfjz/oBy/lfXkjvnMyLEkBIdGltfkCyI1h0Fai7Xr
meGM8HOOT/3+yGJt6e+jeL1CS8pvpJnN3Km6lGguKfmLr5wuVZb0V+EFUwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFNx2P+YVq2lzCVKV4m7eKuqeUy2IMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvM0hZXzVoV3JhWE1KVXBYaWJ0NHE2cDVUTFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQMAwDBANbXEgD
BANbXGADBABb30IDBABb9cADBAK5o4wDBAK54VQDBAK55fwDBADBJe4DBADCqd8D
BADCqeYDBADCqe0DBADCqfIDBALV6FgwDQQCAAIwBwMFACoL+AAwDQYJKoZIhvcN
AQELBQADggEBABw1qflL3Ek1ss1MmZwci1Mdz6xsYbimpgMIObu1CA58YgYJgZD5
pn3QT6/O3vHbz/e4kedC3C9JOKgH3HeNVQzsy/0MnQmYUbLWJV60UL3h7Y/snfQM
yz8h+b78iSFLuuBSkjwn1/6whQMBk9Wlji0qOEttNUZtZHBN/z1KTxtV+dDhJwpb
IvUfu2V2mH+P/rgOjQ4Hbo6b9NjL9+61HIB/V6chE8w9me9KPINsJjMyIYV185MD
1dSHC3d75G7lY2f6tZjLkB5Mky8Ep9XRHnc9MD4OWTiu4CPhITZrWb7u02M0Yk1V
hyc4sDjkQBRO0KHtXdfqGaaXugTKCCOSTdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:06 2024 by rpki-client on console-fra.rpki-client.org