Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/3WxYhXGExLjCq92HVS-P6zHf3K0.roa
File: 3WxYhXGExLjCq92HVS-P6zHf3K0.roa (raw, json)
Hash identifier: +WbNK1cLfnE9kw6kOd53yD6FJUgiMdiXPeG0a3pGSpM=
Subject key identifier: DD:6C:58:85:71:84:C4:B8:C2:AB:DD:87:55:2F:8F:EB:31:DF:DC:AD
Certificate issuer: /CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Certificate serial: 0156A448
Authority key identifier: BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/3WxYhXGExLjCq92HVS-P6zHf3K0.roa
Signing time: Sat 01 Jan 2022 11:55:55 +0000
ROA not before: Sat 01 Jan 2022 11:55:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44377
IP address blocks: 45.143.216.0/22 maxlen: 24
45.137.248.0/22 maxlen: 24
92.242.224.0/19 maxlen: 24
193.19.220.0/22 maxlen: 24
185.121.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22455368 (0x156a448)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Validity
Not Before: Jan 1 11:55:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd6c58857184c4b8c2abdd87552f8feb31dfdcad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:87:10:02:08:f3:0d:61:fd:94:0c:61:fc:9e:
29:99:a0:33:17:6a:19:02:07:93:cc:25:b8:c4:f1:
a8:8e:ed:6a:14:51:39:14:72:0a:e5:5f:60:14:06:
fc:d6:8d:a3:8c:dc:5a:13:92:60:1e:3f:79:c4:44:
39:b1:63:02:f1:65:2a:70:e1:3b:83:b3:93:dc:bb:
ff:71:75:95:95:0f:e6:4a:e7:c9:2c:8b:6b:37:b5:
84:ab:b8:b8:da:80:c8:19:f2:78:d9:b0:03:2e:88:
1c:d7:09:7f:fa:10:70:fa:2e:89:d2:dc:62:cd:e2:
9f:44:b9:c6:23:b9:e6:93:4e:92:f5:31:23:c8:b0:
cf:1d:6d:55:69:16:22:e1:df:2f:c5:7c:3b:76:bb:
4c:27:f4:4e:9f:de:49:81:e0:95:8d:0d:68:66:b6:
f5:8c:a4:dc:34:a2:64:09:98:b8:6e:f2:a3:b4:ff:
ae:06:8d:89:af:ce:c5:39:3e:aa:04:df:4d:74:a5:
d9:a0:5a:b4:c0:e7:c8:70:1d:e6:0c:ea:9e:57:f0:
e9:f3:67:cb:0b:bf:15:44:3a:35:04:63:de:91:70:
6e:14:7b:e3:9b:29:52:12:7a:14:bc:41:8c:70:bc:
b7:56:6b:e3:e5:10:ef:52:b7:ef:04:cb:02:c8:15:
3a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:6C:58:85:71:84:C4:B8:C2:AB:DD:87:55:2F:8F:EB:31:DF:DC:AD
X509v3 Authority Key Identifier:
keyid:BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/3WxYhXGExLjCq92HVS-P6zHf3K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.248.0/22
45.143.216.0/22
92.242.224.0/19
185.121.200.0/22
193.19.220.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:fe:2b:9d:32:d8:d2:8f:cc:84:1a:ce:2b:fd:3e:e1:3b:25:
10:a1:55:fe:f4:89:6b:2d:b5:1e:23:9f:61:ea:f5:e1:7c:8f:
8b:59:27:fc:bf:64:fc:85:dc:b6:fe:90:e0:b3:f7:6f:d6:8b:
44:40:9b:2b:d2:f2:34:a7:13:bb:e3:48:50:8a:e1:08:92:98:
fe:70:ab:6f:ac:00:2f:01:a5:51:26:9e:06:21:66:c6:bf:f2:
61:3c:79:b4:be:e4:e7:b9:a1:ee:df:86:c3:9d:1e:5c:40:9e:
df:28:49:28:72:ea:a9:ec:a2:a3:78:2f:b2:fd:fa:ef:b1:1b:
c8:96:78:bb:d1:44:20:66:e4:73:f2:f2:e5:6c:0e:58:37:10:
74:80:cd:64:1c:ec:f6:28:b4:d6:b2:63:72:ec:4f:3a:8c:0c:
28:32:b9:23:33:d6:5a:24:72:fa:f6:36:b4:14:fe:da:47:f3:
e8:d9:89:90:68:cf:c7:3d:e0:a9:ad:4c:ed:f4:1b:5b:b0:fe:
f1:48:a5:65:cd:45:14:cd:5f:b3:60:8c:13:f5:fc:e6:69:aa:
08:58:ec:35:18:37:6f:d7:d2:3d:94:ad:3a:ba:e9:7c:31:27:
2f:3b:32:f0:48:e0:b3:13:14:e8:8a:b4:10:54:0c:3c:05:ef:
ae:90:ae:c9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAVakSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGExZTU1Zjc0NGUxNDEyYmQ3NTNmZDI3N2I3NzQwOGRjZGY4Y2I0MB4XDTIyMDEw
MTExNTU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ2YzU4ODU3MTg0
YzRiOGMyYWJkZDg3NTUyZjhmZWIzMWRmZGNhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIuHEAII8w1h/ZQMYfyeKZmgMxdqGQIHk8wluMTxqI7tahRR
ORRyCuVfYBQG/NaNo4zcWhOSYB4/ecREObFjAvFlKnDhO4Ozk9y7/3F1lZUP5krn
ySyLaze1hKu4uNqAyBnyeNmwAy6IHNcJf/oQcPouidLcYs3in0S5xiO55pNOkvUx
I8iwzx1tVWkWIuHfL8V8O3a7TCf0Tp/eSYHglY0NaGa29Yyk3DSiZAmYuG7yo7T/
rgaNia/OxTk+qgTfTXSl2aBatMDnyHAd5gzqnlfw6fNnywu/FUQ6NQRj3pFwbhR7
45spUhJ6FLxBjHC8t1Zr4+UQ71K37wTLAsgVOrkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTdbFiFcYTEuMKr3YdVL4/rMd/crTAfBgNVHSMEGDAWgBS9oeVfdE4UEr11
P9J3t3QI3N+MtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZhSGxYM1JPRkJLOWRUX1NkN2QwQ056ZmpMUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvM2NkNDVmLTBiNzktNDNiNy1hOWU2LWMwYmNlZGIzNDI3NC8x
LzNXeFloWEdFeExqQ3E5MkhWUy1QNnpIZjNLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
M2NkNDVmLTBiNzktNDNiNy1hOWU2LWMwYmNlZGIzNDI3NC8xL3ZhSGxYM1JPRkJL
OWRUX1NkN2QwQ056ZmpMUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi2J+AMEAi2P2AMEBVzy4AMEArl5
yAMEAsET3DANBgkqhkiG9w0BAQsFAAOCAQEAWv4rnTLY0o/MhBrOK/0+4TslEKFV
/vSJay21HiOfYer14XyPi1kn/L9k/IXctv6Q4LP3b9aLRECbK9LyNKcTu+NIUIrh
CJKY/nCrb6wALwGlUSaeBiFmxr/yYTx5tL7k57mh7t+Gw50eXECe3yhJKHLqqeyi
o3gvsv3677EbyJZ4u9FEIGbkc/Ly5WwOWDcQdIDNZBzs9ii01rJjcuxPOowMKDK5
IzPWWiRy+vY2tBT+2kfz6NmJkGjPxz3gqa1M7fQbW7D+8UilZc1FFM1fs2CME/X8
5mmqCFjsNRg3b9fSPZStOrrpfDEnLzsy8EjgsxMU6Iq0EFQMPAXvrpCuyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:21 2023 by rpki-client on console-ams.rpki-client.org