Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/M3sVRO-OOBlKTnyWYj9FxW6IoqU.roa
File: M3sVRO-OOBlKTnyWYj9FxW6IoqU.roa (raw, json)
Hash identifier: pIyFUemxWrvet4KN/3dg+wEb9+P1FBF2aDD8pvPiEI8=
Subject key identifier: 33:7B:15:44:EF:8E:38:19:4A:4E:7C:96:62:3F:45:C5:6E:88:A2:A5
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 37BCD0AE
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/M3sVRO-OOBlKTnyWYj9FxW6IoqU.roa
Signing time: Sat 01 Jan 2022 12:06:54 +0000
ROA not before: Sat 01 Jan 2022 12:06:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35434
IP address blocks: 195.82.188.0/22 maxlen: 22
83.230.48.0/22 maxlen: 22
213.227.72.0/22 maxlen: 22
212.106.138.0/23 maxlen: 23
212.106.160.0/21 maxlen: 21
195.82.160.0/21 maxlen: 21
195.82.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 935121070 (0x37bcd0ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 1 12:06:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=337b1544ef8e38194a4e7c96623f45c56e88a2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:6d:ca:0c:a9:ce:6e:62:4f:99:a1:73:f9:
b7:bc:96:5d:9a:16:25:96:6f:9c:ea:ac:07:b1:8c:
8e:31:15:b0:23:ba:fa:37:37:40:63:30:5b:dd:52:
20:57:4e:a5:fe:69:48:ac:65:11:e2:03:5f:a2:03:
81:3a:9e:5c:8d:71:54:00:2f:fd:bb:3d:18:57:6e:
9e:00:0e:73:29:4c:fc:91:72:de:a3:3a:b2:e8:75:
02:04:27:bb:c3:ce:90:61:16:82:8a:58:14:76:b2:
20:cc:41:1b:fb:0e:31:53:14:01:5b:8b:3f:d0:b0:
fd:41:bb:cc:6d:08:19:96:57:86:5c:77:ae:7e:d1:
1d:fb:b5:e7:bc:37:ae:56:61:89:f3:a3:ee:98:14:
24:91:08:28:0e:c9:a1:a9:64:5d:fb:cb:74:30:c2:
bc:cf:8b:3d:9b:4f:65:79:f0:ae:a5:d3:e9:85:9a:
8f:d8:5b:b5:04:77:c6:a1:ff:ba:55:6b:b8:27:2c:
3f:cb:f2:c7:b5:39:bd:b4:ee:75:f5:fb:5d:21:4b:
3b:2a:b5:a0:fb:2f:55:62:f7:fd:0d:1b:da:f2:a3:
e0:9f:4e:54:b2:be:41:3c:eb:db:e8:9f:c3:f3:f7:
3d:8d:c8:83:96:87:01:b9:c6:f0:fe:ab:57:83:5c:
7a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7B:15:44:EF:8E:38:19:4A:4E:7C:96:62:3F:45:C5:6E:88:A2:A5
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/M3sVRO-OOBlKTnyWYj9FxW6IoqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.48.0/22
195.82.160.0-195.82.171.255
195.82.188.0/22
212.106.138.0/23
212.106.160.0/21
213.227.72.0/22
Signature Algorithm: sha256WithRSAEncryption
28:0c:b0:58:20:7b:cb:16:96:c8:d1:61:79:9c:04:f2:d4:12:
ef:4e:ab:52:e3:b6:52:48:db:ab:6d:13:d5:15:ea:9d:cb:a2:
a5:01:1a:ff:dc:41:cd:f2:06:ae:e1:5f:b1:ef:fb:9a:dd:84:
be:8a:78:68:9d:c5:be:ce:e6:ce:fb:40:2e:a6:61:1b:82:bd:
42:82:c7:e2:87:06:4d:43:d8:cc:93:7f:1d:1e:d0:72:00:ad:
9a:2a:38:b2:3f:b6:dd:7c:83:68:6c:10:ac:24:51:c2:60:b6:
ea:0d:6e:fa:9f:75:86:ec:c8:97:27:8f:2d:2f:17:bc:80:b7:
38:39:cb:75:29:91:56:ef:ec:30:01:2e:ea:95:1f:58:43:e8:
7e:96:b9:25:75:2c:32:a1:23:e5:f2:2f:5a:3e:dc:42:c1:8b:
16:1a:1d:58:df:5c:86:61:8a:e8:73:6f:7e:56:46:e2:b0:84:
93:32:b7:66:31:66:4b:1a:61:75:b8:25:40:9b:d5:d4:02:91:
e6:5f:43:d4:88:3f:18:6f:b3:45:fb:ea:91:65:34:d4:23:f9:
9b:07:b7:59:f3:c3:4d:ec:5e:8e:52:14:42:d0:46:cf:53:96:
51:b0:06:68:00:0e:68:f4:70:1f:c6:f9:20:87:dd:9f:67:5d:
56:37:c1:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEN7zQrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjQwNWNhYWIzNGJiZmRlNmI4ZWU2NmM2MDA4NjBjNmNlOTZmMzJiMB4XDTIyMDEw
MTEyMDY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM3YjE1NDRlZjhl
MzgxOTRhNGU3Yzk2NjIzZjQ1YzU2ZTg4YTJhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBhbcoMqc5uYk+ZoXP5t7yWXZoWJZZvnOqsB7GMjjEVsCO6
+jc3QGMwW91SIFdOpf5pSKxlEeIDX6IDgTqeXI1xVAAv/bs9GFdungAOcylM/JFy
3qM6suh1AgQnu8POkGEWgopYFHayIMxBG/sOMVMUAVuLP9Cw/UG7zG0IGZZXhlx3
rn7RHfu157w3rlZhifOj7pgUJJEIKA7JoalkXfvLdDDCvM+LPZtPZXnwrqXT6YWa
j9hbtQR3xqH/ulVruCcsP8vyx7U5vbTudfX7XSFLOyq1oPsvVWL3/Q0b2vKj4J9O
VLK+QTzr2+ifw/P3PY3Ig5aHAbnG8P6rV4NcekcCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQzexVE7444GUpOfJZiP0XFboiipTAfBgNVHSMEGDAWgBRLQFyqs0u/3muO
5mxgCGDGzpbzKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MwQmNxck5Mdjk1cmp1WnNZQWhneHM2Vzh5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvOTE0ZDM5LTMwMjAtNGI3OS1hZDI2LWQ4N2FmZmI4YmM2MS8x
L00zc1ZSTy1PT0JsS1RueVdZajlGeFc2SW9xVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
OTE0ZDM5LTMwMjAtNGI3OS1hZDI2LWQ4N2FmZmI4YmM2MS8xL1MwQmNxck5Mdjk1
cmp1WnNZQWhneHM2Vzh5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAlPmMDAMAwQFw1KgAwQCw1KoAwQC
w1K8AwQB1GqKAwQD1GqgAwQC1eNIMA0GCSqGSIb3DQEBCwUAA4IBAQAoDLBYIHvL
FpbI0WF5nATy1BLvTqtS47ZSSNurbRPVFeqdy6KlARr/3EHN8gau4V+x7/ua3YS+
inhoncW+zubO+0AupmEbgr1CgsfihwZNQ9jMk38dHtByAK2aKjiyP7bdfINobBCs
JFHCYLbqDW76n3WG7MiXJ48tLxe8gLc4Oct1KZFW7+wwAS7qlR9YQ+h+lrkldSwy
oSPl8i9aPtxCwYsWGh1Y31yGYYroc29+VkbisISTMrdmMWZLGmF1uCVAm9XUApHm
X0PUiD8Yb7NF++qRZTTUI/mbB7dZ88NN7F6OUhRC0EbPU5ZRsAZoAA5o9HAfxvkg
h92fZ11WN8HN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:27 2025 by rpki-client