Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/3eD3Q7nvOjYP89h2RhqShzuEsdA.roa
File: 3eD3Q7nvOjYP89h2RhqShzuEsdA.roa (raw, json)
Hash identifier: iv+++JDn6NZdFE/kJmwBhnmDWL+CSkrgY6i0fWQf5+s=
Subject key identifier: DD:E0:F7:43:B9:EF:3A:36:0F:F3:D8:76:46:1A:92:87:3B:84:B1:D0
Certificate issuer: /CN=0b8fb1deb09e72425b309a1414917daf893bef59
Certificate serial: 13BEEDE6
Authority key identifier: 0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/3eD3Q7nvOjYP89h2RhqShzuEsdA.roa
Signing time: Sat 01 Jan 2022 10:02:01 +0000
ROA not before: Sat 01 Jan 2022 10:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48324
IP address blocks: 89.44.8.0/24 maxlen: 24
185.30.32.0/22 maxlen: 22
88.82.224.0/19 maxlen: 19
185.10.70.0/24 maxlen: 24
37.17.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331279846 (0x13beede6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8fb1deb09e72425b309a1414917daf893bef59
Validity
Not Before: Jan 1 10:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dde0f743b9ef3a360ff3d876461a92873b84b1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8e:ab:d5:fb:ef:6b:43:ea:d8:eb:21:8a:4b:
6f:f3:3d:67:b0:94:a6:db:69:2f:f5:e7:46:06:a1:
2c:01:dc:8e:f1:2e:02:83:64:d5:d8:bb:58:2c:d9:
48:48:1d:bb:db:91:7c:90:a8:a1:97:bf:df:03:2e:
d5:f9:1e:06:22:4c:33:5e:c3:b7:51:e2:aa:08:eb:
87:35:99:0c:a3:f3:c8:2c:59:b4:0c:0b:cf:90:0b:
f6:30:07:b6:f5:84:b3:6b:4a:e5:b3:c1:18:9f:f7:
8d:e8:b5:1d:1a:f7:30:67:21:60:f3:8f:3a:f7:48:
df:5d:39:27:ea:f9:a7:9c:69:ea:5e:f9:0b:4a:68:
8e:9e:08:98:7f:e7:e6:67:ed:0c:01:01:eb:e9:a7:
c0:2a:6d:d1:72:18:00:af:db:7a:a4:86:3d:9a:5c:
37:12:73:a4:0b:83:71:ad:3f:95:50:c5:fd:1d:3b:
32:be:d3:73:81:38:86:8b:2e:19:64:af:b0:0e:81:
55:7c:cd:47:f9:fd:a0:38:99:f2:f4:39:92:d4:3b:
01:bf:9c:f1:96:a4:99:59:62:a8:3e:17:52:98:aa:
f0:d1:f5:78:95:c4:92:62:6c:e0:e6:e0:94:5c:a1:
b1:48:4b:1a:14:69:7a:54:b6:22:d2:13:5a:c2:c4:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E0:F7:43:B9:EF:3A:36:0F:F3:D8:76:46:1A:92:87:3B:84:B1:D0
X509v3 Authority Key Identifier:
keyid:0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/3eD3Q7nvOjYP89h2RhqShzuEsdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/C4-x3rCeckJbMJoUFJF9r4k771k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.224.0/21
88.82.224.0/19
89.44.8.0/24
185.10.70.0/24
185.30.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:b8:43:0f:e3:d8:28:a2:35:bd:75:65:ec:6f:15:16:18:d9:
10:bd:af:80:90:cc:38:31:c1:29:15:5a:13:89:35:f6:1f:08:
ed:3a:ca:23:73:ff:69:05:1c:b6:a8:a9:7a:26:a5:80:1f:52:
f7:1b:e9:54:1b:d6:c5:61:d4:a1:1c:1c:6a:1f:70:33:2a:57:
65:5c:d8:b7:a2:a9:b2:a6:2c:91:6b:7b:47:cc:4c:88:6c:4e:
d3:7e:3c:bb:a3:1a:93:2a:a3:44:50:45:61:cc:0b:d8:1c:3d:
19:22:a1:83:4b:1f:a4:1e:e7:fa:1a:cc:6b:c5:83:2b:59:cd:
27:bd:cc:28:0b:07:b3:8f:c4:90:2c:1e:30:cc:65:2e:16:f0:
f8:24:43:af:55:57:06:97:a8:34:f3:18:bd:cc:b5:28:e0:57:
6b:40:79:cb:e7:cd:7a:76:b1:fa:6e:f0:1c:7b:ef:f8:90:0c:
2b:39:ac:02:51:93:06:2b:8c:e1:01:ef:a5:fe:a3:9d:30:cd:
df:49:62:bf:b2:ad:f5:b2:47:cf:6f:99:05:bd:41:a6:29:9b:
e5:74:39:ea:bc:7c:20:f8:f8:d7:05:c7:91:34:79:fc:30:2b:
46:4e:83:97:85:96:eb:b8:f8:22:82:a2:57:b1:60:58:85:12:
7a:ac:96:f9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEE77t5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjhmYjFkZWIwOWU3MjQyNWIzMDlhMTQxNDkxN2RhZjg5M2JlZjU5MB4XDTIyMDEw
MTEwMDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRlMGY3NDNiOWVm
M2EzNjBmZjNkODc2NDYxYTkyODczYjg0YjFkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+Oq9X772tD6tjrIYpLb/M9Z7CUpttpL/XnRgahLAHcjvEu
AoNk1di7WCzZSEgdu9uRfJCooZe/3wMu1fkeBiJMM17Dt1HiqgjrhzWZDKPzyCxZ
tAwLz5AL9jAHtvWEs2tK5bPBGJ/3jei1HRr3MGchYPOPOvdI3105J+r5p5xp6l75
C0pojp4ImH/n5mftDAEB6+mnwCpt0XIYAK/beqSGPZpcNxJzpAuDca0/lVDF/R07
Mr7Tc4E4hosuGWSvsA6BVXzNR/n9oDiZ8vQ5ktQ7Ab+c8ZakmVliqD4XUpiq8NH1
eJXEkmJs4ObglFyhsUhLGhRpelS2ItITWsLEnLMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTd4PdDue86Ng/z2HZGGpKHO4Sx0DAfBgNVHSMEGDAWgBQLj7HesJ5yQlsw
mhQUkX2viTvvWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M0LXgzckNlY2tKYk1Kb1VGSkY5cjRrNzcxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZmM3NjNiLTgzZTYtNGJkMS1iOTNhLWY4Nzg1YTU4MTA2Yy8x
LzNlRDNRN252T2pZUDg5aDJSaHFTaHp1RXNkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZmM3NjNiLTgzZTYtNGJkMS1iOTNhLWY4Nzg1YTU4MTA2Yy8xL0M0LXgzckNlY2tK
Yk1Kb1VGSkY5cjRrNzcxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAyUR4AMEBVhS4AMEAFksCAMEALkK
RgMEArkeIDANBgkqhkiG9w0BAQsFAAOCAQEAnbhDD+PYKKI1vXVl7G8VFhjZEL2v
gJDMODHBKRVaE4k19h8I7TrKI3P/aQUctqipeialgB9S9xvpVBvWxWHUoRwcah9w
MypXZVzYt6KpsqYskWt7R8xMiGxO0348u6MakyqjRFBFYcwL2Bw9GSKhg0sfpB7n
+hrMa8WDK1nNJ73MKAsHs4/EkCweMMxlLhbw+CRDr1VXBpeoNPMYvcy1KOBXa0B5
y+fNenax+m7wHHvv+JAMKzmsAlGTBiuM4QHvpf6jnTDN30liv7Kt9bJHz2+ZBb1B
pimb5XQ56rx8IPj41wXHkTR5/DArRk6Dl4WW67j4IoKiV7FgWIUSeqyW+Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:42 2025 by rpki-client