Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/3eMAeDHUPJufcgUyds8BstJO5dQ.roa
File: 3eMAeDHUPJufcgUyds8BstJO5dQ.roa (raw, json)
Hash identifier: 8h9UG/lUCjSt4KWqGBOTtr1V8wNsQtFPnI7egygiPnA=
Subject key identifier: DD:E3:00:78:31:D4:3C:9B:9F:72:05:32:76:CF:01:B2:D2:4E:E5:D4
Certificate issuer: /CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Certificate serial: 01844204A0520FD3EF40B9334F91BD86476A
Authority key identifier: E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/3eMAeDHUPJufcgUyds8BstJO5dQ.roa
Signing time: Fri 04 Nov 2022 09:41:50 +0000
ROA not before: Fri 04 Nov 2022 09:41:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206087
IP address blocks: 195.234.43.0/24 maxlen: 24
185.221.43.0/24 maxlen: 24
185.221.40.0/24 maxlen: 24
185.221.42.0/24 maxlen: 24
2a09:f00:b::/48 maxlen: 48
2a09:f00:ff::/48 maxlen: 48
2a09:f00:a::/48 maxlen: 48
2001:67c:690::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:04:a0:52:0f:d3:ef:40:b9:33:4f:91:bd:86:47:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Validity
Not Before: Nov 4 09:41:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dde3007831d43c9b9f72053276cf01b2d24ee5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0e:91:d0:50:9e:ca:c6:a0:6c:a9:56:1b:db:
90:bc:ea:21:e8:4c:39:01:14:98:f6:d6:44:99:6d:
19:cf:d6:7c:49:b6:b7:23:7b:28:57:15:df:8d:62:
30:ee:4e:0d:ac:1d:43:c7:a8:32:f3:b6:eb:64:1c:
78:74:1c:69:53:75:ae:10:7b:58:e2:a3:39:89:ea:
2f:4f:88:22:bb:06:19:f5:9c:b4:68:e4:a3:ce:3a:
e3:9b:66:29:ce:52:fe:b9:11:7c:13:8d:5b:5b:b5:
8c:a8:96:0a:93:a3:bd:2a:f9:b5:19:8d:14:46:fe:
07:40:52:64:e0:ed:6f:ec:c4:0e:e6:7b:f6:27:b0:
bc:81:2a:a1:d5:79:7a:2c:14:b3:1c:f9:61:50:39:
be:8f:03:18:78:27:f3:fa:57:cd:ac:89:12:5c:9f:
e3:66:b1:c1:48:ee:6d:f1:21:53:b3:ea:b7:6e:55:
13:ce:c7:f2:64:b9:8f:ea:2d:52:85:cd:73:85:d2:
47:0d:16:a6:c8:80:10:d0:ba:56:04:c4:3d:a0:24:
b7:c2:d8:e2:b9:b0:cf:44:f1:42:ca:52:eb:90:81:
9b:3b:0e:08:60:a0:9e:98:bf:38:48:fd:89:36:3e:
b4:df:f6:87:90:7b:09:c6:2b:52:29:79:5a:c3:e5:
be:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E3:00:78:31:D4:3C:9B:9F:72:05:32:76:CF:01:B2:D2:4E:E5:D4
X509v3 Authority Key Identifier:
keyid:E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/3eMAeDHUPJufcgUyds8BstJO5dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
185.221.42.0/23
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:a::/47
2a09:f00:ff::/48
Signature Algorithm: sha256WithRSAEncryption
13:9f:e7:b7:20:65:f2:78:66:c5:80:d8:28:df:5a:ee:68:d0:
22:e1:ac:d6:f4:15:ce:3c:45:3e:cd:8b:56:60:0c:b8:e7:d6:
4d:a7:8c:08:27:c0:da:64:42:90:2e:29:86:40:04:81:a9:4e:
85:97:85:4a:4a:33:10:83:21:42:cb:74:39:72:4f:d6:d7:02:
f4:55:cc:90:40:a8:6e:42:b2:9e:7b:46:a3:29:db:46:84:5e:
2b:49:55:60:fd:ac:e8:0c:2a:2f:f8:c1:5e:fb:b7:7d:31:e5:
26:1c:b7:33:91:90:6d:84:8d:16:be:d0:e0:a6:bf:db:c0:0b:
bc:80:b0:d3:77:17:ef:a4:16:b7:c1:b3:c3:17:ba:3f:ea:bb:
65:a8:be:4b:75:9d:88:62:c8:30:69:95:35:ba:a7:ae:03:86:
df:9b:37:d8:54:cd:38:c9:df:07:c8:15:57:dc:35:c3:61:26:
67:60:cd:7a:b8:00:07:8d:b7:bb:d0:f0:fa:ff:3f:3d:82:56:
43:46:3c:cf:7a:18:bd:5f:46:53:ea:39:75:15:07:85:e3:37:
37:d0:5f:13:e6:c5:e8:0c:d7:b5:77:b4:ec:91:43:68:90:2d:
13:50:ae:04:9a:a5:3b:59:1f:c8:20:46:ee:6b:2f:11:6f:ce:
12:81:af:f2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYRCBKBSD9PvQLkzT5G9hkdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjU2ZjllZTE4ZmRiZmFmMzBhMGRhNTc5ODJlMjcyNzNk
YmNiNDIwHhcNMjIxMTA0MDk0MTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGUzMDA3ODMxZDQzYzliOWY3MjA1MzI3NmNmMDFiMmQyNGVlNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw6R0FCeysagbKlWG9uQvOoh6Ew5
ARSY9tZEmW0Zz9Z8Sba3I3soVxXfjWIw7k4NrB1Dx6gy87brZBx4dBxpU3WuEHtY
4qM5ieovT4giuwYZ9Zy0aOSjzjrjm2YpzlL+uRF8E41bW7WMqJYKk6O9Kvm1GY0U
Rv4HQFJk4O1v7MQO5nv2J7C8gSqh1Xl6LBSzHPlhUDm+jwMYeCfz+lfNrIkSXJ/j
ZrHBSO5t8SFTs+q3blUTzsfyZLmP6i1Shc1zhdJHDRamyIAQ0LpWBMQ9oCS3wtji
ubDPRPFCylLrkIGbOw4IYKCemL84SP2JNj603/aHkHsJxitSKXlaw+W+QQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFN3jAHgx1Dybn3IFMnbPAbLSTuXUMB8GA1UdIwQY
MBaAFOi1b57hj9v68woNpXmC4nJz28tCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYt
NzM1NWIyMDQzZTU0LzEvM2VNQWVESFVQSnVmY2dVeWRzOEJzdEpPNWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYtNzM1NWIyMDQzZTU0
LzEvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAud0oAwQB
ud0qAwQAw+orMCEEAgACMBsDBwAgAQZ8BpADBwEqCQ8AAAoDBwAqCQ8AAP8wDQYJ
KoZIhvcNAQELBQADggEBABOf57cgZfJ4ZsWA2CjfWu5o0CLhrNb0Fc48RT7Ni1Zg
DLjn1k2njAgnwNpkQpAuKYZABIGpToWXhUpKMxCDIULLdDlyT9bXAvRVzJBAqG5C
sp57RqMp20aEXitJVWD9rOgMKi/4wV77t30x5SYctzORkG2EjRa+0OCmv9vAC7yA
sNN3F++kFrfBs8MXuj/qu2Wovkt1nYhiyDBplTW6p64Dht+bN9hUzTjJ3wfIFVfc
NcNhJmdgzXq4AAeNt7vQ8Pr/Pz2CVkNGPM96GL1fRlPqOXUVB4XjNzfQXxPmxegM
17V3tOyRQ2iQLRNQrgSapTtZH8ggRu5rLxFvzhKBr/I=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:47 2023 by rpki-client on console-ams.rpki-client.org