Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/3jMRrdsLvBhDcw0cKq0d0YTNlZ0.roa
File: 3jMRrdsLvBhDcw0cKq0d0YTNlZ0.roa (raw, json)
Hash identifier: /NAN0nq5Kf/Fq4eqv/0ljs5izkkjb2Dz7OC8/OdjqC0=
Subject key identifier: DE:33:11:AD:DB:0B:BC:18:43:73:0D:1C:2A:AD:1D:D1:84:CD:95:9D
Certificate issuer: /CN=c1db67b85104e4db598fea15678699c92473bda0
Certificate serial: 01856F14D32B242D0ACEE2FD77D221AC33BC
Authority key identifier: C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/3jMRrdsLvBhDcw0cKq0d0YTNlZ0.roa
Signing time: Sun 01 Jan 2023 20:45:13 +0000
ROA not before: Sun 01 Jan 2023 20:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208626
IP address blocks: 185.64.76.0/24 maxlen: 24
2a0c:dd80:3000::/48 maxlen: 48
2a0c:dd80:1000::/48 maxlen: 48
2a0c:dd80:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d3:2b:24:2d:0a:ce:e2:fd:77:d2:21:ac:33:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1db67b85104e4db598fea15678699c92473bda0
Validity
Not Before: Jan 1 20:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de3311addb0bbc1843730d1c2aad1dd184cd959d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:21:ad:ec:87:ae:a9:14:2e:64:52:ff:50:
05:a7:4a:e0:5c:7f:36:38:7f:a3:d6:f0:d7:01:d1:
7e:04:d7:7f:8a:15:4b:35:49:35:ba:78:34:be:fd:
1f:28:d2:a3:ff:12:51:d7:ea:58:5a:31:9b:c5:c4:
86:f0:0e:7f:b4:5b:db:0e:b1:52:d4:21:5f:83:9c:
e5:0c:f7:bb:df:be:a6:1c:a4:79:69:c5:e3:93:22:
46:1d:3a:33:59:5f:89:59:84:64:de:4e:88:e7:80:
9c:63:e7:f3:c1:14:8a:b8:82:1a:da:15:63:ba:0b:
a3:30:af:0c:19:f9:2c:0b:68:f5:d4:71:2c:4e:65:
74:b8:b0:b0:0a:7d:fc:2c:d6:f6:bd:54:76:d8:8e:
b0:78:25:d5:95:dd:c8:8e:98:71:9c:1e:50:e2:b2:
73:05:26:22:15:d9:b2:26:05:b6:99:69:a6:f1:b0:
6e:a5:8a:73:a6:14:df:6d:e4:d4:84:ee:b8:f7:c5:
65:93:5b:2a:96:a9:36:f4:95:b7:a4:a8:ab:e9:3f:
64:12:1e:20:e1:8f:d7:ed:fe:a7:13:49:60:0c:5d:
73:15:45:b9:70:e6:36:54:46:31:7f:c4:4c:d8:6e:
87:fd:6b:fa:c9:28:f0:e8:3a:fc:d1:54:84:8f:eb:
71:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:33:11:AD:DB:0B:BC:18:43:73:0D:1C:2A:AD:1D:D1:84:CD:95:9D
X509v3 Authority Key Identifier:
keyid:C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/3jMRrdsLvBhDcw0cKq0d0YTNlZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/wdtnuFEE5NtZj-oVZ4aZySRzvaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.76.0/24
IPv6:
2a0c:dd80:1000::/48
2a0c:dd80:2000::/48
2a0c:dd80:3000::/48
Signature Algorithm: sha256WithRSAEncryption
b1:ff:b7:0b:d4:dc:38:14:94:ab:33:07:9a:db:96:2d:ce:95:
5b:99:25:7d:b8:fa:52:cb:8a:a7:bf:fc:7b:60:5f:56:d8:68:
37:f4:88:8e:ae:a8:aa:36:5e:79:be:5f:e3:ad:e9:59:55:16:
df:66:3b:ab:69:19:7f:e0:52:fe:be:08:1c:c8:55:e0:ac:b4:
69:47:61:c9:e3:18:20:63:97:e1:0d:fb:9e:c0:37:fd:20:0c:
f8:8c:c4:f9:ba:53:d3:a5:07:23:61:28:ce:56:20:c2:cf:18:
0f:71:46:a1:96:d2:6e:6d:b9:bc:ca:08:3e:56:c8:80:c4:0c:
2d:7f:09:13:2f:8a:44:4d:de:89:25:54:df:94:07:e3:ee:d2:
1a:44:cd:c9:e4:41:d1:38:70:e2:24:de:3e:f9:e0:70:22:69:
35:de:9f:df:57:00:7b:e3:56:87:c4:39:de:c9:d1:f2:6c:5d:
6e:c6:0e:2b:11:b2:57:e1:66:19:9d:53:48:4b:c5:fc:01:71:
25:5a:e3:df:63:8e:b2:a6:71:3f:a9:0f:54:fe:3f:b1:c7:11:
9d:c6:2a:a3:85:34:00:a6:8f:75:8c:c3:b0:50:b7:a4:88:0b:
67:37:18:fc:f1:14:59:02:df:18:2d:79:70:75:25:59:43:0d:
9b:86:49:c8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVvFNMrJC0KzuL9d9IhrDO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZGI2N2I4NTEwNGU0ZGI1OThmZWExNTY3ODY5OWM5MjQ3
M2JkYTAwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMzMTFhZGRiMGJiYzE4NDM3MzBkMWMyYWFkMWRkMTg0Y2Q5NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXshreyHrqkULmRS/1AFp0rgXH82
OH+j1vDXAdF+BNd/ihVLNUk1ung0vv0fKNKj/xJR1+pYWjGbxcSG8A5/tFvbDrFS
1CFfg5zlDPe7376mHKR5acXjkyJGHTozWV+JWYRk3k6I54CcY+fzwRSKuIIa2hVj
ugujMK8MGfksC2j11HEsTmV0uLCwCn38LNb2vVR22I6weCXVld3IjphxnB5Q4rJz
BSYiFdmyJgW2mWmm8bBupYpzphTfbeTUhO6498Vlk1sqlqk29JW3pKir6T9kEh4g
4Y/X7f6nE0lgDF1zFUW5cOY2VEYxf8RM2G6H/Wv6ySjw6Dr80VSEj+txBQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFN4zEa3bC7wYQ3MNHCqtHdGEzZWdMB8GA1UdIwQY
MBaAFMHbZ7hRBOTbWY/qFWeGmckkc72gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjkt
N2Q0YzhmMzdmNWZkLzEvM2pNUnJkc0x2QmhEY3cwY0txMGQwWVRObFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjktN2Q0YzhmMzdmNWZk
LzEvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAuUBMMCEE
AgACMBsDBwAqDN2AEAADBwAqDN2AIAADBwAqDN2AMAAwDQYJKoZIhvcNAQELBQAD
ggEBALH/twvU3DgUlKszB5rbli3OlVuZJX24+lLLiqe//HtgX1bYaDf0iI6uqKo2
Xnm+X+Ot6VlVFt9mO6tpGX/gUv6+CBzIVeCstGlHYcnjGCBjl+EN+57AN/0gDPiM
xPm6U9OlByNhKM5WIMLPGA9xRqGW0m5tubzKCD5WyIDEDC1/CRMvikRN3oklVN+U
B+Pu0hpEzcnkQdE4cOIk3j754HAiaTXen99XAHvjVofEOd7J0fJsXW7GDisRslfh
ZhmdU0hLxfwBcSVa499jjrKmcT+pD1T+P7HHEZ3GKqOFNACmj3WMw7BQt6SIC2c3
GPzxFFkC3xgteXB1JVlDDZuGScg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:16 2025 by rpki-client