Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/3D4dY72CNVIyWq6ReTeVMgNTOQU.roa
File: 3D4dY72CNVIyWq6ReTeVMgNTOQU.roa (raw, json)
Hash identifier: 4HA+QkPZEDkCAXVwhg0hzdxXPk/gdA58kAVfXZltpUo=
Subject key identifier: DC:3E:1D:63:BD:82:35:52:32:5A:AE:91:79:37:95:32:03:53:39:05
Certificate issuer: /CN=1c6c48cccce321ec18702957b396381a1f1a0410
Certificate serial: 01856E78FF3A57594D12D8519CDBD2DFFB56
Authority key identifier: 1C:6C:48:CC:CC:E3:21:EC:18:70:29:57:B3:96:38:1A:1F:1A:04:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGxIzMzjIewYcClXs5Y4Gh8aBBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/3D4dY72CNVIyWq6ReTeVMgNTOQU.roa
Signing time: Sun 01 Jan 2023 17:55:01 +0000
ROA not before: Sun 01 Jan 2023 17:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48642
IP address blocks: 185.214.252.0/22 maxlen: 22
93.90.96.0/20 maxlen: 20
134.255.128.0/19 maxlen: 19
91.108.168.0/21 maxlen: 21
193.108.183.0/24 maxlen: 24
185.201.88.0/22 maxlen: 22
82.112.32.0/19 maxlen: 19
193.108.198.0/24 maxlen: 24
5.199.192.0/19 maxlen: 19
193.108.211.0/24 maxlen: 24
193.108.208.0/24 maxlen: 24
193.46.244.0/22 maxlen: 22
91.227.50.0/23 maxlen: 23
94.230.142.0/23 maxlen: 23
45.131.56.0/22 maxlen: 22
88.218.212.0/22 maxlen: 22
5.43.128.0/19 maxlen: 19
94.230.128.0/20 maxlen: 20
193.168.176.0/22 maxlen: 22
185.252.228.0/22 maxlen: 22
185.59.56.0/22 maxlen: 22
217.151.232.0/21 maxlen: 21
185.60.212.0/22 maxlen: 22
46.36.0.0/19 maxlen: 19
185.229.192.0/22 maxlen: 22
185.2.104.0/22 maxlen: 22
185.132.28.0/22 maxlen: 22
194.169.56.0/22 maxlen: 22
185.204.156.0/22 maxlen: 22
195.69.136.0/22 maxlen: 22
109.74.160.0/20 maxlen: 20
2a0a:f940::/32 maxlen: 32
2a0d:b600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ff:3a:57:59:4d:12:d8:51:9c:db:d2:df:fb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c6c48cccce321ec18702957b396381a1f1a0410
Validity
Not Before: Jan 1 17:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc3e1d63bd823552325aae917937953203533905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e6:00:f3:eb:b5:75:13:34:8c:5b:79:65:aa:
89:ab:b1:7b:b0:ce:60:16:6b:7b:c1:f6:3f:6d:f0:
aa:37:91:73:90:f2:ba:65:ea:17:ae:47:92:5f:e0:
c1:8e:42:df:51:47:20:bd:b3:16:81:d4:9e:f2:bd:
6f:94:6a:94:bb:58:f3:87:72:d4:a2:d0:51:46:49:
88:e0:0a:9e:5f:0a:35:82:ad:3c:85:8f:33:ad:19:
9f:fe:d9:76:aa:3a:6d:84:84:0a:72:fc:fa:25:c7:
63:d9:28:28:3a:ec:30:6c:1c:63:0b:57:e5:2b:c9:
1d:1c:35:a6:e9:34:99:2b:43:7e:71:a6:4e:13:a6:
f9:27:e4:27:17:31:29:86:3f:00:23:cf:0a:af:f8:
1d:2c:df:df:33:12:3b:a6:b6:bd:00:57:44:38:fe:
7f:31:54:f9:4b:77:c7:3f:7a:91:8f:17:79:9c:7f:
ab:13:84:c6:6e:94:fe:25:12:29:65:2a:06:11:fe:
90:9c:5d:c2:69:80:d3:4c:6b:41:7b:bf:cb:33:39:
c1:75:e5:48:18:5c:02:00:ff:76:54:df:f4:58:20:
a2:a7:65:c8:b7:2d:9b:a8:c7:5b:49:e7:5a:19:22:
24:d9:d4:e2:c6:3b:d2:5a:5d:10:81:8e:bd:15:1f:
87:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3E:1D:63:BD:82:35:52:32:5A:AE:91:79:37:95:32:03:53:39:05
X509v3 Authority Key Identifier:
keyid:1C:6C:48:CC:CC:E3:21:EC:18:70:29:57:B3:96:38:1A:1F:1A:04:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGxIzMzjIewYcClXs5Y4Gh8aBBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/3D4dY72CNVIyWq6ReTeVMgNTOQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/HGxIzMzjIewYcClXs5Y4Gh8aBBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.43.128.0/19
5.199.192.0/19
45.131.56.0/22
46.36.0.0/19
82.112.32.0/19
88.218.212.0/22
91.108.168.0/21
91.227.50.0/23
93.90.96.0/20
94.230.128.0/20
109.74.160.0/20
134.255.128.0/19
185.2.104.0/22
185.59.56.0/22
185.60.212.0/22
185.132.28.0/22
185.201.88.0/22
185.204.156.0/22
185.214.252.0/22
185.229.192.0/22
185.252.228.0/22
193.46.244.0/22
193.108.183.0/24
193.108.198.0/24
193.108.208.0/24
193.108.211.0/24
193.168.176.0/22
194.169.56.0/22
195.69.136.0/22
217.151.232.0/21
IPv6:
2a0a:f940::/32
2a0d:b600::/29
Signature Algorithm: sha256WithRSAEncryption
ea:92:2e:d9:a9:40:90:fc:3b:f3:44:dc:60:c6:6f:8d:fe:46:
97:34:ed:0f:99:b9:7a:04:35:75:45:a6:43:6e:f4:fd:65:39:
41:3c:ba:76:8e:cf:23:99:68:30:ea:a5:d9:6e:f7:64:0d:83:
41:f0:89:b8:49:cc:12:7b:93:a6:42:28:b6:28:08:4f:fa:87:
4d:b4:e1:16:08:1f:b6:10:a2:5c:49:c9:17:dd:b1:73:d3:6e:
46:e7:ba:41:2d:a2:8a:af:bc:32:b1:6d:7f:8f:11:78:d4:cc:
c0:5d:a0:a0:63:b1:75:6f:4a:4f:e0:17:cb:5f:e0:36:e9:ef:
77:a6:fb:10:2f:73:3a:ae:3e:8f:c5:e4:71:8d:28:a6:8f:ca:
05:1b:db:c4:21:f4:81:7d:1b:9c:e6:2d:28:03:3b:f0:fa:90:
d1:3d:a8:70:c4:bf:19:df:c8:38:52:90:7e:50:e4:16:f7:64:
88:83:53:e3:7d:a3:fd:02:43:9e:22:84:0a:0c:b2:de:32:2c:
55:2f:10:dc:1d:f4:52:a8:20:1f:ab:0a:75:25:65:82:67:12:
f8:80:1e:4c:94:94:2f:cb:11:80:f2:74:cc:c5:96:80:7f:b2:
d5:b6:12:21:4b:be:54:0d:46:37:ea:32:91:cc:29:18:4b:47:
91:cb:82:69
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYVueP86V1lNEthRnNvS3/tWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNmM0OGNjY2NlMzIxZWMxODcwMjk1N2IzOTYzODFhMWYx
YTA0MTAwHhcNMjMwMTAxMTc1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNlMWQ2M2JkODIzNTUyMzI1YWFlOTE3OTM3OTUzMjAzNTMzOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeYA8+u1dRM0jFt5ZaqJq7F7sM5g
Fmt7wfY/bfCqN5FzkPK6ZeoXrkeSX+DBjkLfUUcgvbMWgdSe8r1vlGqUu1jzh3LU
otBRRkmI4AqeXwo1gq08hY8zrRmf/tl2qjpthIQKcvz6Jcdj2SgoOuwwbBxjC1fl
K8kdHDWm6TSZK0N+caZOE6b5J+QnFzEphj8AI88Kr/gdLN/fMxI7pra9AFdEOP5/
MVT5S3fHP3qRjxd5nH+rE4TGbpT+JRIpZSoGEf6QnF3CaYDTTGtBe7/LMznBdeVI
GFwCAP92VN/0WCCip2XIty2bqMdbSedaGSIk2dTixjvSWl0QgY69FR+HKQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFNw+HWO9gjVSMlqukXk3lTIDUzkFMB8GA1UdIwQY
MBaAFBxsSMzM4yHsGHApV7OWOBofGgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEd4SXpNempJZXdZY0NsWHM1WTRHaDhhQkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84ZTRlNjgtYmQyYS00ZGMyLWFhZTYt
YTA1NjBhYzgyYmE3LzEvM0Q0ZFk3MkNOVkl5V3E2UmVUZVZNZ05UT1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84ZTRlNjgtYmQyYS00ZGMyLWFhZTYtYTA1NjBhYzgyYmE3
LzEvSEd4SXpNempJZXdZY0NsWHM1WTRHaDhhQkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBuwQCAAEwgbQDBAUF
K4ADBAUFx8ADBAItgzgDBAUuJAADBAVScCADBAJY2tQDBANbbKgDBAFb4zIDBARd
WmADBARe5oADBARtSqADBAWG/4ADBAK5AmgDBAK5OzgDBAK5PNQDBAK5hBwDBAK5
yVgDBAK5zJwDBAK51vwDBAK55cADBAK5/OQDBALBLvQDBADBbLcDBADBbMYDBADB
bNADBADBbNMDBALBqLADBALCqTgDBALDRYgDBAPZl+gwFAQCAAIwDgMFACoK+UAD
BQMqDbYAMA0GCSqGSIb3DQEBCwUAA4IBAQDqki7ZqUCQ/DvzRNxgxm+N/kaXNO0P
mbl6BDV1RaZDbvT9ZTlBPLp2js8jmWgw6qXZbvdkDYNB8Im4ScwSe5OmQii2KAhP
+odNtOEWCB+2EKJcSckX3bFz025G57pBLaKKr7wysW1/jxF41MzAXaCgY7F1b0pP
4BfLX+A26e93pvsQL3M6rj6PxeRxjSimj8oFG9vEIfSBfRuc5i0oAzvw+pDRPahw
xL8Z38g4UpB+UOQW92SIg1PjfaP9AkOeIoQKDLLeMixVLxDcHfRSqCAfqwp1JWWC
ZxL4gB5MlJQvyxGA8nTMxZaAf7LVthIhS75UDUY36jKRzCkYS0eRy4Jp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:02 2025 by rpki-client