Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/3CsSwg60H3wL0Qhp8po5ugCvNiY.roa
File: 3CsSwg60H3wL0Qhp8po5ugCvNiY.roa (raw, json)
Hash identifier: Rpb3mJDasn8AjLNS6cTBxaEaFE6t0xCf5ua/csAv17g=
Subject key identifier: DC:2B:12:C2:0E:B4:1F:7C:0B:D1:08:69:F2:9A:39:BA:00:AF:36:26
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0189108808CDB3B6D553A40069118FF55DD2
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/3CsSwg60H3wL0Qhp8po5ugCvNiY.roa
Signing time: Sat 01 Jul 2023 08:18:17 +0000
ROA not before: Sat 01 Jul 2023 08:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210392
IP address blocks: 178.239.151.0/24 maxlen: 24
178.239.152.0/24 maxlen: 24
185.26.32.0/24 maxlen: 24
185.26.33.0/24 maxlen: 24
178.239.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:10:88:08:cd:b3:b6:d5:53:a4:00:69:11:8f:f5:5d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jul 1 08:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc2b12c20eb41f7c0bd10869f29a39ba00af3626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:66:8f:3a:7f:26:d5:b5:07:3a:8b:da:19:be:
7e:f2:66:3d:23:ec:43:18:a6:75:d7:2b:97:d4:3d:
60:20:98:02:af:98:2c:d6:5d:09:e0:fa:8b:6b:f6:
aa:6c:0d:de:a4:63:3e:b8:aa:26:46:0a:d3:9c:b7:
db:54:35:71:82:7e:28:55:7f:80:2d:54:20:7b:bd:
05:0a:e2:cb:c9:2f:1c:b8:69:bf:fb:bf:3b:ba:94:
15:cf:2b:05:31:72:05:12:1e:a4:b2:bc:80:e1:a8:
88:99:62:49:09:76:4b:62:08:84:fb:a7:a2:9e:97:
87:4c:34:cf:3d:fe:f5:46:2e:77:86:f9:48:0f:1c:
2b:3a:17:18:76:5d:13:db:c7:ff:43:0d:71:1f:ed:
36:09:d1:dc:92:d8:e8:96:24:0f:b6:ea:c3:0e:94:
54:f9:12:9d:df:55:0e:b3:d4:db:67:c1:98:21:ff:
36:e2:e1:dd:f8:76:78:03:97:d3:ea:e2:51:80:e8:
74:8c:dc:4b:77:f0:cb:b1:2c:ca:18:15:84:80:49:
88:e1:fb:c5:82:b0:c2:9a:53:32:b6:20:e5:73:c3:
65:92:da:91:f6:bd:30:96:a1:0c:20:40:94:36:45:
b8:08:e9:dc:f8:da:31:fd:ed:bc:34:1f:ae:86:6a:
a2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2B:12:C2:0E:B4:1F:7C:0B:D1:08:69:F2:9A:39:BA:00:AF:36:26
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/3CsSwg60H3wL0Qhp8po5ugCvNiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.151.0-178.239.153.255
185.26.32.0/23
Signature Algorithm: sha256WithRSAEncryption
11:1f:51:4c:34:1b:30:e5:27:91:3b:e7:48:0e:96:6e:62:f9:
a0:64:35:84:eb:3e:26:44:bb:58:13:df:bf:98:b1:97:ae:7c:
b0:fb:e8:d1:45:41:bf:ff:4d:79:c9:6c:80:a9:69:b3:c0:87:
e9:9a:c0:1c:12:d1:8a:12:89:7a:97:4d:10:a3:43:27:54:64:
4f:50:80:83:16:2f:b8:8e:76:ab:10:18:44:99:e5:2f:9d:86:
e1:66:74:8f:dd:1f:e4:52:92:95:0f:53:4c:81:f8:c4:5b:a3:
f0:6f:79:c1:c9:cd:91:b9:8f:66:50:e3:f0:4f:73:16:b7:37:
dd:f8:6a:ca:e5:de:27:8a:0b:07:fa:bd:4e:9e:0e:8d:c8:2f:
cc:60:87:48:11:2d:8f:d3:8d:af:32:27:9a:31:0d:39:4a:cf:
33:61:e6:bf:da:ca:e5:65:fe:44:f3:71:cf:bd:1e:87:d3:18:
b7:c6:59:4b:7a:5b:b5:7b:37:da:40:46:bb:35:70:b2:c8:de:
80:02:94:13:42:fa:d3:69:ee:e9:04:8e:22:5a:b1:20:40:f3:
e1:36:eb:8d:1f:4c:f2:7e:96:ec:d2:64:f3:6a:46:85:39:4e:
71:38:26:2a:2d:2f:6c:53:19:d3:bd:2c:d6:8f:ce:04:c5:84:
aa:5c:2c:f0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkQiAjNs7bVU6QAaRGP9V3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNzAxMDgxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzJiMTJjMjBlYjQxZjdjMGJkMTA4NjlmMjlhMzliYTAwYWYzNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmaPOn8m1bUHOovaGb5+8mY9I+xD
GKZ11yuX1D1gIJgCr5gs1l0J4PqLa/aqbA3epGM+uKomRgrTnLfbVDVxgn4oVX+A
LVQge70FCuLLyS8cuGm/+787upQVzysFMXIFEh6ksryA4aiImWJJCXZLYgiE+6ei
npeHTDTPPf71Ri53hvlIDxwrOhcYdl0T28f/Qw1xH+02CdHcktjoliQPturDDpRU
+RKd31UOs9TbZ8GYIf824uHd+HZ4A5fT6uJRgOh0jNxLd/DLsSzKGBWEgEmI4fvF
grDCmlMytiDlc8NlktqR9r0wlqEMIECUNkW4COnc+Nox/e28NB+uhmqiiwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNwrEsIOtB98C9EIafKaOboArzYmMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvM0NzU3dnNjBIM3dMMFFocDhwbzV1Z0N2TmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACy75cD
BAGy75gDBAG5GiAwDQYJKoZIhvcNAQELBQADggEBABEfUUw0GzDlJ5E750gOlm5i
+aBkNYTrPiZEu1gT37+YsZeufLD76NFFQb//TXnJbICpabPAh+mawBwS0YoSiXqX
TRCjQydUZE9QgIMWL7iOdqsQGESZ5S+dhuFmdI/dH+RSkpUPU0yB+MRbo/BvecHJ
zZG5j2ZQ4/BPcxa3N934asrl3ieKCwf6vU6eDo3IL8xgh0gRLY/Tja8yJ5oxDTlK
zzNh5r/ayuVl/kTzcc+9HofTGLfGWUt6W7V7N9pARrs1cLLI3oAClBNC+tNp7ukE
jiJasSBA8+E2640fTPJ+luzSZPNqRoU5TnE4JiotL2xTGdO9LNaPzgTFhKpcLPA=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:33:18 2025 by rpki-client