Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/3pprrWwmBRl_L2X9i_46CbbsGsc.roa
File: 3pprrWwmBRl_L2X9i_46CbbsGsc.roa (raw, json)
Hash identifier: SwkejziVxrqOXhtRUBEsyayWY2JWvhNUJ5XifbNFcP4=
Subject key identifier: DE:9A:6B:AD:6C:26:05:19:7F:2F:65:FD:8B:FE:3A:09:B6:EC:1A:C7
Certificate issuer: /CN=74198f7022b9560501db448af60301fa285e9236
Certificate serial: 12C060A7
Authority key identifier: 74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/3pprrWwmBRl_L2X9i_46CbbsGsc.roa
Signing time: Sat 01 Jan 2022 04:01:13 +0000
ROA not before: Sat 01 Jan 2022 04:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3342
IP address blocks: 185.98.96.0/22 maxlen: 22
212.237.250.0/23 maxlen: 23
2a06:b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 314597543 (0x12c060a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74198f7022b9560501db448af60301fa285e9236
Validity
Not Before: Jan 1 04:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de9a6bad6c2605197f2f65fd8bfe3a09b6ec1ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:00:35:c7:61:f6:0b:1e:a9:d8:bd:77:15:
0f:ca:03:b2:4e:3e:64:d1:58:af:c7:99:82:48:76:
fa:e9:07:6f:96:2d:9f:ec:a0:7f:81:8f:19:69:81:
fa:9b:ba:bf:2e:eb:8e:f8:e6:84:61:62:d6:84:3d:
52:4e:00:4a:89:7e:9b:b5:6c:ce:51:36:13:7c:29:
0a:d4:bc:11:77:64:5d:a0:d7:5f:ad:a0:87:4a:fa:
99:d3:a6:1e:28:4e:4e:b5:ca:62:db:14:7c:c4:fe:
6d:bf:4f:7b:1d:24:7f:69:d9:db:42:01:3f:85:c4:
b6:85:df:23:bf:a1:31:fa:a4:02:e0:2f:23:7e:c8:
44:2f:ed:77:97:e2:1d:96:30:94:c3:07:e6:ec:0c:
e4:53:9d:c8:54:59:cd:1c:93:8b:ec:e9:1c:af:85:
e5:de:38:d7:77:c1:70:c4:6d:0f:a0:42:47:e0:50:
3c:33:85:2d:9d:67:a9:93:b5:e6:f0:91:d5:4a:62:
ef:01:e6:09:a2:7f:a7:62:b0:6e:b3:a4:7e:6f:e2:
f4:dc:f0:dd:b5:98:42:1c:66:d9:4e:4f:a7:8b:fc:
9c:16:72:cc:fc:4f:e0:e9:a7:9f:1b:55:27:9b:9c:
fd:56:0e:d8:47:f1:fd:5d:ae:50:81:43:5e:3b:65:
11:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9A:6B:AD:6C:26:05:19:7F:2F:65:FD:8B:FE:3A:09:B6:EC:1A:C7
X509v3 Authority Key Identifier:
keyid:74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/3pprrWwmBRl_L2X9i_46CbbsGsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.96.0/22
212.237.250.0/23
IPv6:
2a06:b00::/29
Signature Algorithm: sha256WithRSAEncryption
21:eb:c2:20:92:dd:bd:5a:07:e2:d1:48:ef:3d:19:46:e5:3b:
9c:5d:7c:08:e2:61:1d:42:77:f6:37:a5:e7:f6:a5:fa:64:d1:
ac:32:79:ed:ff:59:a5:8d:43:47:a5:cd:8e:95:62:10:ae:a6:
82:dc:7c:d0:83:4c:01:18:24:51:ed:5b:9b:14:f5:d6:74:c1:
28:a8:f2:8b:ed:59:10:ad:7b:b6:0a:98:17:cb:99:f9:0c:35:
99:b2:9b:9d:c1:9d:ad:9a:fc:6c:6b:60:96:78:bb:f6:2e:05:
51:c2:7b:ff:fe:62:db:a2:a3:37:a2:ff:04:73:67:61:53:dd:
a9:fb:a3:de:3e:ab:aa:8b:ac:8f:94:6f:a5:dc:ef:c5:50:95:
23:f6:02:d7:6d:54:8f:29:2a:5b:bd:99:bc:2b:1a:7f:94:6a:
ce:0f:86:f7:da:b4:b0:6b:34:5f:03:b3:79:90:db:79:a8:9c:
43:9f:f5:75:48:7e:29:b9:6c:87:31:cb:c2:45:20:7e:d2:62:
94:12:c1:aa:70:b9:68:bf:a5:de:6b:18:cb:06:ea:93:47:ff:
47:39:35:db:55:51:ad:c3:2b:fb:c7:38:df:28:f3:11:de:49:
2a:41:90:6b:95:98:b9:c1:d5:3f:6a:01:ab:3b:ba:e5:b1:c9:
19:d1:1b:01
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEsBgpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDE5OGY3MDIyYjk1NjA1MDFkYjQ0OGFmNjAzMDFmYTI4NWU5MjM2MB4XDTIyMDEw
MTA0MDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU5YTZiYWQ2YzI2
MDUxOTdmMmY2NWZkOGJmZTNhMDliNmVjMWFjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3SADXHYfYLHqnYvXcVD8oDsk4+ZNFYr8eZgkh2+ukHb5Yt
n+ygf4GPGWmB+pu6vy7rjvjmhGFi1oQ9Uk4ASol+m7VszlE2E3wpCtS8EXdkXaDX
X62gh0r6mdOmHihOTrXKYtsUfMT+bb9Pex0kf2nZ20IBP4XEtoXfI7+hMfqkAuAv
I37IRC/td5fiHZYwlMMH5uwM5FOdyFRZzRyTi+zpHK+F5d4413fBcMRtD6BCR+BQ
PDOFLZ1nqZO15vCR1Upi7wHmCaJ/p2KwbrOkfm/i9Nzw3bWYQhxm2U5Pp4v8nBZy
zPxP4OmnnxtVJ5uc/VYO2Efx/V2uUIFDXjtlEcMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTemmutbCYFGX8vZf2L/joJtuwaxzAfBgNVHSMEGDAWgBR0GY9wIrlWBQHb
RIr2AwH6KF6SNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RCbVBjQ0s1VmdVQjIwU0s5Z01CLWloZWtqWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvMWJlNWUxLTU2YjQtNGM2Ni1iZWFiLTZmMTYzOTY2YWY4Yi8x
LzNwcHJyV3dtQlJsX0wyWDlpXzQ2Q2Jic0dzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
MWJlNWUxLTU2YjQtNGM2Ni1iZWFiLTZmMTYzOTY2YWY4Yi8xL2RCbVBjQ0s1VmdV
QjIwU0s5Z01CLWloZWtqWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArliYAMEAdTt+jANBAIAAjAHAwUD
KgYLADANBgkqhkiG9w0BAQsFAAOCAQEAIevCIJLdvVoH4tFI7z0ZRuU7nF18COJh
HUJ39jel5/al+mTRrDJ57f9ZpY1DR6XNjpViEK6mgtx80INMARgkUe1bmxT11nTB
KKjyi+1ZEK17tgqYF8uZ+Qw1mbKbncGdrZr8bGtglni79i4FUcJ7//5i26KjN6L/
BHNnYVPdqfuj3j6rqousj5RvpdzvxVCVI/YC121UjykqW72ZvCsaf5Rqzg+G99q0
sGs0XwOzeZDbeaicQ5/1dUh+KblshzHLwkUgftJilBLBqnC5aL+l3msYywbqk0f/
Rzk121VRrcMr+8c43yjzEd5JKkGQa5WYucHVP2oBqzu65bHJGdEbAQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:59 2025 by rpki-client