Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/3Ut1Q7WkmEjDim-oYJLRM9C_6cQ.roa
File: 3Ut1Q7WkmEjDim-oYJLRM9C_6cQ.roa (raw, json)
Hash identifier: sRWjXgpX5Ec3lxDXLFvdvZwS2oE1qFgDz0AaNhxRIMM=
Subject key identifier: DD:4B:75:43:B5:A4:98:48:C3:8A:6F:A8:60:92:D1:33:D0:BF:E9:C4
Certificate issuer: /CN=78878edda6ae4a0147db70b66105cfd17f2066a3
Certificate serial: 01856E01DAD3258F04510A43A4B367C2C06F
Authority key identifier: 78:87:8E:DD:A6:AE:4A:01:47:DB:70:B6:61:05:CF:D1:7F:20:66:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIeO3aauSgFH23C2YQXP0X8gZqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/3Ut1Q7WkmEjDim-oYJLRM9C_6cQ.roa
Signing time: Sun 01 Jan 2023 15:44:53 +0000
ROA not before: Sun 01 Jan 2023 15:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 149.205.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:da:d3:25:8f:04:51:0a:43:a4:b3:67:c2:c0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78878edda6ae4a0147db70b66105cfd17f2066a3
Validity
Not Before: Jan 1 15:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd4b7543b5a49848c38a6fa86092d133d0bfe9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d7:6c:86:2d:74:a0:0a:fe:dc:88:01:ec:8e:
82:f3:3a:33:1c:a6:8f:18:ef:00:27:a5:88:4d:fd:
da:2e:f3:e5:24:f4:6a:3a:62:fb:2a:e9:1f:80:de:
61:9e:4f:a7:98:37:5f:29:c5:ce:84:52:b1:68:61:
e4:02:dd:10:08:72:22:e7:17:d1:0d:5f:a3:24:3a:
ae:f0:c9:09:f5:8c:e7:f7:1f:52:44:a6:62:8d:83:
00:42:4f:cc:9c:74:67:04:bf:f4:33:d2:87:da:30:
e6:56:6d:e6:00:9b:ec:62:6d:2e:e3:63:61:01:df:
fb:b0:ef:e5:5c:d7:c3:53:29:ec:56:61:c7:85:93:
5b:33:c1:70:69:74:b4:f5:59:b4:1f:11:f1:05:a5:
c4:e7:f1:af:64:53:a2:1f:13:8a:a8:3b:62:de:3a:
7e:90:55:e3:e1:5c:f1:bf:53:3f:47:b4:f4:00:b9:
8e:41:dd:46:cb:59:f7:56:f5:de:60:f7:08:a2:5d:
46:fd:a0:8e:3f:c5:d7:58:c8:5f:9a:b5:d8:06:63:
68:d3:f4:1b:ae:0b:57:10:19:2c:59:ff:32:11:20:
c3:82:0f:3f:fa:e1:54:16:d4:70:38:cf:58:d6:5f:
d9:f1:9b:bc:da:04:3c:b3:39:aa:85:0b:6f:2e:6c:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4B:75:43:B5:A4:98:48:C3:8A:6F:A8:60:92:D1:33:D0:BF:E9:C4
X509v3 Authority Key Identifier:
keyid:78:87:8E:DD:A6:AE:4A:01:47:DB:70:B6:61:05:CF:D1:7F:20:66:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIeO3aauSgFH23C2YQXP0X8gZqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/3Ut1Q7WkmEjDim-oYJLRM9C_6cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f87422-3c8e-4b51-bab8-2e3ed5a17098/1/eIeO3aauSgFH23C2YQXP0X8gZqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.205.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:37:d3:b0:4d:c4:7e:3c:b7:8c:f4:d7:e4:2c:5d:53:2b:02:
97:f5:00:04:ba:9f:03:93:b4:bd:9b:63:31:4b:c1:49:7e:2f:
e4:61:a3:e7:aa:bc:b0:da:78:65:50:50:f1:93:5a:10:a1:93:
20:17:f8:7f:b7:a4:85:9f:c9:38:49:12:c5:46:3c:bd:f0:e1:
8e:01:c3:61:93:75:e8:d2:b3:62:2a:f2:fc:39:59:97:40:bb:
3c:2c:60:58:89:bb:21:dc:c4:7a:5e:13:ab:0d:ee:07:c6:28:
e3:a6:7d:8e:be:eb:a3:50:05:bb:cd:84:ec:1d:46:3e:75:f0:
91:f4:71:f6:c2:ad:3c:6e:0a:29:10:29:cd:e3:05:26:e4:93:
7d:34:93:20:50:ee:1d:a7:9c:80:62:5f:65:7d:da:cd:d3:fa:
4a:f6:05:55:ce:b1:96:0d:43:b1:5a:3e:67:46:0d:21:c1:fd:
e4:66:b9:7f:5c:0d:f9:92:e0:d7:49:bb:6b:2f:88:77:ea:7e:
4c:fa:6f:5a:20:13:8f:ac:9b:30:19:02:2d:e4:7c:e4:3a:0f:
47:1a:52:10:e4:a3:1b:3d:2f:b7:4e:2e:f7:4c:86:ed:74:de:
20:1b:1e:d8:30:f0:de:a3:b9:90:ee:d3:f1:65:17:98:a7:7f:
d0:21:7e:12
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVuAdrTJY8EUQpDpLNnwsBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ODc4ZWRkYTZhZTRhMDE0N2RiNzBiNjYxMDVjZmQxN2Yy
MDY2YTMwHhcNMjMwMTAxMTU0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRiNzU0M2I1YTQ5ODQ4YzM4YTZmYTg2MDkyZDEzM2QwYmZlOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjddshi10oAr+3IgB7I6C8zozHKaP
GO8AJ6WITf3aLvPlJPRqOmL7KukfgN5hnk+nmDdfKcXOhFKxaGHkAt0QCHIi5xfR
DV+jJDqu8MkJ9Yzn9x9SRKZijYMAQk/MnHRnBL/0M9KH2jDmVm3mAJvsYm0u42Nh
Ad/7sO/lXNfDUynsVmHHhZNbM8FwaXS09Vm0HxHxBaXE5/GvZFOiHxOKqDti3jp+
kFXj4Vzxv1M/R7T0ALmOQd1Gy1n3VvXeYPcIol1G/aCOP8XXWMhfmrXYBmNo0/Qb
rgtXEBksWf8yESDDgg8/+uFUFtRwOM9Y1l/Z8Zu82gQ8szmqhQtvLmz7pwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFN1LdUO1pJhIw4pvqGCS0TPQv+nEMB8GA1UdIwQY
MBaAFHiHjt2mrkoBR9twtmEFz9F/IGajMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUllTzNhYXVTZ0ZIMjNDMllRWFAwWDhnWnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mODc0MjItM2M4ZS00YjUxLWJhYjgt
MmUzZWQ1YTE3MDk4LzEvM1V0MVE3V2ttRWpEaW0tb1lKTFJNOUNfNmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mODc0MjItM2M4ZS00YjUxLWJhYjgtMmUzZWQ1YTE3MDk4
LzEvZUllTzNhYXVTZ0ZIMjNDMllRWFAwWDhnWnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlc0wDQYJ
KoZIhvcNAQELBQADggEBADs307BNxH48t4z01+QsXVMrApf1AAS6nwOTtL2bYzFL
wUl+L+Rho+eqvLDaeGVQUPGTWhChkyAX+H+3pIWfyThJEsVGPL3w4Y4Bw2GTdejS
s2Iq8vw5WZdAuzwsYFiJuyHcxHpeE6sN7gfGKOOmfY6+66NQBbvNhOwdRj518JH0
cfbCrTxuCikQKc3jBSbkk300kyBQ7h2nnIBiX2V92s3T+kr2BVXOsZYNQ7FaPmdG
DSHB/eRmuX9cDfmS4NdJu2sviHfqfkz6b1ogE4+smzAZAi3kfOQ6D0caUhDkoxs9
L7dOLvdMhu103iAbHtgw8N6juZDu0/FlF5inf9AhfhI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:53 2025 by rpki-client