Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/FT3zjRJ9iGJlh0RVNMovE-fLW38.roa
File: FT3zjRJ9iGJlh0RVNMovE-fLW38.roa (raw, json)
Hash identifier: u0lnw6d3+ydk3oZaa0rB+8yHaluG8HcfTlPlXrqhXBk=
Subject key identifier: 15:3D:F3:8D:12:7D:88:62:65:87:44:55:34:CA:2F:13:E7:CB:5B:7F
Certificate issuer: /CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Certificate serial: 018C35131FD44244717B2B8667663F5AFF78
Authority key identifier: EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/FT3zjRJ9iGJlh0RVNMovE-fLW38.roa
Signing time: Mon 04 Dec 2023 13:44:54 +0000
ROA not before: Mon 04 Dec 2023 13:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 139.58.0.0/16 maxlen: 24
148.2.0.0/16 maxlen: 24
147.13.0.0/16 maxlen: 24
136.163.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:13:1f:d4:42:44:71:7b:2b:86:67:66:3f:5a:ff:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Validity
Not Before: Dec 4 13:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=153df38d127d88626587445534ca2f13e7cb5b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8d:cf:b7:2b:6b:bf:50:56:46:08:f0:ec:78:
bf:00:7c:be:a6:8d:e0:c9:5e:b0:ca:87:8f:cf:a2:
5d:8d:ca:d4:85:a0:38:eb:8b:d7:9e:41:a2:92:f8:
d5:cd:88:47:8a:1d:75:78:24:3c:26:a9:da:f3:25:
5a:43:9f:29:09:33:f9:f9:e4:99:92:de:38:9d:e7:
e6:54:8f:dd:1b:34:d5:95:c5:a7:dd:b8:3c:76:f2:
0c:44:8b:43:94:52:d1:d7:59:41:87:f4:26:e8:55:
27:4c:67:0f:e8:13:2e:b5:24:ed:4c:37:14:41:ae:
9f:e1:df:4a:73:ec:47:1f:35:d1:52:98:01:3b:88:
11:b3:4b:64:a1:9d:3f:1b:aa:48:f1:7d:e4:42:16:
9f:31:1d:a0:da:ea:07:de:fd:b1:d5:ef:df:9f:40:
83:f8:ff:1f:4e:0b:b6:6b:a7:b9:73:0a:95:90:3b:
ab:e6:46:a8:d8:8b:91:cf:f2:4a:9e:1e:84:13:ce:
36:f9:ae:db:a4:28:8d:d3:39:7a:84:3d:43:ec:a9:
e2:b0:bb:d4:aa:a8:e1:e2:fc:ae:10:cf:03:56:13:
ef:82:c3:35:e7:2d:82:2f:01:5a:78:26:67:8a:5f:
ba:6d:22:3b:2d:e5:d2:54:0e:7b:04:b8:da:17:2d:
6f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3D:F3:8D:12:7D:88:62:65:87:44:55:34:CA:2F:13:E7:CB:5B:7F
X509v3 Authority Key Identifier:
keyid:EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/FT3zjRJ9iGJlh0RVNMovE-fLW38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.163.0.0/16
139.58.0.0/16
147.13.0.0/16
148.2.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:cc:0c:8a:47:67:c9:e5:bd:f1:af:99:6c:76:ab:ab:b2:29:
b5:61:c9:8e:0f:c1:db:90:b9:2f:e8:1d:cf:c3:86:89:ff:82:
f8:77:7f:5b:cb:29:c4:0a:a1:ed:43:2c:3f:df:66:58:99:72:
a9:85:04:88:0c:92:59:bb:ac:7a:23:5d:6e:bc:25:54:ec:db:
29:8a:4c:f2:a8:b9:ba:53:3e:1a:4a:00:15:08:fd:67:63:58:
8c:d9:d4:f6:37:dc:87:b7:aa:c6:42:d5:92:bd:4d:c2:77:68:
39:66:ae:56:3f:21:98:ad:e3:06:72:7e:f7:02:08:04:6e:f0:
30:0d:72:f0:c0:1a:35:6b:9a:2e:0a:5a:d7:76:fe:07:c5:31:
e8:4c:b9:6d:4f:07:44:3f:34:0b:46:bf:a3:ec:d4:b3:75:9f:
47:4d:e9:cf:d8:e8:1d:c9:05:1b:3d:a2:69:a6:61:f0:e1:58:
98:6f:2f:17:80:fc:f5:64:6b:3f:ee:62:3c:ab:ed:8d:1b:19:
9b:3b:5c:8e:f2:d6:b3:8e:d9:bb:22:38:30:56:fa:ea:42:9e:
1c:76:59:f9:d3:38:55:e3:51:36:74:f8:82:1a:b3:16:6a:96:
b0:08:1f:bc:77:d9:bf:42:5d:f7:4c:3d:ba:2e:67:dd:a9:96:
20:41:ec:2f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYw1Ex/UQkRxeyuGZ2Y/Wv94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNGMzZmMwMTIyZDgzMWZiZWE4YWJiMjBhNGU5YjY1YzU0
MDM5YjIwHhcNMjMxMjA0MTM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTNkZjM4ZDEyN2Q4ODYyNjU4NzQ0NTUzNGNhMmYxM2U3Y2I1YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY3Ptytrv1BWRgjw7Hi/AHy+po3g
yV6wyoePz6JdjcrUhaA464vXnkGikvjVzYhHih11eCQ8Jqna8yVaQ58pCTP5+eSZ
kt44nefmVI/dGzTVlcWn3bg8dvIMRItDlFLR11lBh/Qm6FUnTGcP6BMutSTtTDcU
Qa6f4d9Kc+xHHzXRUpgBO4gRs0tkoZ0/G6pI8X3kQhafMR2g2uoH3v2x1e/fn0CD
+P8fTgu2a6e5cwqVkDur5kao2IuRz/JKnh6EE842+a7bpCiN0zl6hD1D7KnisLvU
qqjh4vyuEM8DVhPvgsM15y2CLwFaeCZnil+6bSI7LeXSVA57BLjaFy1vCwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBU9840SfYhiZYdEVTTKLxPny1t/MB8GA1UdIwQY
MBaAFO5MP8ASLYMfvqirsgpOm2XFQDmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjkt
M2FjN2Q5NjIzMjkxLzEvRlQzempSSjlpR0psaDBSVk5Nb3ZFLWZMVzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjktM2FjN2Q5NjIzMjkx
LzEvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwMAiKMDAwCL
OgMDAJMNAwMAlAIwDQYJKoZIhvcNAQELBQADggEBAAnMDIpHZ8nlvfGvmWx2q6uy
KbVhyY4PwduQuS/oHc/Dhon/gvh3f1vLKcQKoe1DLD/fZliZcqmFBIgMklm7rHoj
XW68JVTs2ymKTPKoubpTPhpKABUI/WdjWIzZ1PY33Ie3qsZC1ZK9TcJ3aDlmrlY/
IZit4wZyfvcCCARu8DANcvDAGjVrmi4KWtd2/gfFMehMuW1PB0Q/NAtGv6Ps1LN1
n0dN6c/Y6B3JBRs9ommmYfDhWJhvLxeA/PVkaz/uYjyr7Y0bGZs7XI7y1rOO2bsi
ODBW+upCnhx2WfnTOFXjUTZ0+IIasxZqlrAIH7x32b9CXfdMPbouZ92pliBB7C8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:40 2025 by rpki-client