Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/3wsHBYYQWnGZEO-MVNaplIKz4jU.roa
File: 3wsHBYYQWnGZEO-MVNaplIKz4jU.roa (raw, json)
Hash identifier: +L6Lk3dH4KhqgdJpz99ki8MTLlRvwCcbQrmlphG1Jqs=
Subject key identifier: DF:0B:07:05:86:10:5A:71:99:10:EF:8C:54:D6:A9:94:82:B3:E2:35
Certificate issuer: /CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab
Certificate serial: 0D045BB5
Authority key identifier: 83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/3wsHBYYQWnGZEO-MVNaplIKz4jU.roa
Signing time: Sat 01 Jan 2022 09:02:57 +0000
ROA not before: Sat 01 Jan 2022 09:02:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 93.191.200.0/21 maxlen: 24
46.254.248.0/21 maxlen: 24
185.48.60.0/22 maxlen: 24
83.137.248.0/21 maxlen: 24
5.42.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218389429 (0xd045bb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab
Validity
Not Before: Jan 1 09:02:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df0b070586105a719910ef8c54d6a99482b3e235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:78:b4:f3:46:0e:d7:90:2b:0e:59:96:36:0c:
d9:3b:da:76:2e:6d:00:3c:fa:86:2f:09:98:59:8f:
79:b0:70:73:a2:23:35:98:b4:40:34:53:00:75:2d:
20:16:0c:78:30:0c:7d:3c:7b:e4:10:5b:fb:90:c6:
84:77:88:07:d6:16:1d:58:58:3f:65:8e:6d:6a:44:
7c:12:49:e4:9a:cd:68:d9:ad:f8:12:ae:69:12:b8:
a3:cf:d6:67:a8:0a:17:d0:0c:6c:e3:bd:11:88:b8:
f4:cc:0f:f8:38:e5:cd:be:e3:a2:2f:f5:70:9b:12:
56:79:65:b7:fb:26:cc:5f:c4:17:45:00:39:b8:27:
db:76:89:d9:a8:c2:8a:92:c4:5b:85:12:b2:3d:bd:
d7:4b:a7:41:c3:a0:56:ef:0a:76:81:14:eb:35:da:
2c:bd:f0:fa:01:aa:e1:db:1b:64:76:02:17:7c:6b:
47:94:5b:2b:ab:95:db:bb:9f:d4:c6:9b:c0:3e:5a:
e6:2b:f5:c1:ef:cc:56:31:35:84:5f:82:5c:4d:ce:
d5:99:b4:75:cd:5c:ca:d4:5b:e8:c8:05:b5:b7:dd:
fa:0a:6d:0a:27:e5:20:d2:9d:3c:36:ba:37:02:78:
b5:ae:b9:48:fc:d9:6e:11:95:dc:cb:40:db:6a:72:
0c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0B:07:05:86:10:5A:71:99:10:EF:8C:54:D6:A9:94:82:B3:E2:35
X509v3 Authority Key Identifier:
keyid:83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/3wsHBYYQWnGZEO-MVNaplIKz4jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.128.0/21
46.254.248.0/21
83.137.248.0/21
93.191.200.0/21
185.48.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:55:f3:86:5f:18:db:77:d6:a4:87:4e:6c:64:f0:dc:1f:d1:
17:53:15:dd:42:f9:a1:0d:79:92:a2:1c:28:3d:06:f8:fc:5a:
ca:46:d6:0f:40:10:9a:80:d1:09:c7:07:84:35:c8:cf:e4:9d:
0e:18:6e:88:11:3e:0c:e1:a5:55:22:0c:7e:a0:e3:83:ea:0c:
ae:bf:40:03:68:52:e8:dc:92:5c:72:df:05:d8:41:24:c8:c1:
d6:b2:42:ee:73:cc:8f:7b:e4:e9:17:d8:4b:81:9b:a3:09:69:
8a:29:d4:d8:fd:74:55:c6:f7:04:59:44:59:51:cb:80:dc:00:
90:ef:e7:df:b1:4b:5c:c7:73:e8:a0:d2:4c:9e:fd:cf:bd:1d:
b9:0f:ae:85:95:ba:1f:af:aa:51:8f:cc:c7:04:d7:7b:c2:73:
24:30:7d:bc:11:c3:2d:f9:a7:35:13:d8:91:17:36:ec:c4:29:
90:00:b0:13:ec:85:cf:60:0a:e4:a7:ca:7c:87:6e:61:8d:b8:
3b:f8:d8:d8:73:c3:1c:c1:e9:6c:f9:9a:8a:ac:b5:7a:f5:19:
6f:0b:59:55:7d:e1:00:ba:60:24:d0:7d:51:9d:2a:1f:c4:7a:
63:e8:2d:83:59:d5:d1:21:24:a4:3f:25:e7:2b:04:8b:f7:5a:
98:bf:ad:c0
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDQRbtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzI0YzVkZjE5Nzg5ZDUyNTkxMDRlMGFlMGRjZDQ2NzJhOGUyYmFiMB4XDTIyMDEw
MTA5MDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGYwYjA3MDU4NjEw
NWE3MTk5MTBlZjhjNTRkNmE5OTQ4MmIzZTIzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOl4tPNGDteQKw5ZljYM2Tvadi5tADz6hi8JmFmPebBwc6Ij
NZi0QDRTAHUtIBYMeDAMfTx75BBb+5DGhHeIB9YWHVhYP2WObWpEfBJJ5JrNaNmt
+BKuaRK4o8/WZ6gKF9AMbOO9EYi49MwP+Djlzb7joi/1cJsSVnllt/smzF/EF0UA
Obgn23aJ2ajCipLEW4USsj2910unQcOgVu8KdoEU6zXaLL3w+gGq4dsbZHYCF3xr
R5RbK6uV27uf1MabwD5a5iv1we/MVjE1hF+CXE3O1Zm0dc1cytRb6MgFtbfd+gpt
CiflINKdPDa6NwJ4ta65SPzZbhGV3MtA22pyDNUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTfCwcFhhBacZkQ74xU1qmUgrPiNTAfBgNVHSMEGDAWgBSDJMXfGXidUlkQ
Tgrg3NRnKo4rqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d5VEYzeGw0blZKWkVFNEs0TnpVWnlxT0s2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNGIyZTQ5LWY2NjctNDk0YS1hZmU5LTZkZjNlNGE0ZWViMS8x
LzN3c0hCWVlRV25HWkVPLU1WTmFwbElLejRqVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NGIyZTQ5LWY2NjctNDk0YS1hZmU5LTZkZjNlNGE0ZWViMS8xL2d5VEYzeGw0blZK
WkVFNEs0TnpVWnlxT0s2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAwUqgAMEAy7++AMEA1OJ+AMEA12/
yAMEArkwPDANBgkqhkiG9w0BAQsFAAOCAQEADFXzhl8Y23fWpIdObGTw3B/RF1MV
3UL5oQ15kqIcKD0G+PxaykbWD0AQmoDRCccHhDXIz+SdDhhuiBE+DOGlVSIMfqDj
g+oMrr9AA2hS6NySXHLfBdhBJMjB1rJC7nPMj3vk6RfYS4GbowlpiinU2P10Vcb3
BFlEWVHLgNwAkO/n37FLXMdz6KDSTJ79z70duQ+uhZW6H6+qUY/MxwTXe8JzJDB9
vBHDLfmnNRPYkRc27MQpkACwE+yFz2AK5KfKfIduYY24O/jY2HPDHMHpbPmaiqy1
evUZbwtZVX3hALpgJNB9UZ0qH8R6Y+gtg1nV0SEkpD8l5ysEi/damL+twA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:17 2024 by rpki-client on console-ams.rpki-client.org