Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/3WNWGzW47bIulX1_aLvEKKpQLok.roa
File: 3WNWGzW47bIulX1_aLvEKKpQLok.roa (raw, json)
Hash identifier: rdLxQjyrn8U1tDWwxiR5R9jJF1AGVjTsvuIpvQXb4CQ=
Subject key identifier: DD:63:56:1B:35:B8:ED:B2:2E:95:7D:7F:68:BB:C4:28:AA:50:2E:89
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 018C71ACE7C7F394FD1D42DC010D20D64B88
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/3WNWGzW47bIulX1_aLvEKKpQLok.roa
Signing time: Sat 16 Dec 2023 08:10:06 +0000
ROA not before: Sat 16 Dec 2023 08:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203847
IP address blocks: 185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
185.122.44.0/22 maxlen: 22
45.142.15.0/24 maxlen: 24
2a01:57e0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:ac:e7:c7:f3:94:fd:1d:42:dc:01:0d:20:d6:4b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Dec 16 08:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd63561b35b8edb22e957d7f68bbc428aa502e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:32:6f:27:fd:4f:64:71:17:62:35:92:2c:94:
c8:9c:2b:e8:be:09:bc:a1:77:c0:6f:29:b2:7c:7f:
0f:c9:89:a1:17:52:e7:78:95:68:8f:07:0d:f1:53:
52:21:27:c6:68:2b:89:29:84:6a:e8:0b:76:32:70:
15:60:e0:73:43:d3:39:fc:e1:b4:01:f2:2b:af:36:
8d:b3:91:54:19:88:78:0d:7b:6b:91:f1:db:d3:e4:
81:06:60:32:11:69:9c:79:76:2e:c4:98:a9:d9:27:
5e:0b:53:20:21:18:49:e8:ca:6c:82:28:46:dc:22:
62:99:9b:0c:46:53:7e:bd:22:b2:ca:2c:5f:fd:51:
43:6a:05:94:e6:76:aa:14:cd:8b:16:18:bf:3c:dc:
5f:78:13:c7:68:0d:bb:39:1c:7d:51:44:bc:6c:d1:
36:92:4b:4e:88:23:03:9f:c4:e0:6a:5b:e0:02:1b:
a9:a9:a1:55:45:9b:c8:cd:9d:01:65:4f:f1:0d:2b:
ab:ee:35:c5:12:01:f9:77:49:87:ba:d2:40:cf:4a:
7c:e2:17:37:3d:e3:cf:b9:8c:ec:15:89:04:82:9a:
10:c3:ae:ee:37:90:d7:c1:ec:9a:06:57:52:14:92:
ba:e8:3b:75:b0:47:cd:1a:6f:ba:a8:f6:c8:b5:bc:
d9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:63:56:1B:35:B8:ED:B2:2E:95:7D:7F:68:BB:C4:28:AA:50:2E:89
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/3WNWGzW47bIulX1_aLvEKKpQLok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0::/29
Signature Algorithm: sha256WithRSAEncryption
84:84:23:56:45:c0:b8:91:13:af:6f:2a:79:38:42:37:c0:d5:
0a:e3:25:0a:a5:25:2f:83:56:94:d7:ac:35:27:c9:0c:d7:17:
8c:16:67:27:a0:90:8a:8d:97:87:09:7c:5a:5f:fc:0b:81:b0:
f7:66:9d:16:6b:96:04:08:67:cc:5d:31:03:29:d6:8f:bd:a6:
e1:72:1e:18:59:d8:45:8d:37:4d:07:47:40:35:fd:54:59:f4:
c3:c6:c6:02:2b:8b:42:58:56:5c:71:b8:34:b8:a1:20:47:b3:
a2:84:40:3b:fa:26:53:4f:2e:ac:26:b3:5a:17:66:6f:de:f2:
49:e7:29:88:a6:0d:8c:6c:fa:cf:0d:08:9f:94:02:9a:98:08:
01:11:a5:ce:1a:14:f3:e7:13:d8:4e:4e:8e:4d:15:ef:9d:6c:
c6:56:3a:7c:1d:f6:eb:1c:d2:60:f6:d3:38:aa:df:2d:59:a1:
ae:3f:67:6f:f2:6e:93:ed:30:a7:a6:92:75:3e:54:57:3b:54:
b6:5a:46:af:35:f8:61:d1:8b:cc:05:59:48:50:c0:52:37:29:
7f:b5:97:74:b4:24:33:d9:4d:be:92:15:21:5d:88:f0:dd:75:
e0:8b:3d:f1:5a:7a:9e:f6:b8:5c:b2:5a:c2:79:bf:34:8e:91:
67:08:cb:ba
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYxxrOfH85T9HULcAQ0g1kuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjMxMjE2MDgxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYzNTYxYjM1YjhlZGIyMmU5NTdkN2Y2OGJiYzQyOGFhNTAyZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTJvJ/1PZHEXYjWSLJTInCvovgm8
oXfAbymyfH8PyYmhF1LneJVojwcN8VNSISfGaCuJKYRq6At2MnAVYOBzQ9M5/OG0
AfIrrzaNs5FUGYh4DXtrkfHb0+SBBmAyEWmceXYuxJip2SdeC1MgIRhJ6MpsgihG
3CJimZsMRlN+vSKyyixf/VFDagWU5naqFM2LFhi/PNxfeBPHaA27ORx9UUS8bNE2
kktOiCMDn8TgalvgAhupqaFVRZvIzZ0BZU/xDSur7jXFEgH5d0mHutJAz0p84hc3
PePPuYzsFYkEgpoQw67uN5DXweyaBldSFJK66Dt1sEfNGm+6qPbItbzZPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN1jVhs1uO2yLpV9f2i7xCiqUC6JMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvM1dOV0d6VzQ3Ykl1bFgxX2FMdkVLS3BRTG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALY4PAwQC
uXosAwQBuc40AwQAwaKAMA0EAgACMAcDBQMqAVfgMA0GCSqGSIb3DQEBCwUAA4IB
AQCEhCNWRcC4kROvbyp5OEI3wNUK4yUKpSUvg1aU16w1J8kM1xeMFmcnoJCKjZeH
CXxaX/wLgbD3Zp0Wa5YECGfMXTEDKdaPvabhch4YWdhFjTdNB0dANf1UWfTDxsYC
K4tCWFZccbg0uKEgR7OihEA7+iZTTy6sJrNaF2Zv3vJJ5ymIpg2MbPrPDQiflAKa
mAgBEaXOGhTz5xPYTk6OTRXvnWzGVjp8HfbrHNJg9tM4qt8tWaGuP2dv8m6T7TCn
ppJ1PlRXO1S2WkavNfhh0YvMBVlIUMBSNyl/tZd0tCQz2U2+khUhXYjw3XXgiz3x
Wnqe9rhcslrCeb80jpFnCMu6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:13 2025 by rpki-client