Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/3IwCWF43LDo2ZnvOUK-CuXs-ILg.roa
File: 3IwCWF43LDo2ZnvOUK-CuXs-ILg.roa (raw, json)
Hash identifier: Uk5HTsEPAYg6D35eP0MMy+Zqq7P6qeXfLJz1Y7g4+lI=
Subject key identifier: DC:8C:02:58:5E:37:2C:3A:36:66:7B:CE:50:AF:82:B9:7B:3E:20:B8
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 36F8A8D6
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/3IwCWF43LDo2ZnvOUK-CuXs-ILg.roa
Signing time: Sat 01 Jan 2022 01:03:00 +0000
ROA not before: Sat 01 Jan 2022 01:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24990
IP address blocks: 217.69.16.0/20 maxlen: 20
185.3.24.0/22 maxlen: 22
2a03:6c80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 922265814 (0x36f8a8d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 1 01:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc8c02585e372c3a36667bce50af82b97b3e20b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e3:9a:24:8e:a8:07:54:30:b8:6d:ba:64:17:
53:9c:ba:14:ab:a1:a8:ab:7e:e1:6f:18:c5:53:be:
ff:42:f9:5c:09:03:1c:f1:77:e7:cc:ca:17:db:31:
f9:91:ea:a7:34:bb:8a:5a:92:9d:eb:43:49:1d:8c:
50:9a:db:72:97:19:6c:e7:c4:30:ea:3f:dc:94:49:
68:6f:08:a9:72:4a:60:aa:0b:13:e0:13:52:90:16:
68:17:73:e5:c2:72:38:df:c5:20:17:e0:39:a0:03:
60:7d:8c:88:e6:95:e3:79:3d:f1:da:59:b6:75:65:
05:9a:cf:1a:a5:04:97:44:90:2c:29:f6:e2:00:c8:
2b:e7:51:36:9a:00:94:00:54:17:69:d0:be:52:21:
bd:34:3b:e8:78:ec:71:af:88:e6:96:86:46:a3:d7:
76:49:aa:2c:c1:c2:91:38:f3:fc:4e:ed:4d:27:3b:
95:e5:3f:1a:54:f2:bd:82:46:b5:00:37:7d:4b:1e:
33:4d:83:39:f1:83:64:d0:95:e1:83:cf:f3:96:b5:
b1:fa:23:4b:46:97:76:b6:c8:03:15:ae:16:3b:14:
aa:bc:71:52:cf:be:1b:04:75:2e:c9:5d:52:ff:96:
8d:31:fb:f6:76:50:29:77:e4:3e:02:bf:80:3c:88:
74:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8C:02:58:5E:37:2C:3A:36:66:7B:CE:50:AF:82:B9:7B:3E:20:B8
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/3IwCWF43LDo2ZnvOUK-CuXs-ILg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.24.0/22
217.69.16.0/20
IPv6:
2a03:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
29:b9:77:d9:e0:b4:74:6a:f0:c9:4c:18:e5:04:18:fd:46:5c:
97:cc:eb:91:d6:73:79:aa:8c:d8:e2:8e:1e:21:96:d4:5e:07:
aa:9a:c5:17:3b:56:62:dc:42:82:00:68:f2:33:54:d4:5a:53:
b3:c5:8d:6b:b0:ac:97:32:f4:23:d7:78:78:ea:4e:42:1e:fd:
95:a5:93:eb:39:2d:09:98:46:bd:92:de:e4:91:5f:ba:6d:86:
fa:c4:7d:f0:8c:aa:c5:05:84:c4:f4:00:bb:64:94:b5:3c:65:
fa:76:8e:46:81:52:64:eb:e6:42:a2:88:e7:34:26:38:35:fa:
57:da:18:51:91:7b:ac:a5:29:73:f0:35:23:05:01:c7:4d:54:
8d:0d:89:53:c4:63:9a:40:39:90:37:f7:d0:a7:3b:03:24:3e:
6e:ef:89:26:80:bb:a1:9d:00:84:41:7e:d0:0c:45:9e:90:2f:
89:8a:b2:0d:08:cc:aa:fe:fa:41:27:aa:d8:27:1c:52:47:ef:
ca:72:9e:9e:5c:bc:a5:a5:5a:8b:8a:e8:3d:b1:a6:72:6b:43:
0a:8f:24:7e:70:b3:98:65:12:e6:66:72:e4:4b:e9:7e:7e:cb:
93:4e:f7:3a:0a:f9:d7:5a:4a:0c:e9:54:48:bf:59:88:3d:cd:
a9:b5:80:6b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENvio1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzM1MGJhODJmM2ZlYjVhZWUyODkzOGZiZjFiMDljMWUyZmQxOWI0MB4XDTIyMDEw
MTAxMDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM4YzAyNTg1ZTM3
MmMzYTM2NjY3YmNlNTBhZjgyYjk3YjNlMjBiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXjmiSOqAdUMLhtumQXU5y6FKuhqKt+4W8YxVO+/0L5XAkD
HPF358zKF9sx+ZHqpzS7ilqSnetDSR2MUJrbcpcZbOfEMOo/3JRJaG8IqXJKYKoL
E+ATUpAWaBdz5cJyON/FIBfgOaADYH2MiOaV43k98dpZtnVlBZrPGqUEl0SQLCn2
4gDIK+dRNpoAlABUF2nQvlIhvTQ76Hjsca+I5paGRqPXdkmqLMHCkTjz/E7tTSc7
leU/GlTyvYJGtQA3fUseM02DOfGDZNCV4YPP85a1sfojS0aXdrbIAxWuFjsUqrxx
Us++GwR1LsldUv+WjTH79nZQKXfkPgK/gDyIdFMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTcjAJYXjcsOjZme85Qr4K5ez4guDAfBgNVHSMEGDAWgBQ8NQuoLz/rWu4o
k4+/GwnB4v0ZtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BEVUxxQzhfNjFydUtKT1B2eHNKd2VMOUdiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNjRkN2E5LWNhYzMtNDU0OS1hN2FhLTYxYjc5MDJlZTIwNC8x
LzNJd0NXRjQzTERvMlpudk9VSy1DdVhzLUlMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NjRkN2E5LWNhYzMtNDU0OS1hN2FhLTYxYjc5MDJlZTIwNC8xL1BEVUxxQzhfNjFy
dUtKT1B2eHNKd2VMOUdiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkDGAMEBNlFEDANBAIAAjAHAwUA
KgNsgDANBgkqhkiG9w0BAQsFAAOCAQEAKbl32eC0dGrwyUwY5QQY/UZcl8zrkdZz
eaqM2OKOHiGW1F4HqprFFztWYtxCggBo8jNU1FpTs8WNa7CslzL0I9d4eOpOQh79
laWT6zktCZhGvZLe5JFfum2G+sR98IyqxQWExPQAu2SUtTxl+naORoFSZOvmQqKI
5zQmODX6V9oYUZF7rKUpc/A1IwUBx01UjQ2JU8RjmkA5kDf30Kc7AyQ+bu+JJoC7
oZ0AhEF+0AxFnpAviYqyDQjMqv76QSeq2CccUkfvynKenly8paVai4roPbGmcmtD
Co8kfnCzmGUS5mZy5Evpfn7Lk073Ogr511pKDOlUSL9ZiD3NqbWAaw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:29 2025 by rpki-client