Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/m3YaBKmB1U6xNX-_qoWX25WAkdo.roa
File: m3YaBKmB1U6xNX-_qoWX25WAkdo.roa (raw, json)
Hash identifier: f3nIzICGpYirlhHocChsjfQbir6TeIadRdajCYFZB/I=
Subject key identifier: 9B:76:1A:04:A9:81:D5:4E:B1:35:7F:BF:AA:85:97:DB:95:80:91:DA
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0184436F7AD2E4AB9AFF037F5E85526339E7
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/m3YaBKmB1U6xNX-_qoWX25WAkdo.roa
Signing time: Fri 04 Nov 2022 16:18:10 +0000
ROA not before: Fri 04 Nov 2022 16:18:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.116.0/22 maxlen: 24
185.58.120.0/22 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
217.198.140.0/24 maxlen: 24
46.37.0.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/20 maxlen: 24
89.36.208.0/22 maxlen: 24
5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
217.61.0.0/18 maxlen: 24
89.46.64.0/20 maxlen: 24
94.177.160.0/19 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
194.182.110.0/23 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:6f:7a:d2:e4:ab:9a:ff:03:7f:5e:85:52:63:39:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Nov 4 16:18:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b761a04a981d54eb1357fbfaa8597db958091da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9b:e0:fa:e0:34:a5:3f:72:87:96:11:22:1c:
16:bf:ad:7b:7b:8d:ba:75:95:67:ec:1c:70:59:d3:
ab:0f:d4:ce:f6:89:be:b8:75:96:9d:97:01:f5:01:
ac:6f:12:85:52:a4:7d:80:a1:b3:a3:80:b1:a1:1e:
61:96:ba:06:35:a0:de:0d:1f:23:8a:c3:dc:b5:07:
be:eb:b6:c6:d3:37:06:e1:06:9f:68:80:dc:ac:50:
6e:69:d5:a4:e7:b8:99:c3:7d:9c:71:72:4f:f4:1e:
bc:ab:92:0e:b4:d8:26:fd:16:6d:3a:95:e5:fa:be:
1a:b1:fd:f6:d8:98:94:81:dc:f7:bc:d9:bf:cf:a1:
55:fb:65:3e:42:ee:fa:f6:eb:cb:39:da:d7:e3:2a:
a2:76:ee:c2:db:20:e8:a1:3e:ee:01:09:ca:1a:f7:
62:dc:9e:84:c2:d6:ca:98:54:f4:63:0a:52:28:9e:
2a:aa:12:64:48:bd:7e:da:21:c3:d8:ec:5a:21:80:
7f:8a:27:b9:00:5e:16:78:27:86:1c:28:1b:37:d5:
34:0d:1d:10:a1:d4:21:7c:cc:07:79:ad:3c:72:7c:
d7:8e:78:34:96:72:f6:6e:b1:78:65:27:96:5b:96:
0b:b1:97:9b:42:b6:83:54:6a:c8:f9:27:12:e6:8f:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:76:1A:04:A9:81:D5:4E:B1:35:7F:BF:AA:85:97:DB:95:80:91:DA
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/m3YaBKmB1U6xNX-_qoWX25WAkdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/20
80.211.0.0/16
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/20
185.56.8.0/22
185.58.116.0-185.58.123.255
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
217.61.0.0/18
217.198.140.0/24
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
18:f5:9e:8c:91:5e:7c:60:07:5f:9c:24:8d:2b:83:98:62:21:
a0:c6:c0:7e:fd:4d:6d:f3:61:d9:6b:51:10:d4:8c:1b:78:48:
19:5f:f5:73:9a:3e:c4:d6:44:68:4c:a6:c7:26:be:62:d2:72:
9d:62:b0:89:c0:b4:3f:5d:56:dc:dd:6e:0d:15:8b:36:40:2e:
13:ec:1e:61:2d:c4:e6:a4:37:64:b9:69:65:76:49:d6:d6:04:
77:8c:a5:df:64:58:c8:61:2d:37:07:c7:94:31:84:85:0b:29:
ea:6d:54:db:cf:ec:47:f1:40:3c:c3:ae:c0:48:c5:15:85:b2:
12:e0:4c:1a:5c:ff:98:f4:c8:c0:f1:96:54:f4:a4:c2:16:43:
6e:f6:6b:7c:43:c4:d5:0a:3f:0e:44:f8:39:7c:4a:9c:38:a4:
18:88:2b:b0:97:3f:02:57:ac:cb:5c:cf:8a:28:34:6c:e8:13:
25:97:38:07:83:25:a2:07:e7:92:f4:a2:7b:35:d7:05:61:83:
2d:fe:db:3f:21:1a:79:bb:30:27:82:5f:50:4d:09:87:d1:ec:
74:b9:58:44:be:5c:de:13:31:58:20:80:bd:39:9a:41:ea:36:
c8:c0:7f:88:85:95:55:db:c7:ca:b3:7f:5e:2c:41:8f:f3:e5:
7e:bc:86:80
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYRDb3rS5Kua/wN/XoVSYznnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjIxMTA0MTYxODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc2MWEwNGE5ODFkNTRlYjEzNTdmYmZhYTg1OTdkYjk1ODA5MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpvg+uA0pT9yh5YRIhwWv617e426
dZVn7BxwWdOrD9TO9om+uHWWnZcB9QGsbxKFUqR9gKGzo4CxoR5hlroGNaDeDR8j
isPctQe+67bG0zcG4QafaIDcrFBuadWk57iZw32ccXJP9B68q5IOtNgm/RZtOpXl
+r4asf322JiUgdz3vNm/z6FV+2U+Qu769uvLOdrX4yqidu7C2yDooT7uAQnKGvdi
3J6EwtbKmFT0YwpSKJ4qqhJkSL1+2iHD2OxaIYB/iie5AF4WeCeGHCgbN9U0DR0Q
odQhfMwHea08cnzXjng0lnL2brF4ZSeWW5YLsZebQraDVGrI+ScS5o+drwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFJt2GgSpgdVOsTV/v6qFl9uVgJHaMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvbTNZYUJLbUIxVTZ4TlgtX3FvV1gyNVdBa2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBARQSeADAwBQ0wMEAlkk
0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBASwa5ADBAK5
OAgwDAMEArk6dAMEArk6eAMEBLzVoAMEAcK2bgMEB8PnAAMEBtk9AAMEANnGjDAN
BAIAAjAHAwUDKgBtQDANBgkqhkiG9w0BAQsFAAOCAQEAGPWejJFefGAHX5wkjSuD
mGIhoMbAfv1NbfNh2WtRENSMG3hIGV/1c5o+xNZEaEymxya+YtJynWKwicC0P11W
3N1uDRWLNkAuE+weYS3E5qQ3ZLlpZXZJ1tYEd4yl32RYyGEtNwfHlDGEhQsp6m1U
28/sR/FAPMOuwEjFFYWyEuBMGlz/mPTIwPGWVPSkwhZDbvZrfEPE1Qo/DkT4OXxK
nDikGIgrsJc/Alesy1zPiig0bOgTJZc4B4MlogfnkvSiezXXBWGDLf7bPyEaebsw
J4JfUE0Jh9HsdLlYRL5c3hMxWCCAvTmaQeo2yMB/iIWVVdvHyrN/XixBj/PlfryG
gA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:01 2025 by rpki-client