Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/SLptPqwA5TOdtkky6w91ds7f0BI.roa
File: SLptPqwA5TOdtkky6w91ds7f0BI.roa (raw, json)
Hash identifier: 4ijjwsJ6A2gCu80Q0gjOV1WPyFJBjdC+DmjoELXMS40=
Subject key identifier: 48:BA:6D:3E:AC:00:E5:33:9D:B6:49:32:EB:0F:75:76:CE:DF:D0:12
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0185715E96C4D39170E88033486AB883666B
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/SLptPqwA5TOdtkky6w91ds7f0BI.roa
Signing time: Mon 02 Jan 2023 07:25:02 +0000
ROA not before: Mon 02 Jan 2023 07:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43870
IP address blocks: 80.245.80.0/20 maxlen: 20
149.3.184.0/21 maxlen: 21
79.140.160.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:96:c4:d3:91:70:e8:80:33:48:6a:b8:83:66:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 07:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48ba6d3eac00e5339db64932eb0f7576cedfd012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:e6:55:98:38:ac:29:bc:a6:f3:b3:85:08:
39:da:6b:21:72:e0:fc:3e:56:dd:4b:bf:40:76:cb:
7d:4e:10:8a:5c:5f:db:8e:a7:16:5b:b0:50:61:5a:
51:56:9d:d0:fc:74:bc:c6:e1:29:30:eb:52:3f:d9:
97:42:cd:38:1c:ed:ae:d7:77:e7:c4:6e:a5:b2:2c:
97:45:10:93:45:a7:c0:38:f3:4a:9d:79:6d:2c:79:
23:d4:83:76:bd:9d:3a:f0:8b:d5:02:73:b4:ff:67:
70:f5:4d:6e:9c:fb:07:ff:cc:87:ab:51:75:79:e3:
c3:e1:1d:44:f6:06:7c:1b:67:99:fc:cc:c0:12:b6:
cd:66:6b:80:0d:1d:d0:79:1a:77:3a:fb:4f:2b:9a:
b4:d0:2c:4c:4d:39:ce:e3:0b:f8:da:e2:aa:e1:69:
8e:55:5c:33:ea:36:cd:f4:e6:2b:7f:46:99:5d:dd:
aa:09:97:dc:67:04:ee:09:22:22:e7:23:e0:98:90:
ab:6a:3b:f2:ed:2d:99:a5:3e:51:7b:41:3c:8a:27:
76:bd:fe:74:d3:7f:03:62:3c:f4:88:6e:e6:34:f6:
b1:c6:b5:6a:17:49:50:ee:7d:3d:2c:c9:5b:95:3b:
aa:ab:67:36:23:84:51:5e:a5:c5:ff:1b:26:c7:11:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BA:6D:3E:AC:00:E5:33:9D:B6:49:32:EB:0F:75:76:CE:DF:D0:12
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/SLptPqwA5TOdtkky6w91ds7f0BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.160.0/20
80.245.80.0/20
149.3.184.0/21
Signature Algorithm: sha256WithRSAEncryption
10:3c:4d:d9:56:2c:09:e7:4b:53:cb:9a:ef:be:43:40:a1:c9:
35:2a:a4:1c:41:c9:03:76:3b:a0:c3:37:5a:ca:6e:17:c3:24:
8e:95:f5:47:0e:a5:39:ba:cb:ac:bf:c7:91:5b:71:2d:b6:3a:
6d:72:a6:77:25:3c:1b:fb:0e:dc:31:83:70:2e:65:06:02:d3:
4b:f2:d4:7f:bd:e8:e2:2f:c9:c7:71:05:96:af:d5:c7:4d:46:
d9:98:2b:c9:93:45:e8:63:7d:1a:7e:8c:b5:5c:44:83:18:89:
0e:35:1c:83:7d:22:23:57:69:55:38:c6:4b:62:e8:35:a5:24:
78:84:84:24:b1:90:2e:ec:59:06:57:69:10:2b:16:5c:9d:cf:
32:1f:aa:28:f2:2f:46:b9:7d:1d:d2:40:b1:99:a0:c9:e8:b3:
14:c5:d8:98:4b:37:eb:1f:dc:d3:08:6a:85:55:73:e8:cf:86:
90:81:a9:62:f1:60:0a:27:bc:ef:8b:f0:77:91:5b:70:46:13:
48:d8:44:c6:89:e8:11:61:6b:cc:c4:25:ff:09:73:4a:eb:d9:
0c:ba:6f:74:c6:29:46:b2:67:29:55:ed:37:ca:13:26:9e:12:
41:2d:80:f4:64:b0:77:cb:9a:a2:20:be:30:6e:9d:6f:0e:61:
66:e8:9b:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxXpbE05Fw6IAzSGq4g2ZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwMTAyMDcyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGJhNmQzZWFjMDBlNTMzOWRiNjQ5MzJlYjBmNzU3NmNlZGZkMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifnmVZg4rCm8pvOzhQg52mshcuD8
PlbdS79Adst9ThCKXF/bjqcWW7BQYVpRVp3Q/HS8xuEpMOtSP9mXQs04HO2u13fn
xG6lsiyXRRCTRafAOPNKnXltLHkj1IN2vZ068IvVAnO0/2dw9U1unPsH/8yHq1F1
eePD4R1E9gZ8G2eZ/MzAErbNZmuADR3QeRp3OvtPK5q00CxMTTnO4wv42uKq4WmO
VVwz6jbN9OYrf0aZXd2qCZfcZwTuCSIi5yPgmJCrajvy7S2ZpT5Re0E8iid2vf50
038DYjz0iG7mNPaxxrVqF0lQ7n09LMlblTuqq2c2I4RRXqXF/xsmxxEfJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEi6bT6sAOUznbZJMusPdXbO39ASMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvU0xwdFBxd0E1VE9kdGtreTZ3OTFkczdmMEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQET4ygAwQE
UPVQAwQDlQO4MA0GCSqGSIb3DQEBCwUAA4IBAQAQPE3ZViwJ50tTy5rvvkNAock1
KqQcQckDdjugwzdaym4XwySOlfVHDqU5ususv8eRW3EttjptcqZ3JTwb+w7cMYNw
LmUGAtNL8tR/vejiL8nHcQWWr9XHTUbZmCvJk0XoY30afoy1XESDGIkONRyDfSIj
V2lVOMZLYug1pSR4hIQksZAu7FkGV2kQKxZcnc8yH6oo8i9GuX0d0kCxmaDJ6LMU
xdiYSzfrH9zTCGqFVXPoz4aQgali8WAKJ7zvi/B3kVtwRhNI2ETGiegRYWvMxCX/
CXNK69kMum90xilGsmcpVe03yhMmnhJBLYD0ZLB3y5qiIL4wbp1vDmFm6Jun
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:24 2025 by rpki-client