Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3MATPjTg1Rqbkbryz2fEPO2Zrq8.roa
File: 3MATPjTg1Rqbkbryz2fEPO2Zrq8.roa (raw, json)
Hash identifier: gCj4Rm/HsQWpl9Wb0HClsxAKHPFXkT+VFGF0L9EhkwA=
Subject key identifier: DC:C0:13:3E:34:E0:D5:1A:9B:91:BA:F2:CF:67:C4:3C:ED:99:AE:AF
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0186BDF7849F694C433C5E6374AA0985E16A
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3MATPjTg1Rqbkbryz2fEPO2Zrq8.roa
Signing time: Tue 07 Mar 2023 21:26:00 +0000
ROA not before: Tue 07 Mar 2023 21:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204748
IP address blocks: 195.55.62.0/24 maxlen: 24
195.55.62.0/23 maxlen: 23
195.55.63.0/24 maxlen: 24
195.77.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bd:f7:84:9f:69:4c:43:3c:5e:63:74:aa:09:85:e1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 7 21:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcc0133e34e0d51a9b91baf2cf67c43ced99aeaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:51:b5:4c:18:d3:ea:d0:4e:b0:c2:f8:8f:
e6:56:8f:11:a6:97:d5:8c:c4:7c:ed:86:f5:9e:f2:
60:86:e7:f2:d7:b8:a7:db:d5:eb:16:e9:0c:40:fc:
8f:3f:e3:7d:d4:16:8f:d7:43:b6:43:b5:10:2e:ec:
a7:c2:d4:9f:6b:12:8c:b8:b9:2f:ca:a6:b7:b7:f3:
3d:40:8e:31:08:52:1b:5d:56:bb:e7:b6:5e:55:6b:
8d:72:7b:8a:93:b0:3c:d1:1b:32:d7:d9:c0:1d:cd:
61:e9:05:45:f6:06:b1:99:d4:62:51:6a:1d:49:1e:
68:dc:b6:ae:6c:03:4e:6c:21:d2:61:89:e8:f7:af:
3f:a5:44:c7:d5:30:af:95:ff:e2:0c:26:d4:c4:d0:
6e:90:55:87:64:a8:7e:b0:d2:36:b0:9a:d8:07:b5:
2d:03:47:4d:2d:86:65:50:ab:7d:84:6b:8d:07:70:
fe:39:89:58:e5:b5:1e:71:5c:7a:9f:e7:72:ba:a0:
ab:86:d9:0d:d7:6f:1f:98:26:07:cf:88:d0:1a:6a:
9d:d5:c4:e3:80:d1:06:71:16:91:9d:f7:1e:1a:28:
cd:ef:5b:0c:90:b9:26:f1:d7:04:4c:9d:96:95:4e:
f3:24:62:10:ab:63:9c:a0:f5:c2:2f:f7:e7:8b:05:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C0:13:3E:34:E0:D5:1A:9B:91:BA:F2:CF:67:C4:3C:ED:99:AE:AF
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3MATPjTg1Rqbkbryz2fEPO2Zrq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.55.62.0/23
195.77.160.0/23
Signature Algorithm: sha256WithRSAEncryption
39:a5:d5:bb:b2:11:89:c8:03:d5:a5:dd:3d:9b:57:0f:09:ae:
da:6e:4b:62:e8:7e:54:f4:23:0e:bf:a5:2c:b6:f1:6f:a6:bb:
1f:72:e8:67:23:60:67:9e:34:38:25:4d:9b:de:60:ab:a1:85:
53:24:07:7a:6d:86:57:cd:31:b8:23:69:01:a9:f9:98:5b:09:
b0:54:be:0e:dc:54:fd:1c:5e:da:19:6d:9e:1b:ce:82:9a:bc:
3c:03:db:aa:2a:3c:30:78:9f:38:c0:7d:30:39:f3:7f:12:73:
ca:1d:b0:ea:40:2c:03:4b:98:5b:a4:3a:f8:05:17:30:ab:34:
6c:8e:cb:ae:9a:73:9d:81:95:89:6e:2f:25:75:01:76:61:cb:
13:85:df:0e:1e:c8:d4:52:11:33:01:b4:12:75:8f:fd:c6:89:
f1:2b:64:49:9c:a1:e3:9e:18:4c:eb:16:0f:88:5a:fa:19:c9:
8c:7b:d6:91:ed:ff:5b:8e:49:12:6d:f5:dd:44:a4:c8:ad:ce:
66:e0:6b:43:41:9b:d0:8f:64:37:99:dd:99:e6:e7:10:73:b0:
7f:f6:56:f4:56:6b:9b:40:a6:4a:eb:ea:8d:8a:f7:bf:2a:8b:
44:70:2d:8e:a3:21:51:c8:1e:d7:90:be:33:f8:be:ef:ea:06:
92:83:6c:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa994SfaUxDPF5jdKoJheFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzA3MjEyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2MwMTMzZTM0ZTBkNTFhOWI5MWJhZjJjZjY3YzQzY2VkOTlhZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztlRtUwY0+rQTrDC+I/mVo8RppfV
jMR87Yb1nvJghufy17in29XrFukMQPyPP+N91BaP10O2Q7UQLuynwtSfaxKMuLkv
yqa3t/M9QI4xCFIbXVa757ZeVWuNcnuKk7A80Rsy19nAHc1h6QVF9gaxmdRiUWod
SR5o3LaubANObCHSYYno968/pUTH1TCvlf/iDCbUxNBukFWHZKh+sNI2sJrYB7Ut
A0dNLYZlUKt9hGuNB3D+OYlY5bUecVx6n+dyuqCrhtkN128fmCYHz4jQGmqd1cTj
gNEGcRaRnfceGijN71sMkLkm8dcETJ2WlU7zJGIQq2OcoPXCL/fniwVMcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNzAEz404NUam5G68s9nxDztma6vMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvM01BVFBqVGcxUnFia2JyeXoyZkVQTzJacnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwzc+AwQB
w02gMA0GCSqGSIb3DQEBCwUAA4IBAQA5pdW7shGJyAPVpd09m1cPCa7abkti6H5U
9CMOv6UstvFvprsfcuhnI2BnnjQ4JU2b3mCroYVTJAd6bYZXzTG4I2kBqfmYWwmw
VL4O3FT9HF7aGW2eG86Cmrw8A9uqKjwweJ84wH0wOfN/EnPKHbDqQCwDS5hbpDr4
BRcwqzRsjsuumnOdgZWJbi8ldQF2YcsThd8OHsjUUhEzAbQSdY/9xonxK2RJnKHj
nhhM6xYPiFr6GcmMe9aR7f9bjkkSbfXdRKTIrc5m4GtDQZvQj2Q3md2Z5ucQc7B/
9lb0VmubQKZK6+qNive/KotEcC2OoyFRyB7XkL4z+L7v6gaSg2xf
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:05 2025 by rpki-client