Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/3wf8Q5BEYiHvGLzCQvhNDWkR8j0.roa
File: 3wf8Q5BEYiHvGLzCQvhNDWkR8j0.roa (raw, json)
Hash identifier: inJ9HjAfQ2PYx9kwtkoURM9mRGc2+47ygq2dnlA0TB0=
Subject key identifier: DF:07:FC:43:90:44:62:21:EF:18:BC:C2:42:F8:4D:0D:69:11:F2:3D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0183DB1E135CA7EB6B78D25396F6A13EA2F4
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/3wf8Q5BEYiHvGLzCQvhNDWkR8j0.roa
Signing time: Sat 15 Oct 2022 10:08:44 +0000
ROA not before: Sat 15 Oct 2022 10:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 94.241.136.0/21 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
178.253.32.0/23 maxlen: 24
178.253.44.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:db:1e:13:5c:a7:eb:6b:78:d2:53:96:f6:a1:3e:a2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 15 10:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df07fc4390446221ef18bcc242f84d0d6911f23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:62:45:70:8c:23:31:8c:42:79:04:ad:54:37:
d5:de:0e:98:8c:64:43:7a:34:fb:e1:27:3c:f6:78:
26:aa:13:c3:f0:99:35:af:2c:45:b7:46:48:05:be:
4c:50:12:92:58:3b:de:f0:c5:de:f0:dc:68:cd:19:
7d:e6:30:87:45:09:97:30:b5:22:9c:79:21:a6:9f:
2e:1f:f4:03:b7:b8:e8:de:03:1a:a9:02:f8:b8:fe:
f1:35:fc:ca:d1:d9:0f:37:61:de:47:95:30:d6:eb:
ef:49:cb:ca:d0:6f:ec:39:08:a9:24:93:61:c9:00:
b5:34:7a:a6:0a:b1:d7:92:03:0d:91:9b:57:a4:f4:
11:1d:5f:b4:66:c6:cd:3a:d4:b0:85:72:4f:ff:b2:
2f:c5:29:0b:71:14:f3:93:71:6a:16:fb:4b:e1:95:
e9:a5:87:55:0b:32:8e:92:52:57:1f:9f:42:d5:61:
94:97:7b:93:c3:05:23:ac:46:8d:df:50:92:f9:5d:
94:8e:f5:cb:42:b3:0f:fb:eb:79:34:3a:23:dd:30:
b8:0a:8f:d3:a9:08:b6:46:f8:cb:50:ea:64:ce:ef:
43:63:c5:35:16:2a:da:98:5e:ae:00:38:c9:f1:b0:
16:f8:0e:89:0c:26:cd:95:8f:fc:be:a4:59:9b:fb:
ca:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:07:FC:43:90:44:62:21:EF:18:BC:C2:42:F8:4D:0D:69:11:F2:3D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/3wf8Q5BEYiHvGLzCQvhNDWkR8j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.136.0/21
94.241.168.0-94.241.183.255
178.253.31.0-178.253.33.255
178.253.44.0/23
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
81:0c:c0:fc:97:ca:3c:8c:10:fe:bf:e5:84:b0:03:2c:37:90:
4e:6c:84:79:55:ea:35:e8:de:eb:56:7e:f8:16:4d:3b:34:6d:
12:d0:a6:92:7f:42:ba:e6:e1:f4:f4:28:fb:b0:92:2a:48:83:
b0:03:f5:cd:9b:96:f6:b4:5a:f0:c3:f6:34:97:69:ad:d5:5a:
03:fe:0e:3a:e4:57:8c:6e:06:c0:bd:c1:83:29:0e:ab:6a:39:
fb:3a:6b:53:e8:12:c7:eb:3e:0c:cf:77:aa:a8:bc:e8:84:19:
d7:1e:0f:1b:81:9f:89:00:47:c7:d8:78:71:29:99:60:7e:0e:
1a:bc:cb:ea:05:53:6f:f7:7f:52:e6:6c:c1:af:fb:4b:86:a7:
b1:43:55:81:1a:35:85:44:e6:a9:9f:b8:f0:b3:d5:4e:c8:a7:
6c:8c:dc:0f:73:89:0c:34:e0:45:31:15:9d:7a:c1:97:72:9b:
79:3b:ac:45:da:78:c1:82:61:d0:64:8d:4b:f5:15:9f:6d:db:
a0:1b:45:f2:95:46:e8:c5:1f:14:2a:ed:94:8c:be:c4:65:46:
84:c8:0e:1b:4d:cd:c7:48:bf:15:79:88:25:21:25:26:8d:da:
66:e8:9b:c0:68:da:7e:c0:86:8f:f2:9e:3f:ac:ec:b5:e4:96:
f0:82:74:ac
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYPbHhNcp+treNJTlvahPqL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMDE1MTAwODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjA3ZmM0MzkwNDQ2MjIxZWYxOGJjYzI0MmY4NGQwZDY5MTFmMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2JFcIwjMYxCeQStVDfV3g6YjGRD
ejT74Sc89ngmqhPD8Jk1ryxFt0ZIBb5MUBKSWDve8MXe8NxozRl95jCHRQmXMLUi
nHkhpp8uH/QDt7jo3gMaqQL4uP7xNfzK0dkPN2HeR5Uw1uvvScvK0G/sOQipJJNh
yQC1NHqmCrHXkgMNkZtXpPQRHV+0ZsbNOtSwhXJP/7IvxSkLcRTzk3FqFvtL4ZXp
pYdVCzKOklJXH59C1WGUl3uTwwUjrEaN31CS+V2UjvXLQrMP++t5NDoj3TC4Co/T
qQi2RvjLUOpkzu9DY8U1FiramF6uADjJ8bAW+A6JDCbNlY/8vqRZm/vKAQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFN8H/EOQRGIh7xi8wkL4TQ1pEfI9MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvM3dmOFE1QkVZaUh2R0x6Q1F2aE5EV2tSOGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQDXvGIMAwDBANe8agDBANe8bAwDAMEALL9
HwMEAbL9IAMEAbL9LAMEAbL9NDANBgkqhkiG9w0BAQsFAAOCAQEAgQzA/JfKPIwQ
/r/lhLADLDeQTmyEeVXqNeje61Z++BZNOzRtEtCmkn9Cuubh9PQo+7CSKkiDsAP1
zZuW9rRa8MP2NJdprdVaA/4OOuRXjG4GwL3BgykOq2o5+zprU+gSx+s+DM93qqi8
6IQZ1x4PG4GfiQBHx9h4cSmZYH4OGrzL6gVTb/d/UuZswa/7S4ansUNVgRo1hUTm
qZ+48LPVTsinbIzcD3OJDDTgRTEVnXrBl3KbeTusRdp4wYJh0GSNS/UVn23boBtF
8pVG6MUfFCrtlIy+xGVGhMgOG03Nx0i/FXmIJSElJo3aZuibwGjafsCGj/KeP6zs
teSW8IJ0rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org