Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3IC-3kzh4DhwdqrdJAepxFvx_Js.roa
File: 3IC-3kzh4DhwdqrdJAepxFvx_Js.roa (raw, json)
Hash identifier: I7rPqmjoX4Z62SgRue3f3DazgoWWui61rON5AXfwr5s=
Subject key identifier: DC:80:BE:DE:4C:E1:E0:38:70:76:AA:DD:24:07:A9:C4:5B:F1:FC:9B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0184CDE1F7844921B22704D60F0648188427
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3IC-3kzh4DhwdqrdJAepxFvx_Js.roa
Signing time: Thu 01 Dec 2022 13:30:49 +0000
ROA not before: Thu 01 Dec 2022 13:30:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206286
IP address blocks: 45.141.24.0/24 maxlen: 24
45.144.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:e1:f7:84:49:21:b2:27:04:d6:0f:06:48:18:84:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 1 13:30:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc80bede4ce1e0387076aadd2407a9c45bf1fc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:16:36:c5:7b:51:2a:d1:38:b9:d8:f6:a2:
8f:ad:f5:a8:00:db:b2:bd:89:90:b0:36:0f:e3:fb:
f4:5c:c1:2e:fd:96:06:18:9e:c7:5a:0e:77:15:2b:
40:4e:22:db:d5:d2:29:bd:ca:22:0b:8c:26:a1:1d:
56:be:d3:4c:ac:7c:d5:c7:7a:6c:15:b8:0c:86:b8:
e1:f4:e7:de:fd:02:0d:de:fc:08:1d:6b:0d:12:f3:
45:40:de:ac:94:8c:cb:f7:e2:4d:a9:a6:6b:ec:15:
82:29:59:cd:fb:ca:ad:4b:49:d0:51:9b:a8:09:06:
54:e5:a5:7c:b9:07:cd:da:d8:01:a3:5f:d7:de:a8:
26:f0:ad:12:c3:9d:ac:e0:1b:bc:fc:a6:ce:10:fe:
fd:b5:4a:8f:9c:93:55:58:37:4d:72:6a:90:8b:20:
04:92:ec:3a:ec:78:be:58:4b:69:e1:0f:75:60:6a:
af:32:7c:47:7d:ee:41:c6:c3:d0:8d:bd:2c:f7:bd:
01:da:95:11:b3:76:84:10:9e:53:6e:c1:94:e0:8b:
e0:c1:ed:9c:65:3d:58:70:33:c7:c5:2c:16:2c:15:
c2:48:1a:9d:89:3f:e0:24:9b:c7:ed:93:b8:bf:be:
d7:59:52:81:6d:81:2c:d7:8c:4a:4b:00:e6:23:89:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:80:BE:DE:4C:E1:E0:38:70:76:AA:DD:24:07:A9:C4:5B:F1:FC:9B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3IC-3kzh4DhwdqrdJAepxFvx_Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.24.0/24
45.144.225.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:e4:cc:ec:eb:6f:73:71:c3:eb:73:c3:87:71:11:52:3b:06:
b8:da:28:18:00:ff:77:b1:b4:7f:90:a3:fb:c8:f8:48:1e:78:
71:6d:e6:bf:b8:6e:2f:4e:a3:d4:1f:80:61:d2:d7:50:22:e4:
b2:7d:35:e6:d4:45:eb:00:6d:9c:c1:37:fe:d7:00:c7:99:27:
39:0a:14:1f:cb:61:9f:7a:54:2b:5d:3a:76:cb:35:4f:e8:ec:
09:a1:4a:ef:3d:fe:36:93:e0:09:e0:69:ee:a7:c2:27:5e:9e:
3f:68:b5:13:27:d4:6d:ef:5e:7d:cf:a1:ed:46:d7:f0:b4:08:
ab:ea:87:69:41:7f:f8:3b:e1:83:b4:b4:0d:39:2e:44:10:29:
7e:67:b9:05:db:9b:6d:1e:cd:d0:bb:66:80:c7:37:51:5c:81:
62:37:4c:b1:9c:55:0d:57:00:14:47:b0:98:af:ce:fe:89:fe:
ee:9b:ea:2a:d2:2d:04:92:00:fd:90:f4:51:fc:19:24:c2:3d:
54:7f:3c:a9:df:94:fb:f4:89:08:70:ed:70:2f:3e:dd:bd:52:
ae:d9:62:4e:34:99:6c:22:73:31:7f:3f:79:c1:ad:eb:24:5a:
b0:1f:e1:e3:41:72:52:b8:89:8b:e4:eb:c7:93:b4:46:b7:a8:
fb:1f:49:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTN4feESSGyJwTWDwZIGIQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjAxMTMzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzgwYmVkZTRjZTFlMDM4NzA3NmFhZGQyNDA3YTljNDViZjFmYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuAWNsV7USrROLnY9qKPrfWoANuy
vYmQsDYP4/v0XMEu/ZYGGJ7HWg53FStATiLb1dIpvcoiC4wmoR1WvtNMrHzVx3ps
FbgMhrjh9Ofe/QIN3vwIHWsNEvNFQN6slIzL9+JNqaZr7BWCKVnN+8qtS0nQUZuo
CQZU5aV8uQfN2tgBo1/X3qgm8K0Sw52s4Bu8/KbOEP79tUqPnJNVWDdNcmqQiyAE
kuw67Hi+WEtp4Q91YGqvMnxHfe5BxsPQjb0s970B2pURs3aEEJ5TbsGU4Ivgwe2c
ZT1YcDPHxSwWLBXCSBqdiT/gJJvH7ZO4v77XWVKBbYEs14xKSwDmI4mdcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNyAvt5M4eA4cHaq3SQHqcRb8fybMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM0lDLTNremg0RGh3ZHFyZEpBZXB4RnZ4X0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY0YAwQA
LZDhMA0GCSqGSIb3DQEBCwUAA4IBAQAK5Mzs629zccPrc8OHcRFSOwa42igYAP93
sbR/kKP7yPhIHnhxbea/uG4vTqPUH4Bh0tdQIuSyfTXm1EXrAG2cwTf+1wDHmSc5
ChQfy2GfelQrXTp2yzVP6OwJoUrvPf42k+AJ4Gnup8InXp4/aLUTJ9Rt7159z6Ht
RtfwtAir6odpQX/4O+GDtLQNOS5EECl+Z7kF25ttHs3Qu2aAxzdRXIFiN0yxnFUN
VwAUR7CYr87+if7um+oq0i0EkgD9kPRR/Bkkwj1Ufzyp35T79IkIcO1wLz7dvVKu
2WJONJlsInMxfz95wa3rJFqwH+HjQXJSuImL5OvHk7RGt6j7H0lP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org