Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/TL3_hZD0Dr30SDHeZ5ToUCdtTik.roa
File: TL3_hZD0Dr30SDHeZ5ToUCdtTik.roa (raw, json)
Hash identifier: yBxxClb3Hgx8ZzLSURDuWBPkBafJKdt1iZaQcED94Xw=
Subject key identifier: 4C:BD:FF:85:90:F4:0E:BD:F4:48:31:DE:67:94:E8:50:27:6D:4E:29
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 14063C
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/TL3_hZD0Dr30SDHeZ5ToUCdtTik.roa
Signing time: Mon 25 Apr 2022 08:23:12 +0000
ROA not before: Mon 25 Apr 2022 08:23:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8376
IP address blocks: 46.185.128.0/17 maxlen: 24
79.173.192.0/18 maxlen: 24
185.98.220.0/22 maxlen: 24
217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
149.200.128.0/17 maxlen: 24
213.186.160.0/19 maxlen: 24
37.202.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1312316 (0x14063c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Apr 25 08:23:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cbdff8590f40ebdf44831de6794e850276d4e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:eb:05:8a:4e:2a:ce:dd:7b:1d:f9:10:40:75:
50:3f:36:9e:d1:70:66:70:15:e1:35:b2:3b:54:bc:
0b:da:ef:a9:d5:77:5b:b5:cb:8d:73:0b:8a:88:79:
dc:d8:67:0e:af:a2:17:0d:7e:54:cc:11:a9:ba:d0:
85:23:d2:b6:98:e1:07:7c:cc:ab:8e:ca:cd:6f:c4:
66:10:8d:44:9d:37:4a:12:d8:46:f8:62:0c:33:49:
73:6e:a6:9f:2a:22:44:1f:56:f8:28:a5:9c:39:da:
b0:7e:9e:23:71:a4:ae:03:4d:87:93:99:b0:bf:40:
6c:cd:b0:34:1b:a9:4f:ff:17:a5:e5:bd:0e:e0:87:
c1:51:9d:94:64:09:f8:fa:9b:56:c6:81:b4:df:bc:
2a:e8:df:52:d6:2d:24:52:6f:ac:fd:83:3b:b1:ed:
2c:46:2c:11:3a:ab:94:dd:fd:20:fe:6e:40:04:69:
7a:a9:b5:23:44:b4:87:9e:78:21:3a:dd:34:fa:89:
61:2d:f1:f8:39:9e:e4:4b:f9:02:a8:40:a0:9c:81:
5b:82:f7:74:83:a3:9a:52:30:a0:7e:f6:ae:9a:c8:
eb:98:fb:b6:fe:5d:5d:d0:cb:72:64:47:cc:af:1f:
cc:92:cd:f5:55:df:42:52:f7:93:47:5e:50:59:68:
e0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:BD:FF:85:90:F4:0E:BD:F4:48:31:DE:67:94:E8:50:27:6D:4E:29
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/TL3_hZD0Dr30SDHeZ5ToUCdtTik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
46.185.128.0/17
79.173.192.0/18
149.200.128.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:ae:ea:4d:db:6a:0b:eb:7d:94:59:3c:6f:5a:b6:b0:4b:a7:
47:b1:da:7f:d9:ec:a9:2e:21:38:e6:34:53:af:90:32:a0:11:
66:a9:d5:12:b6:ca:f3:2f:1f:b4:bb:33:cb:31:bb:bd:63:fa:
ae:21:b6:b2:47:c1:98:0c:02:24:92:05:22:8e:ff:cb:df:6b:
da:d5:d0:df:76:d7:14:25:99:16:7b:57:95:f7:ab:fe:cd:7b:
7e:31:ab:b5:c7:0b:eb:e4:ea:69:99:bf:9e:ca:25:91:6d:36:
4b:d6:a4:24:04:25:4b:00:4a:cc:e6:a5:a6:47:26:81:84:df:
e5:a8:da:fa:d0:e4:59:db:8c:a1:f4:ba:14:d2:64:ce:49:87:
ab:1f:95:16:55:06:2f:86:81:c7:50:40:34:0e:f8:6b:c4:0b:
82:f5:fc:77:8f:0b:5c:30:44:d8:7a:95:7f:74:ca:3a:99:eb:
c4:53:a4:78:6e:1a:bf:34:e1:ca:ac:23:8a:ec:6b:49:12:aa:
e5:6e:cf:51:1c:3c:59:e9:52:dc:ba:0f:b2:b4:21:a6:f2:e1:
a9:80:4a:3d:0a:db:77:d1:4d:f5:7e:b8:b5:28:18:18:91:7b:
f8:c6:67:b3:0e:b1:b4:8b:50:6f:73:42:c2:f3:b7:d1:c6:ae:
7c:7c:a6:29
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIDFAY8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU2
ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUzNmNiYzYwHhcNMjIwNDI1
MDgyMzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0Y2JkZmY4NTkwZjQw
ZWJkZjQ0ODMxZGU2Nzk0ZTg1MDI3NmQ0ZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwOsFik4qzt17HfkQQHVQPzae0XBmcBXhNbI7VLwL2u+p1Xdb
tcuNcwuKiHnc2GcOr6IXDX5UzBGputCFI9K2mOEHfMyrjsrNb8RmEI1EnTdKEthG
+GIMM0lzbqafKiJEH1b4KKWcOdqwfp4jcaSuA02Hk5mwv0BszbA0G6lP/xel5b0O
4IfBUZ2UZAn4+ptWxoG037wq6N9S1i0kUm+s/YM7se0sRiwROquU3f0g/m5ABGl6
qbUjRLSHnnghOt00+olhLfH4OZ7kS/kCqECgnIFbgvd0g6OaUjCgfvaumsjrmPu2
/l1d0MtyZEfMrx/Mks31Vd9CUveTR15QWWjgowIDAQABo4ICMzCCAi8wHQYDVR0O
BBYEFEy9/4WQ9A699Egx3meU6FAnbU4pMB8GA1UdIwQYMBaAFFbQ47KPK+M+xanS
ygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkwLzEv
VEwzX2haRDBEcjMwU0RIZVo1VG9VQ2R0VGlrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9m
ZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkwLzEvVnREanNvOHI0ejdG
cWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEkG
CCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQGJcpAAwQHLrmAAwQGT63AAwQHlciA
AwQCuWLcAwQFwqWAAwQF1bqgAwQE2RcgMA0GCSqGSIb3DQEBCwUAA4IBAQCmrupN
22oL632UWTxvWrawS6dHsdp/2eypLiE45jRTr5AyoBFmqdUStsrzLx+0uzPLMbu9
Y/quIbayR8GYDAIkkgUijv/L32va1dDfdtcUJZkWe1eV96v+zXt+Mau1xwvr5Opp
mb+eyiWRbTZL1qQkBCVLAErM5qWmRyaBhN/lqNr60ORZ24yh9LoU0mTOSYerH5UW
VQYvhoHHUEA0DvhrxAuC9fx3jwtcMETYepV/dMo6mevEU6R4bhq/NOHKrCOK7GtJ
Eqrlbs9RHDxZ6VLcug+ytCGm8uGpgEo9Ctt30U31fri1KBgYkXv4xmezDrG0i1Bv
c0LC87fRxq58fKYp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:06 2025 by rpki-client