Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/At3MaaLyvO4hH2dPY_oQKKeHJnY.roa
File: At3MaaLyvO4hH2dPY_oQKKeHJnY.roa (raw, json)
Hash identifier: BmFQ4IwkTfMhvDG3Wk5a6eDLUMgVbrCS3ihUuiY1Gj8=
Subject key identifier: 02:DD:CC:69:A2:F2:BC:EE:21:1F:67:4F:63:FA:10:28:A7:87:26:76
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01856F14EBA4A6AAAA2D9DE3DD8E63757E2A
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/At3MaaLyvO4hH2dPY_oQKKeHJnY.roa
Signing time: Sun 01 Jan 2023 20:45:20 +0000
ROA not before: Sun 01 Jan 2023 20:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.221.192.0/24 maxlen: 24
185.221.192.0/22 maxlen: 22
185.221.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
185.221.195.0/24 maxlen: 24
195.191.44.0/24 maxlen: 24
195.191.45.0/24 maxlen: 24
185.121.58.0/24 maxlen: 24
185.121.57.0/24 maxlen: 24
185.121.56.0/22 maxlen: 22
185.121.56.0/24 maxlen: 24
185.121.59.0/24 maxlen: 24
195.8.112.0/24 maxlen: 24
195.8.110.0/24 maxlen: 24
195.8.114.0/24 maxlen: 24
185.238.44.0/24 maxlen: 24
185.238.47.0/24 maxlen: 24
185.238.46.0/24 maxlen: 24
185.238.45.0/24 maxlen: 24
195.191.23.0/24 maxlen: 24
195.191.22.0/24 maxlen: 24
185.137.60.0/22 maxlen: 24
185.142.95.0/24 maxlen: 24
185.142.92.0/22 maxlen: 22
185.142.92.0/24 maxlen: 24
193.246.200.0/24 maxlen: 24
185.142.94.0/24 maxlen: 24
185.142.93.0/24 maxlen: 24
193.246.201.0/24 maxlen: 24
185.142.124.0/24 maxlen: 24
185.142.124.0/22 maxlen: 22
185.142.125.0/24 maxlen: 24
185.142.127.0/24 maxlen: 24
185.142.126.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.97.0/24 maxlen: 24
195.230.105.0/24 maxlen: 24
91.213.151.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
91.213.157.0/24 maxlen: 24
185.82.64.0/24 maxlen: 24
185.82.64.0/22 maxlen: 22
195.230.124.0/24 maxlen: 24
185.82.66.0/24 maxlen: 24
185.82.67.0/24 maxlen: 24
185.82.65.0/24 maxlen: 24
91.213.172.0/24 maxlen: 24
91.213.167.0/24 maxlen: 24
185.47.48.0/23 maxlen: 23
185.47.50.0/23 maxlen: 23
45.155.192.0/24 maxlen: 24
193.246.175.0/24 maxlen: 24
193.246.174.0/24 maxlen: 24
45.155.195.0/24 maxlen: 24
45.155.193.0/24 maxlen: 24
45.155.194.0/24 maxlen: 24
185.125.22.0/24 maxlen: 24
185.125.21.0/24 maxlen: 24
185.125.23.0/24 maxlen: 24
185.125.20.0/24 maxlen: 24
185.125.20.0/22 maxlen: 22
185.212.192.0/24 maxlen: 24
185.212.193.0/24 maxlen: 24
185.212.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:eb:a4:a6:aa:aa:2d:9d:e3:dd:8e:63:75:7e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Jan 1 20:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02ddcc69a2f2bcee211f674f63fa1028a7872676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:30:80:ea:3a:5e:69:fc:8c:cd:56:bc:34:ea:
36:51:06:3d:71:5e:8d:41:55:2f:1d:c4:f9:54:78:
d5:5c:c3:a1:27:f5:4c:41:2d:9c:01:8a:c5:ab:05:
76:cd:d4:53:f9:8a:5f:51:19:8a:77:46:13:2c:ce:
d5:8a:43:77:8a:9d:84:73:29:03:8a:c9:36:d4:20:
e2:25:0c:5e:ca:b8:d1:06:5d:ed:b6:9b:42:6f:e5:
0f:fe:59:19:37:73:27:23:ed:d1:14:ea:1f:ba:a7:
ae:c2:32:66:1c:43:bd:4c:39:08:48:e3:b0:a8:1e:
86:4d:4f:57:94:79:60:11:f9:09:01:7b:b9:70:5f:
32:86:b0:e6:06:7b:f0:ed:59:db:41:12:92:3a:24:
29:61:e2:dc:b1:f4:59:b9:b5:42:68:8e:90:cd:d8:
8d:57:cd:46:c4:f0:2b:11:18:e7:49:91:04:21:a7:
c9:cb:26:86:fd:67:a5:c3:a1:cc:a2:54:b5:9a:d8:
0d:97:16:d0:32:b3:a3:ff:3b:b0:68:5c:e6:af:ac:
12:21:35:ce:6f:71:a8:ae:e8:2f:b0:62:c3:bc:d7:
40:35:1b:58:4b:49:1c:14:e5:63:e4:90:f9:d7:95:
31:67:e0:2b:2f:28:cd:4c:e0:72:08:87:29:c8:9d:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DD:CC:69:A2:F2:BC:EE:21:1F:67:4F:63:FA:10:28:A7:87:26:76
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/At3MaaLyvO4hH2dPY_oQKKeHJnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.151.0/24
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.47.48.0/22
185.82.64.0/22
185.121.56.0/22
185.125.20.0/22
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/23
185.212.195.0/24
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.102.0/24
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
195.230.105.0/24
195.230.107.0/24
195.230.124.0/24
Signature Algorithm: sha256WithRSAEncryption
64:fc:b2:0e:4f:ba:09:4c:64:dc:ac:dc:51:da:d5:44:2b:ad:
dc:8b:7f:eb:61:15:39:43:54:d3:11:52:00:43:f8:a5:80:b1:
b1:49:1a:34:34:64:ab:ac:22:6a:3f:aa:31:cd:c3:93:94:e3:
99:b0:24:e1:4a:91:8e:a8:8a:1c:c2:60:ea:d3:6c:22:5d:43:
eb:f7:8e:78:c3:30:70:0c:9c:05:53:c4:6e:5f:8c:73:38:aa:
ed:22:c1:77:2d:04:b2:9c:7d:5c:58:1a:0b:e5:85:d7:b9:a9:
3a:6c:08:cc:7a:d1:94:99:a0:61:a7:69:ea:cf:12:6d:e3:26:
69:00:bd:23:16:4d:77:b4:f3:a6:49:14:86:90:b7:06:0f:dd:
0a:73:52:d2:88:8a:57:27:e1:cb:63:02:93:ba:94:54:58:74:
12:b3:dc:eb:f8:a6:d8:82:b7:7e:ef:45:8e:d7:a0:d6:61:30:
1a:c3:c5:4d:e8:77:3e:a1:57:e5:22:e3:65:ae:7e:1a:e9:14:
db:51:87:dc:c9:f4:55:58:2b:0e:5b:13:b1:e5:9c:03:6c:42:
1e:46:95:47:66:72:85:8d:d6:a3:6e:f8:34:37:c9:a4:11:df:
8a:86:69:00:0a:63:c4:2f:c6:e3:24:2f:b3:97:49:02:71:ba:
75:aa:17:5f
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYVvFOukpqqqLZ3j3Y5jdX4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwMTAxMjA0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmRkY2M2OWEyZjJiY2VlMjExZjY3NGY2M2ZhMTAyOGE3ODcyNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zCA6jpeafyMzVa8NOo2UQY9cV6N
QVUvHcT5VHjVXMOhJ/VMQS2cAYrFqwV2zdRT+YpfURmKd0YTLM7VikN3ip2EcykD
isk21CDiJQxeyrjRBl3ttptCb+UP/lkZN3MnI+3RFOofuqeuwjJmHEO9TDkISOOw
qB6GTU9XlHlgEfkJAXu5cF8yhrDmBnvw7VnbQRKSOiQpYeLcsfRZubVCaI6QzdiN
V81GxPArERjnSZEEIafJyyaG/Welw6HMolS1mtgNlxbQMrOj/zuwaFzmr6wSITXO
b3GorugvsGLDvNdANRtYS0kcFOVj5JD515UxZ+ArLyjNTOByCIcpyJ3YAwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFALdzGmi8rzuIR9nT2P6ECinhyZ2MB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvQXQzTWFhTHl2TzRoSDJkUFlfb1FLS2VISm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIt
m8ADBABb1ZcDBABb1Z0DBABb1acDBABb1awDBAK5LzADBAK5UkADBAK5eTgDBAK5
fRQDBAK5iTwDBAK5jlwDBAK5jnwDBAG51MADBAC51MMDBAK53cADBAK57iwDBAHB
9q4DBAHB9sgDBADDCGYDBADDCG4DBADDCHADBADDCHIDBAHDvxYDBAHDvywDBADD
5mEDBADD5mkDBADD5msDBADD5nwwDQYJKoZIhvcNAQELBQADggEBAGT8sg5PuglM
ZNys3FHa1UQrrdyLf+thFTlDVNMRUgBD+KWAsbFJGjQ0ZKusImo/qjHNw5OU45mw
JOFKkY6oihzCYOrTbCJdQ+v3jnjDMHAMnAVTxG5fjHM4qu0iwXctBLKcfVxYGgvl
hde5qTpsCMx60ZSZoGGnaerPEm3jJmkAvSMWTXe086ZJFIaQtwYP3QpzUtKIilcn
4ctjApO6lFRYdBKz3Ov4ptiCt37vRY7XoNZhMBrDxU3odz6hV+Ui42WufhrpFNtR
h9zJ9FVYKw5bE7HlnANsQh5GlUdmcoWN1qNu+DQ3yaQR34qGaQAKY8QvxuMkL7OX
SQJxunWqF18=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:08 2025 by rpki-client