Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/M3S3PUWzuERgDOD7PH1QZ6wn5v8.roa
File: M3S3PUWzuERgDOD7PH1QZ6wn5v8.roa (raw, json)
Hash identifier: 6J1+TQgp9/unux6Ez9aG0KitR7YB1mLSmasFqpOLul0=
Subject key identifier: 33:74:B7:3D:45:B3:B8:44:60:0C:E0:FB:3C:7D:50:67:AC:27:E6:FF
Certificate issuer: /CN=49d8663d3b969e0253a26d5425bee1c5d443b361
Certificate serial: 018A3B23D894E3D410BB1D8831E0BF0CEBCE
Authority key identifier: 49:D8:66:3D:3B:96:9E:02:53:A2:6D:54:25:BE:E1:C5:D4:43:B3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SdhmPTuWngJTom1UJb7hxdRDs2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/M3S3PUWzuERgDOD7PH1QZ6wn5v8.roa
Signing time: Mon 28 Aug 2023 07:55:19 +0000
ROA not before: Mon 28 Aug 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31726
IP address blocks: 185.117.192.0/22 maxlen: 22
2a06:8600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:23:d8:94:e3:d4:10:bb:1d:88:31:e0:bf:0c:eb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49d8663d3b969e0253a26d5425bee1c5d443b361
Validity
Not Before: Aug 28 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3374b73d45b3b844600ce0fb3c7d5067ac27e6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:89:a0:ea:ec:9f:76:8a:c7:fa:e3:1c:1e:2c:
5f:cd:fc:47:fa:62:34:0c:a2:0b:79:d9:bc:ff:29:
f8:7f:12:2b:b5:03:65:e9:0d:1e:ac:c4:67:13:e4:
37:9f:16:21:5f:1e:3e:2a:29:7c:44:7a:29:24:56:
17:90:c7:e9:ce:99:8d:39:1f:c2:b4:86:d0:6d:85:
18:ea:49:85:e9:45:72:44:24:58:4c:f6:ee:f3:69:
7f:42:a3:9e:eb:30:06:41:8d:88:91:69:54:51:7c:
90:8d:9a:b4:d2:7b:83:fb:2d:58:95:34:e2:6d:5d:
e8:77:35:1e:18:fe:2d:f0:38:9e:2d:82:bd:ce:fc:
c8:36:74:33:3c:af:21:b3:b9:9a:99:4b:e0:ac:c4:
33:83:7d:8c:87:12:44:54:2a:0a:a4:4e:3c:fb:6b:
5d:65:0e:22:71:45:cc:bf:43:9a:8a:b1:61:df:ee:
0a:e0:e1:15:2f:39:20:20:3f:e1:e0:8f:de:98:bb:
01:c0:9b:95:35:36:1c:e7:24:80:b0:60:16:87:2a:
b9:22:74:37:85:11:a2:96:30:2b:84:f5:e2:c0:94:
3f:46:e1:e4:32:7b:21:39:4b:7b:cf:1e:36:c8:34:
32:cb:ee:44:c0:1d:69:21:f4:45:81:5b:f6:8d:d0:
82:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:74:B7:3D:45:B3:B8:44:60:0C:E0:FB:3C:7D:50:67:AC:27:E6:FF
X509v3 Authority Key Identifier:
keyid:49:D8:66:3D:3B:96:9E:02:53:A2:6D:54:25:BE:E1:C5:D4:43:B3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdhmPTuWngJTom1UJb7hxdRDs2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/M3S3PUWzuERgDOD7PH1QZ6wn5v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/SdhmPTuWngJTom1UJb7hxdRDs2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.192.0/22
IPv6:
2a06:8600::/29
Signature Algorithm: sha256WithRSAEncryption
7b:9d:72:68:cf:99:a7:d8:1c:53:23:3a:e5:a0:7d:82:c6:75:
dd:04:01:9a:9f:22:50:8d:63:50:71:13:f5:31:fe:06:c4:b3:
63:45:ab:37:ae:a5:70:a1:8a:fd:f8:d7:0a:e3:b4:52:63:4b:
0c:72:43:7d:c5:37:6d:9d:3c:d1:81:e9:3f:8c:0b:72:a3:2a:
5f:a2:2a:f8:15:eb:0c:32:8a:89:64:8d:77:da:0b:5f:10:4d:
42:90:27:8e:1e:21:35:02:8c:34:0a:b2:2f:42:20:60:1a:7f:
8f:1f:e8:6a:fd:02:57:87:71:9a:d4:72:37:07:da:6a:cb:53:
2d:3b:35:2f:65:1f:55:95:4c:c8:8e:76:ba:9f:87:b1:fa:1c:
2c:cc:a3:f8:57:e9:e1:8b:3a:ec:32:d0:89:93:7c:a5:86:28:
4b:44:ac:84:16:0d:d9:e8:b0:f6:23:40:ff:66:53:90:b3:6a:
49:36:94:e1:4a:7a:b7:cd:d0:30:05:ff:01:a7:11:66:9c:ac:
e7:be:3b:bc:92:b4:17:ab:89:c7:d4:96:cb:3c:d4:55:22:cb:
e0:fa:c7:64:dd:6b:b4:22:ed:ba:be:28:1a:0b:d0:14:29:3a:
95:70:53:a0:3e:a4:61:33:99:cc:81:01:7b:ea:88:67:8f:11:
18:87:ee:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYo7I9iU49QQux2IMeC/DOvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDg2NjNkM2I5NjllMDI1M2EyNmQ1NDI1YmVlMWM1ZDQ0
M2IzNjEwHhcNMjMwODI4MDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc0YjczZDQ1YjNiODQ0NjAwY2UwZmIzYzdkNTA2N2FjMjdlNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmomg6uyfdorH+uMcHixfzfxH+mI0
DKILedm8/yn4fxIrtQNl6Q0erMRnE+Q3nxYhXx4+Kil8RHopJFYXkMfpzpmNOR/C
tIbQbYUY6kmF6UVyRCRYTPbu82l/QqOe6zAGQY2IkWlUUXyQjZq00nuD+y1YlTTi
bV3odzUeGP4t8DieLYK9zvzINnQzPK8hs7mamUvgrMQzg32MhxJEVCoKpE48+2td
ZQ4icUXMv0OairFh3+4K4OEVLzkgID/h4I/emLsBwJuVNTYc5ySAsGAWhyq5InQ3
hRGiljArhPXiwJQ/RuHkMnshOUt7zx42yDQyy+5EwB1pIfRFgVv2jdCC9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDN0tz1Fs7hEYAzg+zx9UGesJ+b/MB8GA1UdIwQY
MBaAFEnYZj07lp4CU6JtVCW+4cXUQ7NhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RobVBUdVduZ0pUb20xVUpiN2h4ZFJEczJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNWQwMGQtNjI2Ni00NmVhLWJjOGMt
NDE4MmJlZGI5OGExLzEvTTNTM1BVV3p1RVJnRE9EN1BIMVFaNnduNXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNWQwMGQtNjI2Ni00NmVhLWJjOGMtNDE4MmJlZGI5OGEx
LzEvU2RobVBUdVduZ0pUb20xVUpiN2h4ZFJEczJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXXAMA0E
AgACMAcDBQMqBoYAMA0GCSqGSIb3DQEBCwUAA4IBAQB7nXJoz5mn2BxTIzrloH2C
xnXdBAGanyJQjWNQcRP1Mf4GxLNjRas3rqVwoYr9+NcK47RSY0sMckN9xTdtnTzR
gek/jAtyoypfoir4FesMMoqJZI132gtfEE1CkCeOHiE1Aow0CrIvQiBgGn+PH+hq
/QJXh3Ga1HI3B9pqy1MtOzUvZR9VlUzIjna6n4ex+hwszKP4V+nhizrsMtCJk3yl
hihLRKyEFg3Z6LD2I0D/ZlOQs2pJNpThSnq3zdAwBf8BpxFmnKznvju8krQXq4nH
1JbLPNRVIsvg+sdk3Wu0Iu26vigaC9AUKTqVcFOgPqRhM5nMgQF76ohnjxEYh+4c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:29 2025 by rpki-client