Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/3Na_fHFjBohb8w0UoDwucfxrpaQ.roa
File: 3Na_fHFjBohb8w0UoDwucfxrpaQ.roa (raw, json)
Hash identifier: tl3oSYTsiCcfnK/yJ8Zp5yUH09cPtQqObCeHvIeErT4=
Subject key identifier: DC:D6:BF:7C:71:63:06:88:5B:F3:0D:14:A0:3C:2E:71:FC:6B:A5:A4
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA4777E6EA211CAD780316564CFF9F
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/3Na_fHFjBohb8w0UoDwucfxrpaQ.roa
Signing time: Mon 02 Jan 2023 13:44:48 +0000
ROA not before: Mon 02 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12402
IP address blocks: 83.212.236.0/22 maxlen: 22
83.212.28.0/22 maxlen: 22
195.251.224.0/21 maxlen: 21
195.251.236.0/23 maxlen: 23
2001:648:24a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:47:77:e6:ea:21:1c:ad:78:03:16:56:4c:ff:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd6bf7c716306885bf30d14a03c2e71fc6ba5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:a1:18:a7:30:43:db:cd:1f:2e:c4:57:d3:
04:cb:22:8e:bc:8a:5e:11:86:91:6b:30:e6:49:47:
4d:f5:ca:8f:1e:a0:b3:40:86:18:20:e2:9e:5b:94:
88:05:3c:59:43:34:f1:3a:e3:6f:fa:0f:e1:65:6c:
34:55:66:25:f0:67:9e:c3:90:6c:8f:4c:a6:c7:38:
7d:b6:27:54:b5:f1:58:ac:6b:7e:ac:4f:49:7d:0e:
30:e4:bd:d6:c7:6d:9c:0b:14:f6:a1:e1:07:4c:2e:
b6:92:4b:47:b4:22:f4:45:d4:41:06:40:99:7a:3a:
a9:1f:aa:55:fe:95:85:f0:42:44:e5:03:f5:03:e1:
ef:a5:32:33:a6:21:3b:13:8d:9b:83:33:36:02:f0:
c3:d8:88:90:ac:95:84:20:29:c4:72:e4:f0:ac:21:
18:07:f9:e0:f7:cd:9b:db:4d:3d:ac:ce:a4:80:92:
e1:5b:fd:f7:13:52:5a:05:07:82:91:73:bb:20:c6:
2f:3c:95:24:43:bb:75:f3:a4:d7:59:dc:56:2b:a3:
63:b0:31:1d:95:79:10:87:8e:8c:ce:01:42:6b:88:
48:1c:34:e5:01:d7:ee:36:52:67:db:dc:42:97:d9:
c6:28:d5:ec:ed:29:3a:23:57:92:00:d1:eb:16:73:
11:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D6:BF:7C:71:63:06:88:5B:F3:0D:14:A0:3C:2E:71:FC:6B:A5:A4
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/3Na_fHFjBohb8w0UoDwucfxrpaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.28.0/22
83.212.236.0/22
195.251.224.0/21
195.251.236.0/23
IPv6:
2001:648:24a0::/48
Signature Algorithm: sha256WithRSAEncryption
b3:bd:f4:2c:54:8a:60:98:05:bb:6a:01:44:9d:f5:e5:d5:dd:
8f:15:89:bd:7d:ea:1c:c2:6d:1d:84:fd:88:60:7b:49:b4:fb:
50:6c:cf:c6:32:99:fb:d6:33:c9:1d:7a:ef:6d:59:33:a5:14:
8c:7d:29:95:d0:f5:eb:4e:93:bc:06:e3:90:6c:98:7a:97:d3:
ae:69:19:15:e8:ef:fc:ea:d3:54:fb:22:92:dd:e3:bb:e9:6e:
f4:ec:f2:bb:2e:05:58:c9:f7:da:94:42:d3:6a:13:5d:1c:a8:
8c:22:c6:e0:96:0a:a6:fc:c6:9a:2f:f1:04:d1:af:08:8d:78:
66:6d:55:a1:41:ae:7e:f2:6e:39:c3:e2:92:ba:ce:de:76:c7:
34:5c:78:a3:45:6b:d2:19:bc:e6:71:d5:0f:d4:1f:1e:e4:f1:
2c:c9:0e:12:b4:6b:8a:ba:24:70:79:c2:eb:24:d2:97:5d:b6:
ea:07:7e:6e:3c:ec:bd:78:20:a7:8b:33:80:e9:81:4e:50:c7:
48:9a:d5:df:08:81:cf:ef:f0:54:e3:2f:db:19:24:16:e1:29:
06:1e:c0:8f:46:05:2a:64:63:d4:39:b9:7a:7d:ec:7d:ea:9f:
ac:5f:db:a1:fa:74:54:b7:92:92:22:d2:cd:8b:90:17:81:f0:
2e:2f:73:fa
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVyukd35uohHK14AxZWTP+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q2YmY3YzcxNjMwNjg4NWJmMzBkMTRhMDNjMmU3MWZjNmJhNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGOhGKcwQ9vNHy7EV9MEyyKOvIpe
EYaRazDmSUdN9cqPHqCzQIYYIOKeW5SIBTxZQzTxOuNv+g/hZWw0VWYl8Geew5Bs
j0ymxzh9tidUtfFYrGt+rE9JfQ4w5L3Wx22cCxT2oeEHTC62kktHtCL0RdRBBkCZ
ejqpH6pV/pWF8EJE5QP1A+HvpTIzpiE7E42bgzM2AvDD2IiQrJWEICnEcuTwrCEY
B/ng982b2009rM6kgJLhW/33E1JaBQeCkXO7IMYvPJUkQ7t186TXWdxWK6NjsDEd
lXkQh46MzgFCa4hIHDTlAdfuNlJn29xCl9nGKNXs7Sk6I1eSANHrFnMR5wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNzWv3xxYwaIW/MNFKA8LnH8a6WkMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvM05hX2ZIRmpCb2hiOHcwVW9Ed3VjZnhycGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCU9QcAwQC
U9TsAwQDw/vgAwQBw/vsMA8EAgACMAkDBwAgAQZIJKAwDQYJKoZIhvcNAQELBQAD
ggEBALO99CxUimCYBbtqAUSd9eXV3Y8Vib196hzCbR2E/Yhge0m0+1Bsz8YymfvW
M8kdeu9tWTOlFIx9KZXQ9etOk7wG45BsmHqX065pGRXo7/zq01T7IpLd47vpbvTs
8rsuBVjJ99qUQtNqE10cqIwixuCWCqb8xpov8QTRrwiNeGZtVaFBrn7ybjnD4pK6
zt52xzRceKNFa9IZvOZx1Q/UHx7k8SzJDhK0a4q6JHB5wusk0pddtuoHfm487L14
IKeLM4DpgU5Qx0ia1d8Igc/v8FTjL9sZJBbhKQYewI9GBSpkY9Q5uXp97H3qn6xf
26H6dFS3kpIi0s2LkBeB8C4vc/o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:18 2025 by rpki-client