Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/3Q9hxoBsZlFSFb_nePBLJ96Slzk.roa
File: 3Q9hxoBsZlFSFb_nePBLJ96Slzk.roa (raw, json)
Hash identifier: CG5m53+3/hmsJ6haI8insb7CYDJkV9hCXvuxvC2we9A=
Subject key identifier: DD:0F:61:C6:80:6C:66:51:52:15:BF:E7:78:F0:4B:27:DE:92:97:39
Certificate issuer: /CN=7645692d4bd30cf9e989d55bac8d08e7714493ab
Certificate serial: 07360E09
Authority key identifier: 76:45:69:2D:4B:D3:0C:F9:E9:89:D5:5B:AC:8D:08:E7:71:44:93:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkVpLUvTDPnpidVbrI0I53FEk6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/3Q9hxoBsZlFSFb_nePBLJ96Slzk.roa
Signing time: Sat 01 Jan 2022 14:57:35 +0000
ROA not before: Sat 01 Jan 2022 14:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12637
IP address blocks: 188.211.169.0/24 maxlen: 24
77.81.143.0/24 maxlen: 24
176.223.119.0/24 maxlen: 24
194.76.247.0/24 maxlen: 24
195.200.94.0/23 maxlen: 24
31.14.183.0/24 maxlen: 24
78.40.111.0/24 maxlen: 24
91.233.180.0/23 maxlen: 24
89.47.183.0/24 maxlen: 24
86.106.76.0/24 maxlen: 24
86.106.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120983049 (0x7360e09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7645692d4bd30cf9e989d55bac8d08e7714493ab
Validity
Not Before: Jan 1 14:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd0f61c6806c66515215bfe778f04b27de929739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e1:cb:4e:9e:7c:3f:66:8a:6e:9e:54:54:5a:
9a:b1:c3:cd:6e:fd:75:e1:8f:de:61:0a:6b:a5:b7:
42:31:ff:5e:19:81:61:e1:86:80:97:be:b9:a9:18:
b5:73:36:e1:30:dc:22:05:5b:16:1f:88:9a:7d:89:
d6:fe:70:ab:bf:f5:05:d0:99:b1:df:cd:ad:4d:00:
2f:5d:7d:c3:a7:29:98:68:ee:30:ff:8f:c6:01:8e:
34:7a:d1:90:d7:07:a5:f4:ad:f8:a1:74:7d:97:6f:
b8:72:c7:a0:0b:39:32:3d:5a:15:74:8f:32:eb:db:
c3:fb:bf:e6:2b:c5:4f:b9:d7:bd:b3:72:a0:a3:7d:
63:78:41:39:0c:93:da:75:81:b3:64:65:8e:f6:d3:
5c:06:a5:f8:64:0c:2f:32:e9:34:de:4a:da:c8:0d:
db:d5:bf:05:02:96:69:a3:fe:8a:99:5c:66:c6:0b:
7f:64:7b:14:92:87:13:95:44:39:b1:ef:20:f3:63:
33:5c:fd:b5:7e:eb:7c:78:37:75:cb:7f:ce:bb:66:
28:46:b5:2d:03:d7:09:74:28:c9:4a:cd:38:bf:fa:
c0:62:7a:2a:5e:53:07:38:e2:71:9e:2b:9d:f2:ef:
a5:77:71:57:93:a9:6d:ae:17:a9:1d:29:d9:48:f2:
15:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0F:61:C6:80:6C:66:51:52:15:BF:E7:78:F0:4B:27:DE:92:97:39
X509v3 Authority Key Identifier:
keyid:76:45:69:2D:4B:D3:0C:F9:E9:89:D5:5B:AC:8D:08:E7:71:44:93:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkVpLUvTDPnpidVbrI0I53FEk6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/3Q9hxoBsZlFSFb_nePBLJ96Slzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/dkVpLUvTDPnpidVbrI0I53FEk6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.183.0/24
77.81.143.0/24
78.40.111.0/24
86.106.75.0-86.106.76.255
89.47.183.0/24
91.233.180.0/23
176.223.119.0/24
188.211.169.0/24
194.76.247.0/24
195.200.94.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:31:e8:1b:22:54:07:d4:ae:04:6c:7c:0d:f9:26:28:f0:20:
ff:9a:8d:3a:99:0d:dd:3d:22:40:7a:ae:9c:d1:61:1b:4b:57:
20:22:bf:59:fa:fb:e6:41:d6:fa:07:50:da:15:02:29:4b:89:
35:bb:f3:ad:b0:14:9f:38:d2:96:b7:92:de:b9:76:db:1e:96:
b9:12:52:82:b3:f2:68:ea:9c:8e:9a:ef:78:ed:ed:12:54:c5:
6a:90:6c:9a:6e:b5:61:3c:5e:aa:20:01:35:a9:ee:51:e7:61:
21:a5:9f:2d:e2:9b:cd:86:46:0e:b2:a3:40:fa:de:29:ef:96:
25:c2:b1:9a:67:f0:4f:07:96:dd:5f:e9:9f:55:94:b7:41:5b:
29:8d:03:07:94:4f:3c:17:2c:6b:e7:e7:3f:ab:56:97:34:2c:
8b:80:eb:ab:8e:37:48:b0:fa:db:65:01:92:ef:54:d2:1e:fa:
ba:3a:6d:cc:a2:8e:0a:a9:2e:08:58:7b:ef:03:92:0c:5e:4f:
4a:d5:65:8d:a7:a1:37:d1:b6:e3:70:b2:3a:82:d3:6b:99:5d:
10:27:61:1c:75:86:ba:63:7d:c0:61:6e:41:cd:21:ef:65:62:
fb:04:a8:76:ba:be:79:b5:64:ec:c3:22:17:cc:0f:40:7e:88:
c5:92:7f:b6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEBzYOCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjQ1NjkyZDRiZDMwY2Y5ZTk4OWQ1NWJhYzhkMDhlNzcxNDQ5M2FiMB4XDTIyMDEw
MTE0NTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQwZjYxYzY4MDZj
NjY1MTUyMTViZmU3NzhmMDRiMjdkZTkyOTczOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbhy06efD9mim6eVFRamrHDzW79deGP3mEKa6W3QjH/XhmB
YeGGgJe+uakYtXM24TDcIgVbFh+Imn2J1v5wq7/1BdCZsd/NrU0AL119w6cpmGju
MP+PxgGONHrRkNcHpfSt+KF0fZdvuHLHoAs5Mj1aFXSPMuvbw/u/5ivFT7nXvbNy
oKN9Y3hBOQyT2nWBs2RljvbTXAal+GQMLzLpNN5K2sgN29W/BQKWaaP+iplcZsYL
f2R7FJKHE5VEObHvIPNjM1z9tX7rfHg3dct/zrtmKEa1LQPXCXQoyUrNOL/6wGJ6
Kl5TBzjicZ4rnfLvpXdxV5Opba4XqR0p2UjyFXcCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTdD2HGgGxmUVIVv+d48Esn3pKXOTAfBgNVHSMEGDAWgBR2RWktS9MM+emJ
1VusjQjncUSTqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RrVnBMVXZURFBucGlkVmJySTBJNTNGRWs2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZDA3ZjAxLTc3YzAtNGE0MC05NTYzLWQ2YmI1ODBhZjc4NS8x
LzNROWh4b0JzWmxGU0ZiX25lUEJMSjk2U2x6ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZDA3ZjAxLTc3YzAtNGE0MC05NTYzLWQ2YmI1ODBhZjc4NS8xL2RrVnBMVXZURFBu
cGlkVmJySTBJNTNGRWs2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAB8OtwMEAE1RjwMEAE4obzAMAwQA
VmpLAwQAVmpMAwQAWS+3AwQBW+m0AwQAsN93AwQAvNOpAwQAwkz3AwQBw8heMA0G
CSqGSIb3DQEBCwUAA4IBAQCrMegbIlQH1K4EbHwN+SYo8CD/mo06mQ3dPSJAeq6c
0WEbS1cgIr9Z+vvmQdb6B1DaFQIpS4k1u/OtsBSfONKWt5LeuXbbHpa5ElKCs/Jo
6pyOmu947e0SVMVqkGyabrVhPF6qIAE1qe5R52EhpZ8t4pvNhkYOsqNA+t4p75Yl
wrGaZ/BPB5bdX+mfVZS3QVspjQMHlE88Fyxr5+c/q1aXNCyLgOurjjdIsPrbZQGS
71TSHvq6Om3Moo4KqS4IWHvvA5IMXk9K1WWNp6E30bbjcLI6gtNrmV0QJ2EcdYa6
Y33AYW5BzSHvZWL7BKh2ur55tWTswyIXzA9AfojFkn+2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:39 2024 by rpki-client on console-ams.rpki-client.org