Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3jogTZa8hrMT0ChgXn-EQ1DqNsg.roa
File: 3jogTZa8hrMT0ChgXn-EQ1DqNsg.roa (raw, json)
Hash identifier: Cw81gyNqKiC++fkz0i/sssG970krfT73/I81eqGvDa0=
Subject key identifier: DE:3A:20:4D:96:BC:86:B3:13:D0:28:60:5E:7F:84:43:50:EA:36:C8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0183F7B5D3A4AA9179F1BED561AEEF7B7FC8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3jogTZa8hrMT0ChgXn-EQ1DqNsg.roa
Signing time: Thu 20 Oct 2022 23:23:52 +0000
ROA not before: Thu 20 Oct 2022 23:23:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210876
IP address blocks: 194.35.40.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
45.134.84.0/23 maxlen: 23
45.134.84.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
45.159.76.0/22 maxlen: 24
45.142.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f7:b5:d3:a4:aa:91:79:f1:be:d5:61:ae:ef:7b:7f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 20 23:23:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de3a204d96bc86b313d028605e7f844350ea36c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:27:c3:c9:b9:47:00:3b:55:e9:03:0f:f1:e9:
e4:83:92:27:0d:1c:d2:bf:8c:04:ea:d3:e1:d9:08:
dd:b9:be:3a:38:d3:5d:10:70:cd:12:a5:fc:d3:d8:
18:8c:1b:df:ba:66:11:66:09:be:49:d3:c1:07:d2:
4d:c9:e8:a1:f2:69:f9:89:17:e3:04:83:2a:3a:59:
db:56:8e:e7:30:fb:e4:07:a4:8a:11:23:77:4d:5c:
60:48:cf:8c:88:53:71:00:16:43:02:67:86:3b:a3:
e2:88:dd:68:c6:bc:60:e8:d1:bf:ff:f1:ba:41:7c:
12:fc:6c:d3:bb:56:a1:75:79:b6:6b:fd:7e:41:c8:
69:32:43:ba:b6:0f:cb:5c:91:c2:32:b9:c7:f6:74:
b5:86:5b:02:09:7f:d2:75:64:4e:6b:3e:96:cc:dc:
99:58:bd:dd:9f:7a:22:44:eb:c7:28:7d:ab:ec:e6:
8f:22:7e:a5:b5:fb:aa:60:08:2c:cc:cf:10:af:e2:
c5:b3:cf:aa:e2:84:20:95:39:2b:3b:07:08:3e:e1:
55:76:eb:da:bd:6c:67:7a:0c:fc:a6:ed:7f:c8:14:
48:98:21:5e:29:71:43:66:26:e9:5e:71:cd:0f:0f:
7c:98:25:98:14:06:e9:72:7c:0e:c1:ba:7a:41:d2:
05:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3A:20:4D:96:BC:86:B3:13:D0:28:60:5E:7F:84:43:50:EA:36:C8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3jogTZa8hrMT0ChgXn-EQ1DqNsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
185.216.30.0/23
185.226.8.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
08:80:bd:b9:8b:f1:40:9a:9a:57:eb:28:4c:3e:65:cd:e5:81:
34:f7:0f:54:1f:a8:23:56:b1:33:26:ea:c2:a1:40:b0:4d:19:
71:1f:10:e1:b0:04:9f:28:c2:7f:21:b5:0a:27:57:01:35:97:
85:61:99:01:06:ab:94:bc:76:b6:28:7f:30:59:2b:8f:96:88:
de:16:a8:71:11:7a:4b:c9:fb:05:98:9e:80:fa:7a:5d:52:f2:
0b:d3:7d:f3:cb:d3:5b:48:90:e7:18:f3:04:c9:b6:8f:ea:8b:
15:71:9b:f1:23:37:b8:b8:ab:a7:7f:c5:89:f8:83:45:ac:59:
d9:4a:aa:da:7f:b8:8c:61:f3:23:fb:43:fb:20:a1:4f:70:c0:
9f:d8:77:08:3d:43:c6:8e:cb:ea:e8:65:af:83:db:ca:bc:9a:
b1:39:b2:c0:56:e0:d1:cd:2f:39:eb:1f:3c:1b:f4:d6:0f:dc:
bc:33:82:93:99:31:46:35:d5:ed:46:a7:58:a7:26:74:bf:f5:
8a:f4:0e:ab:dc:9d:5a:f4:9a:eb:1d:a6:35:af:78:d8:8e:48:
35:c0:ff:c0:1b:78:10:5d:29:c4:c2:8b:9e:ef:3b:28:5e:96:
0e:e5:a0:81:f2:27:ce:20:ca:b4:32:75:9e:84:c4:91:d4:66:
6e:b8:ff:2c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYP3tdOkqpF58b7VYa7ve3/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMDIwMjMyMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTNhMjA0ZDk2YmM4NmIzMTNkMDI4NjA1ZTdmODQ0MzUwZWEzNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSfDyblHADtV6QMP8enkg5InDRzS
v4wE6tPh2Qjdub46ONNdEHDNEqX809gYjBvfumYRZgm+SdPBB9JNyeih8mn5iRfj
BIMqOlnbVo7nMPvkB6SKESN3TVxgSM+MiFNxABZDAmeGO6PiiN1oxrxg6NG///G6
QXwS/GzTu1ahdXm2a/1+QchpMkO6tg/LXJHCMrnH9nS1hlsCCX/SdWROaz6WzNyZ
WL3dn3oiROvHKH2r7OaPIn6ltfuqYAgszM8Qr+LFs8+q4oQglTkrOwcIPuFVduva
vWxnegz8pu1/yBRImCFeKXFDZibpXnHNDw98mCWYFAbpcnwOwbp6QdIFlwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN46IE2WvIazE9AoYF5/hENQ6jbIMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM2pvZ1RaYThock1UMENoZ1huLUVRMURxTnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQBudgeAwQAueIIAwQAwiMoMA0GCSqGSIb3DQEBCwUA
A4IBAQAIgL25i/FAmppX6yhMPmXN5YE09w9UH6gjVrEzJurCoUCwTRlxHxDhsASf
KMJ/IbUKJ1cBNZeFYZkBBquUvHa2KH8wWSuPlojeFqhxEXpLyfsFmJ6A+npdUvIL
033zy9NbSJDnGPMEybaP6osVcZvxIze4uKunf8WJ+INFrFnZSqraf7iMYfMj+0P7
IKFPcMCf2HcIPUPGjsvq6GWvg9vKvJqxObLAVuDRzS856x88G/TWD9y8M4KTmTFG
NdXtRqdYpyZ0v/WK9A6r3J1a9JrrHaY1r3jYjkg1wP/AG3gQXSnEwoue7zsoXpYO
5aCB8ifOIMq0MnWehMSR1GZuuP8s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org