Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/tC3V_GvriFeIYq1IbuCTMcpvl9Y.roa
File: tC3V_GvriFeIYq1IbuCTMcpvl9Y.roa (raw, json)
Hash identifier: vLGsSmuSFHBOiG5ebheo6RCvodlh9oBltanq0S94QIU=
Subject key identifier: B4:2D:D5:FC:6B:EB:88:57:88:62:AD:48:6E:E0:93:31:CA:6F:97:D6
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 01856BCA435FFE74D6B6EBC52E04E28A0153
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/tC3V_GvriFeIYq1IbuCTMcpvl9Y.roa
Signing time: Sun 01 Jan 2023 05:24:55 +0000
ROA not before: Sun 01 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199652
IP address blocks: 188.214.151.0/24 maxlen: 24
94.177.148.0/23 maxlen: 23
188.241.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:43:5f:fe:74:d6:b6:eb:c5:2e:04:e2:8a:01:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 1 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b42dd5fc6beb88578862ad486ee09331ca6f97d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f2:a4:91:70:c7:f5:50:90:61:9c:75:5d:cd:
9b:0d:41:3c:52:c1:2a:3b:f2:4d:16:e5:ca:92:12:
4a:88:5c:4c:76:63:e3:24:5a:11:85:42:9b:34:a8:
ab:71:17:59:ea:d0:c5:f4:c1:57:82:a5:82:15:1a:
cf:73:54:ac:32:2c:e3:42:88:ed:2e:58:c1:30:8d:
d8:91:07:83:31:a3:f3:db:ab:9e:b9:ad:43:10:a1:
7a:d5:c4:b8:7f:90:c6:a1:7a:5b:a7:44:9c:8b:75:
5f:6e:d1:83:c2:ac:a6:d5:8d:50:82:27:b1:94:e5:
d1:76:b4:a4:ed:ee:68:93:28:bb:da:eb:43:70:be:
11:70:00:d5:51:6b:9e:30:a1:4b:b0:d9:26:84:78:
9a:c2:59:aa:26:e4:7e:46:98:6a:7d:b7:6c:af:fd:
8a:04:23:28:14:67:93:fa:fe:e4:22:98:a4:70:5f:
9d:a1:d7:a2:06:b5:01:95:fb:76:56:ee:bc:4e:95:
e1:45:0b:67:a6:0c:ea:ea:7a:06:16:66:7f:b0:ba:
d2:51:11:35:f5:57:80:c8:d9:ad:e8:26:e1:8a:40:
ef:1a:7b:94:c2:b3:e2:ec:21:a4:40:af:4d:b8:cf:
3a:1c:7b:20:92:17:ff:8e:84:55:d6:80:e4:bc:19:
25:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2D:D5:FC:6B:EB:88:57:88:62:AD:48:6E:E0:93:31:CA:6F:97:D6
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/tC3V_GvriFeIYq1IbuCTMcpvl9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.148.0/23
188.214.151.0/24
188.241.69.0/24
Signature Algorithm: sha256WithRSAEncryption
10:44:3b:d4:b8:99:09:90:4f:1f:ae:f6:d3:80:65:1a:d7:af:
d9:43:4b:da:02:3f:c8:ba:22:b8:96:1a:1b:8b:be:e0:08:71:
96:62:42:83:c8:d7:23:cd:62:1a:f4:83:dc:38:2b:5e:cb:88:
1d:cc:62:d1:fb:c4:7b:e8:70:18:25:d4:2a:3a:61:dd:c6:62:
ee:2b:fa:0f:64:f5:c0:e8:19:c6:32:c4:ac:3b:48:5f:95:91:
a7:b7:b1:54:ec:e3:c6:fd:82:42:ba:ed:a9:51:a4:eb:64:b7:
24:f4:c9:18:14:b2:49:db:92:de:0a:98:af:13:03:27:ef:89:
31:ac:c8:6f:26:9a:21:7c:ed:f8:25:2e:25:fc:1c:db:ed:cb:
48:24:44:62:8e:c3:b7:e7:5d:eb:74:ed:78:41:ed:cb:4b:85:
c1:6e:0e:fd:48:2c:5a:dd:d1:cb:4a:61:54:be:be:36:b8:1c:
a8:04:7e:72:b7:b5:ba:ff:34:f2:85:12:e9:47:7c:8b:5d:ce:
c4:18:78:18:4e:8c:b6:28:76:c7:88:88:58:17:b8:1b:14:77:
6d:64:e9:b0:89:02:7e:c3:59:17:e6:6d:bc:34:be:c0:e8:4f:
f7:da:f7:d7:6e:93:33:2c:58:35:06:69:17:52:d2:85:7d:25:
cb:fb:a0:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrykNf/nTWtuvFLgTiigFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjMwMTAxMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDJkZDVmYzZiZWI4ODU3ODg2MmFkNDg2ZWUwOTMzMWNhNmY5N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvKkkXDH9VCQYZx1Xc2bDUE8UsEq
O/JNFuXKkhJKiFxMdmPjJFoRhUKbNKircRdZ6tDF9MFXgqWCFRrPc1SsMizjQojt
LljBMI3YkQeDMaPz26ueua1DEKF61cS4f5DGoXpbp0Sci3VfbtGDwqym1Y1Qgiex
lOXRdrSk7e5okyi72utDcL4RcADVUWueMKFLsNkmhHiawlmqJuR+Rphqfbdsr/2K
BCMoFGeT+v7kIpikcF+dodeiBrUBlft2Vu68TpXhRQtnpgzq6noGFmZ/sLrSURE1
9VeAyNmt6CbhikDvGnuUwrPi7CGkQK9NuM86HHsgkhf/joRV1oDkvBklrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLQt1fxr64hXiGKtSG7gkzHKb5fWMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvdEMzVl9HdnJpRmVJWXExSWJ1Q1RNY3B2bDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXrGUAwQA
vNaXAwQAvPFFMA0GCSqGSIb3DQEBCwUAA4IBAQAQRDvUuJkJkE8frvbTgGUa16/Z
Q0vaAj/IuiK4lhobi77gCHGWYkKDyNcjzWIa9IPcOCtey4gdzGLR+8R76HAYJdQq
OmHdxmLuK/oPZPXA6BnGMsSsO0hflZGnt7FU7OPG/YJCuu2pUaTrZLck9MkYFLJJ
25LeCpivEwMn74kxrMhvJpohfO34JS4l/Bzb7ctIJERijsO3513rdO14Qe3LS4XB
bg79SCxa3dHLSmFUvr42uByoBH5yt7W6/zTyhRLpR3yLXc7EGHgYToy2KHbHiIhY
F7gbFHdtZOmwiQJ+w1kX5m28NL7A6E/32vfXbpMzLFg1BmkXUtKFfSXL+6BX
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:01 2025 by rpki-client