Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/3rLEwj-k_P0KSDl3-AB-hLWTvuY.roa
File: 3rLEwj-k_P0KSDl3-AB-hLWTvuY.roa (raw, json)
Hash identifier: Kq7K64VV8HLu5YEV87tn1XeQIPxL6nyH7ENXFZjix6M=
Subject key identifier: DE:B2:C4:C2:3F:A4:FC:FD:0A:48:39:77:F8:00:7E:84:B5:93:BE:E6
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 069B44E8
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/3rLEwj-k_P0KSDl3-AB-hLWTvuY.roa
Signing time: Sat 01 Jan 2022 14:58:04 +0000
ROA not before: Sat 01 Jan 2022 14:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8410
IP address blocks: 212.15.32.0/20 maxlen: 20
212.15.48.0/21 maxlen: 21
194.55.163.0/24 maxlen: 24
194.0.120.0/22 maxlen: 22
194.55.161.0/24 maxlen: 24
194.55.171.0/24 maxlen: 24
194.55.168.0/24 maxlen: 24
195.140.180.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110839016 (0x69b44e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Jan 1 14:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=deb2c4c23fa4fcfd0a483977f8007e84b593bee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:18:41:d3:f7:e4:09:9e:ce:e6:1f:d8:50:44:
20:88:ba:80:49:52:26:68:34:12:0a:cb:7f:29:c0:
6b:23:3e:6f:e0:a8:91:fb:3d:a7:c3:8f:d9:41:c3:
51:43:de:22:32:ed:b1:83:10:62:01:48:ec:1f:cd:
f8:98:a2:b0:ca:3d:e2:d9:bf:3e:a0:f2:8a:55:f8:
dc:46:54:87:81:02:9c:e9:7d:1c:a9:84:e5:19:0f:
e5:ac:45:0b:ce:a2:aa:8d:b4:71:0a:44:36:36:8f:
0d:cc:4b:88:f6:3a:d7:a4:6b:8a:b8:17:e5:f8:73:
c2:21:1e:cb:5e:1e:71:b5:86:f0:b7:4a:d0:65:c4:
a8:32:a8:b4:aa:74:a8:9e:44:d4:cc:dc:32:bf:b3:
c1:37:f0:d7:9f:54:18:34:3e:cb:ec:fd:09:1c:1d:
4a:fc:5b:4f:ad:ad:ff:f4:52:cb:69:ea:4a:07:d7:
d7:d5:91:c4:3d:27:c5:cd:de:4f:ac:e5:92:15:be:
e1:c1:15:29:ee:25:38:d1:94:fe:3c:a4:be:ad:fc:
3e:ab:10:6d:aa:d0:69:3e:ee:09:43:c1:04:2f:4b:
9f:48:1b:2c:7e:44:5a:fc:53:df:c8:43:a8:84:c1:
04:68:27:10:15:3a:16:50:19:b4:ca:f3:14:6a:d6:
0e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B2:C4:C2:3F:A4:FC:FD:0A:48:39:77:F8:00:7E:84:B5:93:BE:E6
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/3rLEwj-k_P0KSDl3-AB-hLWTvuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.120.0/22
194.55.161.0/24
194.55.163.0/24
194.55.168.0/24
194.55.171.0/24
195.140.180.0/22
212.15.32.0-212.15.55.255
Signature Algorithm: sha256WithRSAEncryption
2f:91:d5:8f:0e:02:09:4b:a3:d0:06:4c:93:a6:2b:33:c7:10:
16:99:20:98:65:c9:a8:d6:a0:7b:20:a6:fb:53:67:4f:74:27:
69:a3:52:b3:1d:ce:59:35:b8:cb:90:0a:78:5d:19:c8:fe:1a:
44:b8:6e:86:8f:63:73:78:11:9b:9f:6b:7a:32:d2:f6:81:7c:
0a:94:71:1b:93:af:8e:ac:5a:d3:22:c0:28:d0:15:20:44:53:
5d:41:28:cd:cd:de:5c:05:f6:60:39:30:17:f3:c1:98:cf:58:
d3:2d:f4:25:2b:22:7f:d8:a5:79:6a:ce:5d:b1:24:39:01:b8:
23:0a:6f:37:f0:5f:40:7c:e6:8b:ef:ed:67:20:07:9d:d8:53:
4e:8a:d7:35:35:94:83:43:aa:9e:bc:42:ed:c0:54:f2:e8:da:
b0:b4:6a:6a:76:f6:96:43:f1:7f:dd:10:e5:b7:d2:b9:43:cf:
75:72:56:d7:d7:c7:6e:e5:1c:9f:3a:b1:db:34:b8:9e:c8:2c:
5a:74:2b:f9:ed:5d:04:53:94:e9:b9:3e:7f:e4:b2:dd:b2:19:
64:ce:14:60:c0:5a:24:ab:ac:62:46:44:4d:2a:c7:33:83:36:
6b:e8:42:ea:c0:58:f1:36:bd:95:b2:61:4c:9b:38:51:ad:2b:
61:17:9d:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBptE6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmVhZmFhMzBiMzQwZWNmODEwYTRjYjlhZjNiNTFjNzAyNTY2NTk4MB4XDTIyMDEw
MTE0NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGViMmM0YzIzZmE0
ZmNmZDBhNDgzOTc3ZjgwMDdlODRiNTkzYmVlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0YQdP35AmezuYf2FBEIIi6gElSJmg0EgrLfynAayM+b+Co
kfs9p8OP2UHDUUPeIjLtsYMQYgFI7B/N+JiisMo94tm/PqDyilX43EZUh4ECnOl9
HKmE5RkP5axFC86iqo20cQpENjaPDcxLiPY616RrirgX5fhzwiEey14ecbWG8LdK
0GXEqDKotKp0qJ5E1MzcMr+zwTfw159UGDQ+y+z9CRwdSvxbT62t//RSy2nqSgfX
19WRxD0nxc3eT6zlkhW+4cEVKe4lONGU/jykvq38PqsQbarQaT7uCUPBBC9Ln0gb
LH5EWvxT38hDqITBBGgnEBU6FlAZtMrzFGrWDlcCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTessTCP6T8/QpIOXf4AH6EtZO+5jAfBgNVHSMEGDAWgBTC6vqjCzQOz4EK
TLmvO1HHAlZlmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d1cjZvd3MwRHMtQkNreTVyenRSeHdKV1paZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvYTM0YTE2LWY4ODAtNDg3My04NjhiLTVlY2FmZGE0NzFmNy8x
LzNyTEV3ai1rX1AwS1NEbDMtQUItaExXVHZ1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
YTM0YTE2LWY4ODAtNDg3My04NjhiLTVlY2FmZGE0NzFmNy8xL3d1cjZvd3MwRHMt
QkNreTVyenRSeHdKV1paZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAsIAeAMEAMI3oQMEAMI3owMEAMI3
qAMEAMI3qwMEAsOMtDAMAwQF1A8gAwQD1A8wMA0GCSqGSIb3DQEBCwUAA4IBAQAv
kdWPDgIJS6PQBkyTpiszxxAWmSCYZcmo1qB7IKb7U2dPdCdpo1KzHc5ZNbjLkAp4
XRnI/hpEuG6Gj2NzeBGbn2t6MtL2gXwKlHEbk6+OrFrTIsAo0BUgRFNdQSjNzd5c
BfZgOTAX88GYz1jTLfQlKyJ/2KV5as5dsSQ5AbgjCm838F9AfOaL7+1nIAed2FNO
itc1NZSDQ6qevELtwFTy6NqwtGpqdvaWQ/F/3RDlt9K5Q891clbX18du5RyfOrHb
NLieyCxadCv57V0EU5TpuT5/5LLdshlkzhRgwFokq6xiRkRNKsczgzZr6ELqwFjx
Nr2VsmFMmzhRrSthF50q
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:04:10 2025 by rpki-client