Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/s_3At1WcxkPxfXq9_EpC7K8OeZA.roa
File: s_3At1WcxkPxfXq9_EpC7K8OeZA.roa (raw, json)
Hash identifier: UH8UKv8Crh4GxegMBT4HtSXcHYcog+WsKwgBq53riiM=
Subject key identifier: B3:FD:C0:B7:55:9C:C6:43:F1:7D:7A:BD:FC:4A:42:EC:AF:0E:79:90
Certificate issuer: /CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48
Certificate serial: 018570FBAE73B98E64A0C2B6A3B48625F523
Authority key identifier: 1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/s_3At1WcxkPxfXq9_EpC7K8OeZA.roa
Signing time: Mon 02 Jan 2023 05:37:00 +0000
ROA not before: Mon 02 Jan 2023 05:37:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51948
IP address blocks: 185.240.8.0/22 maxlen: 22
91.219.104.0/22 maxlen: 22
195.242.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ae:73:b9:8e:64:a0:c2:b6:a3:b4:86:25:f5:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48
Validity
Not Before: Jan 2 05:37:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3fdc0b7559cc643f17d7abdfc4a42ecaf0e7990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:61:7e:18:f9:8b:92:69:5e:73:83:f1:88:28:
40:ab:e6:0b:a5:59:f4:df:70:93:11:f7:ff:58:ca:
aa:f3:e7:20:98:2e:04:1c:53:d6:e0:14:18:1e:0a:
a8:1b:a9:6b:a8:47:a0:70:da:4d:13:83:1e:66:dc:
d4:04:74:82:59:ed:7e:59:2a:45:26:92:d8:3a:e2:
de:1d:d6:9c:24:52:28:0b:3d:ab:a6:49:09:55:0a:
0a:8c:75:a2:eb:f0:83:6f:9a:ec:e5:2e:04:fc:1b:
de:85:26:73:5c:10:ce:e2:3e:a1:39:2f:cd:98:cd:
4f:68:cf:e8:c2:11:2c:17:db:58:e1:1c:c5:b5:1e:
52:54:3e:99:ac:10:bc:29:8f:e9:5f:83:5f:a4:f3:
15:1e:20:17:f1:bb:ca:02:b0:b3:6e:f2:ab:f8:a0:
c0:eb:79:c2:16:30:7d:97:69:fe:ed:66:0b:e6:90:
6b:b1:48:dc:7a:c0:dd:62:74:ab:65:a6:6a:99:f3:
f9:85:43:46:1e:2b:c0:50:aa:48:07:37:75:fa:d5:
94:79:41:f3:25:16:d4:dd:17:72:24:d0:b7:92:8c:
cd:3e:f1:f4:a6:fa:ae:6c:bb:0e:24:01:3b:e8:1b:
33:4d:90:1e:db:16:4a:32:82:70:a2:ae:f0:22:02:
85:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FD:C0:B7:55:9C:C6:43:F1:7D:7A:BD:FC:4A:42:EC:AF:0E:79:90
X509v3 Authority Key Identifier:
keyid:1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/s_3At1WcxkPxfXq9_EpC7K8OeZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.104.0/22
185.240.8.0/22
195.242.64.0/23
Signature Algorithm: sha256WithRSAEncryption
83:ff:c4:1c:d2:67:65:83:a9:30:e6:e9:fe:f8:59:25:d3:3d:
f1:82:34:cc:5e:64:a8:2a:ba:8c:11:5d:f2:3a:c2:fa:22:9f:
3b:f5:1a:34:94:e5:43:2d:9b:90:62:3a:a9:62:f4:08:74:57:
e5:8e:0b:6e:80:c2:89:e7:34:d0:93:02:fe:40:c1:b2:1d:c0:
a1:1e:a3:87:38:02:24:ca:a1:66:3c:75:81:b2:f7:ef:96:79:
83:33:a2:f2:f2:d0:66:8c:39:f0:a2:e7:55:1c:7d:3b:18:26:
1f:ba:ac:0e:b8:f0:a0:f7:23:1d:e7:29:a8:ff:13:01:4c:95:
78:f4:1d:91:0d:12:0a:8f:51:57:fd:6a:70:d3:cc:2a:47:5b:
53:e5:3b:d9:28:ed:b8:8f:5e:6d:8e:a5:b0:19:99:84:c4:d0:
df:0d:33:2c:36:d2:9a:06:d1:7d:67:01:3f:a7:e4:1f:b5:94:
c8:d7:b7:c6:d7:c8:b2:eb:00:72:83:1b:90:67:10:1d:4c:55:
67:61:ad:c7:a2:66:83:a9:9d:92:85:c1:8c:00:c6:c9:85:df:
a9:f6:52:d1:19:96:cc:1a:67:30:ea:96:1f:12:bc:9c:56:d4:
37:f5:69:9f:ec:0a:80:0a:b7:fc:e0:31:ce:bc:bd:15:d8:31:
1f:50:45:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw+65zuY5koMK2o7SGJfUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzhlZDQ2NmRlMmU2Y2E1OTY0ZDFlZWQwZjI0MGRkZDI1
MWRlNDgwHhcNMjMwMTAyMDUzNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZkYzBiNzU1OWNjNjQzZjE3ZDdhYmRmYzRhNDJlY2FmMGU3OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWF+GPmLkmlec4PxiChAq+YLpVn0
33CTEff/WMqq8+cgmC4EHFPW4BQYHgqoG6lrqEegcNpNE4MeZtzUBHSCWe1+WSpF
JpLYOuLeHdacJFIoCz2rpkkJVQoKjHWi6/CDb5rs5S4E/BvehSZzXBDO4j6hOS/N
mM1PaM/owhEsF9tY4RzFtR5SVD6ZrBC8KY/pX4NfpPMVHiAX8bvKArCzbvKr+KDA
63nCFjB9l2n+7WYL5pBrsUjcesDdYnSrZaZqmfP5hUNGHivAUKpIBzd1+tWUeUHz
JRbU3RdyJNC3kozNPvH0pvqubLsOJAE76BszTZAe2xZKMoJwoq7wIgKFyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLP9wLdVnMZD8X16vfxKQuyvDnmQMB8GA1UdIwQY
MBaAFB/I7UZt4ubKWWTR7tDyQN3SUd5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDkt
ZjQ4ZDRiYWJkNTBmLzEvc18zQXQxV2N4a1B4ZlhxOV9FcEM3SzhPZVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDktZjQ4ZDRiYWJkNTBm
LzEvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9toAwQC
ufAIAwQBw/JAMA0GCSqGSIb3DQEBCwUAA4IBAQCD/8Qc0mdlg6kw5un++Fkl0z3x
gjTMXmSoKrqMEV3yOsL6Ip879Ro0lOVDLZuQYjqpYvQIdFfljgtugMKJ5zTQkwL+
QMGyHcChHqOHOAIkyqFmPHWBsvfvlnmDM6Ly8tBmjDnwoudVHH07GCYfuqwOuPCg
9yMd5ymo/xMBTJV49B2RDRIKj1FX/Wpw08wqR1tT5TvZKO24j15tjqWwGZmExNDf
DTMsNtKaBtF9ZwE/p+QftZTI17fG18iy6wBygxuQZxAdTFVnYa3HomaDqZ2ShcGM
AMbJhd+p9lLRGZbMGmcw6pYfErycVtQ39Wmf7AqACrf84DHOvL0V2DEfUEWw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:08 2025 by rpki-client