Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3aJQKtIyGhhyhMic1qZgAfeA__E.roa
File: 3aJQKtIyGhhyhMic1qZgAfeA__E.roa (raw, json)
Hash identifier: 9KK9SdXrZ+pTe31Xz2e8tdLTWret//aW9EUa29VJmkw=
Subject key identifier: DD:A2:50:2A:D2:32:1A:18:72:84:C8:9C:D6:A6:60:01:F7:80:FF:F1
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018393461A3295988437199D3590298151F6
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3aJQKtIyGhhyhMic1qZgAfeA__E.roa
Signing time: Sat 01 Oct 2022 11:19:48 +0000
ROA not before: Sat 01 Oct 2022 11:19:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212025
IP address blocks: 85.158.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:93:46:1a:32:95:98:84:37:19:9d:35:90:29:81:51:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 1 11:19:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dda2502ad2321a187284c89cd6a66001f780fff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:62:10:3f:92:e9:3c:95:24:c1:8b:93:ff:87:
01:2e:7f:62:64:bf:aa:82:df:bd:24:f8:23:03:df:
54:fe:86:90:b5:97:ba:17:fe:65:2b:14:c2:68:f0:
50:85:b4:9c:8c:e6:20:00:44:6b:87:f5:d8:65:ed:
a4:c5:a4:f7:cb:3a:56:ab:a3:8c:8f:52:c1:d1:a4:
11:a1:76:99:cf:28:5e:87:54:85:ee:07:78:ee:e2:
21:19:0e:ea:19:91:62:be:1d:84:cc:60:ca:33:1c:
ca:d1:c7:4f:97:67:61:fc:c1:c1:9a:a4:7e:72:82:
6c:83:32:bb:99:ae:b9:66:4f:3e:31:ba:0a:15:fb:
52:24:90:6f:4b:55:fb:85:ef:e4:2f:32:a6:9c:51:
45:f1:67:d2:5c:2b:33:60:e8:2d:99:6e:ac:21:1a:
bf:72:de:08:25:5b:cc:28:ca:33:4b:28:a6:51:61:
7a:fb:87:e3:f0:de:df:80:b7:00:d6:78:43:6c:c1:
05:cd:4d:bf:99:b5:05:5a:81:9f:1d:8f:cc:6b:97:
26:53:3a:6f:23:79:54:5d:74:50:71:10:52:6e:d6:
73:65:7f:10:dc:b2:f9:5b:32:ce:a5:82:5a:82:d7:
f1:00:c6:94:8c:9b:8e:29:d2:88:0f:38:8b:52:55:
ce:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A2:50:2A:D2:32:1A:18:72:84:C8:9C:D6:A6:60:01:F7:80:FF:F1
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3aJQKtIyGhhyhMic1qZgAfeA__E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.145.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:88:5b:aa:40:00:f2:af:b9:8c:9f:5e:b1:ab:3d:97:ed:33:
ff:f9:e5:cc:89:c8:16:f1:61:ed:66:33:3b:17:b6:ed:6b:d4:
20:e0:ef:7c:f2:69:1f:54:44:4b:9d:b0:a7:1f:1c:99:11:33:
f4:89:cb:f7:95:66:7f:ab:e0:c1:5e:24:f4:f6:78:11:b6:08:
f3:e9:ee:61:bf:60:38:29:75:90:99:0c:f0:89:96:95:ab:64:
4e:be:c6:a0:6f:cf:65:6a:3e:87:a1:7c:e6:d9:f1:4d:a6:70:
78:20:cd:e6:7b:70:41:64:8b:22:ed:f1:bf:bc:c6:4b:4c:6d:
5f:c3:90:82:96:0c:9f:4c:f1:02:9c:f3:ad:c7:2e:b0:3b:ed:
d8:9c:1b:b1:40:a2:56:ff:69:9a:e7:d2:ab:b4:39:3b:2d:e3:
3f:7f:7f:3a:90:96:bd:b9:b7:ba:10:b0:cd:49:ad:54:4b:ad:
c2:9e:e4:2b:23:a8:fe:e0:25:50:9d:4a:bb:bb:09:e4:da:08:
9b:ee:af:25:a4:49:7b:8d:62:d8:08:7b:d1:b9:ef:65:03:a3:
4b:e6:f1:84:de:81:3c:73:76:1d:15:c3:16:a5:af:4a:d6:55:
64:4c:e5:0b:f9:71:2a:a2:64:0c:b3:25:63:e8:d7:6a:e9:48:
43:18:d4:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOTRhoylZiENxmdNZApgVH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDAxMTExOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGEyNTAyYWQyMzIxYTE4NzI4NGM4OWNkNmE2NjAwMWY3ODBmZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2IQP5LpPJUkwYuT/4cBLn9iZL+q
gt+9JPgjA99U/oaQtZe6F/5lKxTCaPBQhbScjOYgAERrh/XYZe2kxaT3yzpWq6OM
j1LB0aQRoXaZzyheh1SF7gd47uIhGQ7qGZFivh2EzGDKMxzK0cdPl2dh/MHBmqR+
coJsgzK7ma65Zk8+MboKFftSJJBvS1X7he/kLzKmnFFF8WfSXCszYOgtmW6sIRq/
ct4IJVvMKMozSyimUWF6+4fj8N7fgLcA1nhDbMEFzU2/mbUFWoGfHY/Ma5cmUzpv
I3lUXXRQcRBSbtZzZX8Q3LL5WzLOpYJagtfxAMaUjJuOKdKIDziLUlXODwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2iUCrSMhoYcoTInNamYAH3gP/xMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvM2FKUUt0SXlHaGh5aE1pYzFxWmdBZmVBX19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ6RMA0G
CSqGSIb3DQEBCwUAA4IBAQDdiFuqQADyr7mMn16xqz2X7TP/+eXMicgW8WHtZjM7
F7bta9Qg4O988mkfVERLnbCnHxyZETP0icv3lWZ/q+DBXiT09ngRtgjz6e5hv2A4
KXWQmQzwiZaVq2ROvsagb89laj6HoXzm2fFNpnB4IM3me3BBZIsi7fG/vMZLTG1f
w5CClgyfTPECnPOtxy6wO+3YnBuxQKJW/2ma59KrtDk7LeM/f386kJa9ube6ELDN
Sa1US63CnuQrI6j+4CVQnUq7uwnk2gib7q8lpEl7jWLYCHvRue9lA6NL5vGE3oE8
c3YdFcMWpa9K1lVkTOUL+XEqomQMsyVj6Ndq6UhDGNQC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:20 2025 by rpki-client