Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/3UJ6rw8nSmhZ-iUDaDZ2kaZXVIc.roa
File: 3UJ6rw8nSmhZ-iUDaDZ2kaZXVIc.roa (raw, json)
Hash identifier: 28QB+qwQg0Q1UdI19pAOma74pLKes/33MBOLppf0qT0=
Subject key identifier: DD:42:7A:AF:0F:27:4A:68:59:FA:25:03:68:36:76:91:A6:57:54:87
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 06896D2F
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/3UJ6rw8nSmhZ-iUDaDZ2kaZXVIc.roa
Signing time: Thu 23 Jun 2022 14:37:30 +0000
ROA not before: Thu 23 Jun 2022 14:37:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60695
IP address blocks: 185.228.108.0/22 maxlen: 22
155.133.33.0/24 maxlen: 24
185.225.100.0/22 maxlen: 22
155.133.60.0/23 maxlen: 23
2a06:1e00::/29 maxlen: 48
2a0d:b400::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109669679 (0x6896d2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jun 23 14:37:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd427aaf0f274a6859fa250368367691a6575487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c7:d4:52:e9:97:de:d8:2c:e7:c1:58:57:be:
52:39:cb:32:0b:b1:3e:aa:be:a7:74:89:30:6e:e7:
6c:bb:aa:a3:97:cd:96:a7:c5:23:d8:b1:5c:f4:33:
da:91:3e:3d:ff:c9:21:2c:19:9d:d3:3e:fe:43:0f:
8f:0c:14:49:8e:4d:15:71:6b:f2:ac:e1:6c:ac:98:
94:13:40:39:87:98:dd:f1:b8:54:0e:71:e1:eb:fa:
ec:74:0a:41:cb:13:54:5c:c7:ab:70:32:f9:3b:4b:
a4:e3:ad:e7:cc:28:34:7e:7d:10:c2:d4:0e:e2:af:
96:ef:9e:65:1a:15:18:29:c4:c2:b9:9c:23:29:27:
ad:b5:0e:13:a8:8a:97:33:a2:64:43:92:d5:b7:07:
e5:e4:3e:d0:64:0c:f5:62:dc:4f:2d:76:63:bb:e7:
40:58:a2:85:39:2b:ea:7a:d9:29:7a:7e:7e:91:cf:
64:b5:30:3c:5b:63:eb:cf:09:a0:bb:ff:96:3d:61:
c2:f4:6f:5c:d1:59:45:47:0c:06:76:4c:3f:bf:92:
2f:7a:dd:d0:cd:51:dc:32:d8:61:16:dc:11:49:e4:
27:5a:82:d6:9e:5c:45:3c:3c:b8:06:7c:af:72:bf:
3f:e6:dc:9e:ee:6a:42:6b:c0:ac:c0:7c:a6:15:e5:
c0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:42:7A:AF:0F:27:4A:68:59:FA:25:03:68:36:76:91:A6:57:54:87
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/3UJ6rw8nSmhZ-iUDaDZ2kaZXVIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.33.0/24
155.133.60.0/23
185.225.100.0/22
185.228.108.0/22
IPv6:
2a06:1e00::/29
2a0d:b400::/29
Signature Algorithm: sha256WithRSAEncryption
9c:da:1a:14:4f:27:2a:08:c1:fd:f1:d6:15:30:78:4f:a0:fd:
0b:05:82:a5:d6:a6:88:f2:06:f0:05:ee:fb:35:e0:ea:c4:fa:
e7:25:8e:26:06:11:6e:a8:40:7e:d9:54:1d:c5:cd:7b:6d:7f:
6a:15:ed:bc:48:c5:e3:a0:90:3e:86:5d:9a:c3:da:20:44:b6:
bc:c6:a3:5a:30:42:a3:80:63:37:3e:62:b6:fb:f4:a7:41:e1:
74:0f:96:eb:e0:d5:3f:f6:28:97:f0:ff:74:be:a7:29:f3:0d:
c6:88:6b:fd:87:f6:54:05:8e:a6:fa:b2:b9:a1:24:4a:60:65:
38:20:b4:41:4f:43:4c:21:0f:95:d1:54:2e:8c:ec:95:4f:53:
dd:46:bb:88:73:7d:aa:dc:25:cd:8f:c3:48:a8:d8:c5:d4:80:
5c:51:0b:b5:0f:a7:ce:a9:0f:53:1a:24:bc:87:85:8d:59:43:
62:8a:03:59:f4:7d:34:11:63:ce:0c:3c:78:1f:ea:4e:ce:4e:
ec:76:2b:71:63:41:0e:20:0d:c6:94:d8:be:18:d8:9b:f2:65:
55:93:75:28:3b:d9:91:26:49:9c:6a:7b:d4:84:8b:ba:47:67:
8c:0f:a9:43:a8:8a:6a:7f:5f:85:53:a2:03:b7:01:25:b5:88:
14:01:49:54
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBoltLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTFkNjgxNDM3NTI3MWQxYTNjYmQxMjE1NWRiMTFkMmJkNDFhOGQzMB4XDTIyMDYy
MzE0MzczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ0MjdhYWYwZjI3
NGE2ODU5ZmEyNTAzNjgzNjc2OTFhNjU3NTQ4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbH1FLpl97YLOfBWFe+UjnLMguxPqq+p3SJMG7nbLuqo5fN
lqfFI9ixXPQz2pE+Pf/JISwZndM+/kMPjwwUSY5NFXFr8qzhbKyYlBNAOYeY3fG4
VA5x4ev67HQKQcsTVFzHq3Ay+TtLpOOt58woNH59EMLUDuKvlu+eZRoVGCnEwrmc
IyknrbUOE6iKlzOiZEOS1bcH5eQ+0GQM9WLcTy12Y7vnQFiihTkr6nrZKXp+fpHP
ZLUwPFtj688JoLv/lj1hwvRvXNFZRUcMBnZMP7+SL3rd0M1R3DLYYRbcEUnkJ1qC
1p5cRTw8uAZ8r3K/P+bcnu5qQmvArMB8phXlwMkCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTdQnqvDydKaFn6JQNoNnaRpldUhzAfBgNVHSMEGDAWgBQRHWgUN1Jx0aPL
0SFV2xHSvUGo0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VSMW9GRGRTY2RHank5RWhWZHNSMHIxQnFOTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvYThiMTRiLWZiMjUtNDdmOC04YjBkLTI3MWQyNWUyMDU3NC8x
LzNVSjZydzhuU21oWi1pVURhRFoya2FaWFZJYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
YThiMTRiLWZiMjUtNDdmOC04YjBkLTI3MWQyNWUyMDU3NC8xL0VSMW9GRGRTY2RH
ank5RWhWZHNSMHIxQnFOTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAJuFIQMEAZuFPAMEArnhZAMEArnk
bDAUBAIAAjAOAwUDKgYeAAMFAyoNtAAwDQYJKoZIhvcNAQELBQADggEBAJzaGhRP
JyoIwf3x1hUweE+g/QsFgqXWpojyBvAF7vs14OrE+ucljiYGEW6oQH7ZVB3FzXtt
f2oV7bxIxeOgkD6GXZrD2iBEtrzGo1owQqOAYzc+Yrb79KdB4XQPluvg1T/2KJfw
/3S+pynzDcaIa/2H9lQFjqb6srmhJEpgZTggtEFPQ0whD5XRVC6M7JVPU91Gu4hz
farcJc2Pw0io2MXUgFxRC7UPp86pD1MaJLyHhY1ZQ2KKA1n0fTQRY84MPHgf6k7O
Tux2K3FjQQ4gDcaU2L4Y2JvyZVWTdSg72ZEmSZxqe9SEi7pHZ4wPqUOoimp/X4VT
ogO3ASW1iBQBSVQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:55 2025 by rpki-client