Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/3bP8rGug6sZAo-FyRFT-ABKiqRE.roa
File: 3bP8rGug6sZAo-FyRFT-ABKiqRE.roa (raw, json)
Hash identifier: 6tFiio9NnTpIgdpksfleuc/CKalTwyd7pCQpI03WI+o=
Subject key identifier: DD:B3:FC:AC:6B:A0:EA:C6:40:A3:E1:72:44:54:FE:00:12:A2:A9:11
Certificate issuer: /CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Certificate serial: 018ACFF076C8843FCCDC3B51B906914317CB
Authority key identifier: 80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/3bP8rGug6sZAo-FyRFT-ABKiqRE.roa
Signing time: Tue 26 Sep 2023 05:22:37 +0000
ROA not before: Tue 26 Sep 2023 05:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61232
IP address blocks: 193.135.56.0/24 maxlen: 24
2001:678:e44::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cf:f0:76:c8:84:3f:cc:dc:3b:51:b9:06:91:43:17:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Validity
Not Before: Sep 26 05:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddb3fcac6ba0eac640a3e1724454fe0012a2a911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8e:34:a3:cf:cb:a5:a1:ea:15:7f:fd:66:b1:
21:41:6d:f6:23:46:58:20:d1:46:1c:e5:c0:11:5e:
86:23:2b:d9:47:e6:63:cc:55:79:2d:24:9f:2d:44:
02:33:02:c7:01:69:c8:39:ab:b9:b5:76:d7:2c:da:
60:b0:6a:ba:e2:ba:a1:3f:c6:e2:5f:6b:79:b8:0b:
00:9f:b5:8f:e9:b7:a1:e8:7e:c5:e5:89:69:34:3d:
bc:a4:37:7a:cd:48:f6:d3:9c:1c:4d:c6:21:23:ce:
5d:25:30:53:30:d8:d2:6e:31:41:41:4f:14:80:9b:
4b:f0:24:8b:da:ca:c0:33:b9:b9:8b:17:ec:2b:fe:
ae:52:2a:73:88:e1:c4:19:43:8c:c7:d2:c4:99:4a:
ca:8e:b1:67:f3:21:5a:b7:74:c7:a0:cb:90:13:8b:
6c:5d:b3:2b:23:73:4b:d7:3a:31:9f:3f:41:72:5b:
ee:e4:b9:1f:4c:57:97:cd:6f:b2:a1:a4:00:1b:d9:
21:f3:43:16:31:16:f8:47:4b:44:ca:a5:3d:31:fe:
07:72:be:d1:49:da:1a:1a:e0:88:86:02:68:b4:cc:
3a:d5:89:e1:fb:71:35:93:e8:d8:12:82:fb:ad:99:
1f:d4:57:64:48:35:41:af:b4:cf:4f:eb:a3:6e:44:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B3:FC:AC:6B:A0:EA:C6:40:A3:E1:72:44:54:FE:00:12:A2:A9:11
X509v3 Authority Key Identifier:
keyid:80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/3bP8rGug6sZAo-FyRFT-ABKiqRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.56.0/24
IPv6:
2001:678:e44::/48
Signature Algorithm: sha256WithRSAEncryption
41:59:64:4b:9a:19:0b:da:4a:48:10:aa:10:b8:cb:33:ed:7c:
24:76:e4:31:6b:b4:3b:5d:c8:e1:e0:28:99:9a:8a:30:64:83:
f5:92:b0:dc:da:9c:1c:fc:79:84:99:11:23:e1:15:1d:53:8e:
26:38:c7:05:bd:9d:bb:0e:25:f4:0e:10:04:52:4c:a7:8c:72:
26:21:68:51:25:95:36:b9:46:b8:bb:38:ad:26:c5:a3:b9:62:
96:de:b6:bd:c3:ee:29:c1:8d:ef:f2:50:99:22:3f:be:b6:67:
26:5e:40:1f:85:4b:dd:99:61:c1:5e:77:f8:cd:a1:dc:5f:7c:
92:64:f6:ac:57:b1:1d:a3:e0:4a:33:3d:d4:43:f9:17:8c:5b:
56:ec:d4:d2:1f:27:f7:63:26:68:ad:7b:c9:f4:ea:f7:c4:a1:
41:c1:0f:2a:22:d5:7d:d9:71:50:e0:a7:e7:22:8d:9c:39:bc:
f6:42:22:54:7d:e5:7b:ac:58:6b:2f:56:cd:5b:58:e6:3d:2d:
46:52:41:b3:49:de:5f:32:d4:87:ee:36:2d:70:67:7e:76:b4:
64:9a:c3:76:ea:a6:6e:7e:17:be:93:8b:d3:01:05:86:26:32:
cf:b9:3c:27:45:35:ce:bb:9a:40:a9:2f:cb:36:fa:01:51:06:
b0:81:01:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrP8HbIhD/M3DtRuQaRQxfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNTA1MDRmNGIxNzc2ZTgwYjhhZDlmOGIzNTZlNjEzYjU4
NWIzNWEwHhcNMjMwOTI2MDUyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGIzZmNhYzZiYTBlYWM2NDBhM2UxNzI0NDU0ZmUwMDEyYTJhOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI40o8/LpaHqFX/9ZrEhQW32I0ZY
INFGHOXAEV6GIyvZR+ZjzFV5LSSfLUQCMwLHAWnIOau5tXbXLNpgsGq64rqhP8bi
X2t5uAsAn7WP6beh6H7F5YlpND28pDd6zUj205wcTcYhI85dJTBTMNjSbjFBQU8U
gJtL8CSL2srAM7m5ixfsK/6uUipziOHEGUOMx9LEmUrKjrFn8yFat3THoMuQE4ts
XbMrI3NL1zoxnz9Bclvu5LkfTFeXzW+yoaQAG9kh80MWMRb4R0tEyqU9Mf4Hcr7R
SdoaGuCIhgJotMw61Ynh+3E1k+jYEoL7rZkf1FdkSDVBr7TPT+ujbkTRFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2z/KxroOrGQKPhckRU/gASoqkRMB8GA1UdIwQY
MBaAFIBQUE9LF3boC4rZ+LNW5hO1hbNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjIt
MDE0NGEzMjgyYTJlLzEvM2JQOHJHdWc2c1pBby1GeVJGVC1BQktpcVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjItMDE0NGEzMjgyYTJl
LzEvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwYc4MA8E
AgACMAkDBwAgAQZ4DkQwDQYJKoZIhvcNAQELBQADggEBAEFZZEuaGQvaSkgQqhC4
yzPtfCR25DFrtDtdyOHgKJmaijBkg/WSsNzanBz8eYSZESPhFR1TjiY4xwW9nbsO
JfQOEARSTKeMciYhaFEllTa5Rri7OK0mxaO5Ypbetr3D7inBje/yUJkiP762ZyZe
QB+FS92ZYcFed/jNodxffJJk9qxXsR2j4EozPdRD+ReMW1bs1NIfJ/djJmite8n0
6vfEoUHBDyoi1X3ZcVDgp+cijZw5vPZCIlR95XusWGsvVs1bWOY9LUZSQbNJ3l8y
1IfuNi1wZ352tGSaw3bqpm5+F76Ti9MBBYYmMs+5PCdFNc67mkCpL8s2+gFRBrCB
AUU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:51 2025 by rpki-client