
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/3rS5oQgS87baN_GhhFRkNAGtR04.roa
File: 3rS5oQgS87baN_GhhFRkNAGtR04.roa (raw, json)
Hash identifier: aQIUS7ZLJpoDjIEqeBvTTW4si2Vel4utbSCRWrHlKEc=
Subject key identifier: DE:B4:B9:A1:08:12:F3:B6:DA:37:F1:A1:84:54:64:34:01:AD:47:4E
Certificate issuer: /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Certificate serial: 01856DD40FF207FF5036B351560CF41D3A84
Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/3rS5oQgS87baN_GhhFRkNAGtR04.roa
Signing time: Sun 01 Jan 2023 14:54:52 +0000
ROA not before: Sun 01 Jan 2023 14:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42649
IP address blocks: 185.195.94.0/24 maxlen: 24
185.195.95.0/24 maxlen: 24
185.195.92.0/24 maxlen: 24
185.195.93.0/24 maxlen: 24
2a0a:56c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0f:f2:07:ff:50:36:b3:51:56:0c:f4:1d:3a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Validity
Not Before: Jan 1 14:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=deb4b9a10812f3b6da37f1a18454643401ad474e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:89:a7:69:1d:1f:60:e2:3a:e2:31:5c:9e:
1e:2c:c0:45:36:8c:a2:63:a1:51:d5:45:4b:1a:0c:
05:53:3c:22:d4:84:f4:93:7e:20:a9:c2:e6:bd:c6:
0c:62:e1:13:bf:4e:40:45:e9:c7:80:32:6f:e6:52:
d8:b6:e3:bb:65:c7:73:7d:04:b5:fd:29:bb:c0:84:
e0:e4:af:82:e2:28:80:51:3c:60:ac:68:49:61:60:
31:98:02:70:97:b2:f9:b4:03:44:49:65:ce:30:68:
5b:a1:6a:80:70:42:11:f5:4a:16:9e:7f:14:bb:50:
57:bd:36:00:2f:65:b9:ed:a6:6f:49:68:c5:0a:05:
63:d9:de:01:42:d9:80:67:e2:ce:d6:cd:98:0f:fe:
c0:02:af:9a:bc:1c:fc:de:db:5d:c7:8d:3c:86:22:
b6:22:2f:f1:4d:8a:76:56:f7:11:e5:4a:ad:52:d9:
d4:46:8c:1b:ca:bc:f1:1c:f7:29:7a:6e:55:be:43:
87:c2:0b:03:df:66:ae:b9:2b:f5:4a:08:f8:4f:5a:
73:a3:f7:e8:53:92:f8:4f:3e:1e:0e:85:a4:00:73:
2b:f9:0b:29:2b:08:b6:8f:6e:60:7b:36:8e:d7:4d:
ce:92:6b:be:8a:71:43:b6:5f:70:91:59:00:e5:5b:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B4:B9:A1:08:12:F3:B6:DA:37:F1:A1:84:54:64:34:01:AD:47:4E
X509v3 Authority Key Identifier:
keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/3rS5oQgS87baN_GhhFRkNAGtR04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.92.0/22
IPv6:
2a0a:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:68:a2:b4:ab:33:ad:b1:61:94:15:bd:d4:34:c5:63:eb:1b:
16:bd:e0:5c:e1:4d:54:33:13:d1:d8:c2:c1:a0:f2:1b:83:54:
1a:b6:eb:c9:99:4d:4f:e4:b3:77:dd:a0:29:ed:29:4b:69:61:
bc:0b:d4:7a:ec:f1:76:27:72:ac:22:fe:f9:ba:da:c3:46:17:
e5:d6:cf:7b:e4:a3:eb:fd:80:3e:e3:7a:d1:92:7f:8c:db:ef:
cf:db:c8:1a:40:41:e8:c4:fd:76:c8:06:e5:0c:65:24:9e:a0:
62:8e:61:8e:95:f6:28:e7:43:d9:7a:60:56:d6:18:f7:e7:64:
37:17:4a:6a:32:c2:22:40:2f:48:7e:a1:59:53:cf:19:f6:67:
05:32:d9:91:95:4e:3b:6d:74:f7:62:36:da:e1:bf:6f:95:b3:
ff:20:8e:84:3b:21:69:eb:18:05:12:aa:f7:57:6a:81:d2:28:
c6:bf:3f:96:ef:a5:9f:d4:1d:5f:b2:19:dd:76:b7:a3:87:f0:
de:92:84:d3:99:92:5c:6d:94:0c:90:ee:58:3d:1d:63:bc:5b:
28:de:66:88:cf:e9:33:e7:dd:c6:a1:8c:95:e7:7a:70:40:c7:
a5:a2:e8:54:51:28:87:9a:a7:3a:b4:5a:e1:e2:ac:dc:8b:a9:
68:f7:73:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1A/yB/9QNrNRVgz0HTqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk
NzM2OWQwHhcNMjMwMTAxMTQ1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI0YjlhMTA4MTJmM2I2ZGEzN2YxYTE4NDU0NjQzNDAxYWQ0NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssiJp2kdH2DiOuIxXJ4eLMBFNoyi
Y6FR1UVLGgwFUzwi1IT0k34gqcLmvcYMYuETv05ARenHgDJv5lLYtuO7ZcdzfQS1
/Sm7wITg5K+C4iiAUTxgrGhJYWAxmAJwl7L5tANESWXOMGhboWqAcEIR9UoWnn8U
u1BXvTYAL2W57aZvSWjFCgVj2d4BQtmAZ+LO1s2YD/7AAq+avBz83ttdx408hiK2
Ii/xTYp2VvcR5UqtUtnURowbyrzxHPcpem5VvkOHwgsD32auuSv1Sgj4T1pzo/fo
U5L4Tz4eDoWkAHMr+QspKwi2j25gezaO103Okmu+inFDtl9wkVkA5VtjMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN60uaEIEvO22jfxoYRUZDQBrUdOMB8GA1UdIwQY
MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt
OWNlNDc2N2RhMmMxLzEvM3JTNW9RZ1M4N2JhTl9HaGhGUmtOQUd0UjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx
LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucNcMA0E
AgACMAcDBQMqClbAMA0GCSqGSIb3DQEBCwUAA4IBAQCwaKK0qzOtsWGUFb3UNMVj
6xsWveBc4U1UMxPR2MLBoPIbg1QatuvJmU1P5LN33aAp7SlLaWG8C9R67PF2J3Ks
Iv75utrDRhfl1s975KPr/YA+43rRkn+M2+/P28gaQEHoxP12yAblDGUknqBijmGO
lfYo50PZemBW1hj352Q3F0pqMsIiQC9IfqFZU88Z9mcFMtmRlU47bXT3Yjba4b9v
lbP/II6EOyFp6xgFEqr3V2qB0ijGvz+W76Wf1B1fshnddrejh/DekoTTmZJcbZQM
kO5YPR1jvFso3maIz+kz593GoYyV53pwQMelouhUUSiHmqc6tFrh4qzci6lo93O+
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:25:54 2025 by rpki-client