Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/1Ma9pShTy6IppKSnOMVJiDvSZfc.roa
File: 1Ma9pShTy6IppKSnOMVJiDvSZfc.roa (raw, json)
Hash identifier: Ewr4MKNp7mDanjnbzqPwBCM3BcZBPTq12/wAeXfir3U=
Subject key identifier: D4:C6:BD:A5:28:53:CB:A2:29:A4:A4:A7:38:C5:49:88:3B:D2:65:F7
Certificate issuer: /CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Certificate serial: 018C3F42F517083038706CD9975C7AC148DA
Authority key identifier: 3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/1Ma9pShTy6IppKSnOMVJiDvSZfc.roa
Signing time: Wed 06 Dec 2023 13:13:21 +0000
ROA not before: Wed 06 Dec 2023 13:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43925
IP address blocks: 89.45.0.0/22 maxlen: 22
89.45.0.0/23 maxlen: 23
89.45.2.0/23 maxlen: 23
185.32.0.0/22 maxlen: 22
37.34.96.0/19 maxlen: 24
37.34.96.0/22 maxlen: 24
37.34.105.0/24 maxlen: 24
37.34.100.0/22 maxlen: 24
37.34.106.0/24 maxlen: 24
37.34.108.0/22 maxlen: 24
37.34.107.0/24 maxlen: 24
37.34.112.0/20 maxlen: 24
79.170.224.0/21 maxlen: 24
37.34.120.0/21 maxlen: 24
178.76.76.0/22 maxlen: 22
178.76.80.0/20 maxlen: 22
94.139.128.0/19 maxlen: 32
178.76.96.0/19 maxlen: 21
93.113.112.0/21 maxlen: 22
2a00:f900::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:42:f5:17:08:30:38:70:6c:d9:97:5c:7a:c1:48:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Validity
Not Before: Dec 6 13:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4c6bda52853cba229a4a4a738c549883bd265f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0f:01:2e:8d:e6:09:35:6b:a8:da:8f:49:67:
9d:cb:76:16:11:f6:91:1c:cf:42:56:34:f4:a9:d8:
24:e1:e7:be:bf:d5:ea:ef:1a:da:c9:c3:d0:53:9e:
dc:11:b7:8a:8d:ff:07:da:76:ba:b5:44:16:41:7a:
f7:66:26:79:55:ef:9c:1e:a7:66:c0:42:93:3c:94:
ff:fc:fc:b8:45:50:48:d7:ed:9d:fa:18:24:ae:9f:
56:7a:01:47:49:67:a8:00:74:26:b4:93:27:4b:8a:
b6:95:85:7a:78:59:b3:38:cb:f1:1e:18:d3:67:2e:
7a:11:d6:00:4d:ff:d5:4d:1f:6f:96:f6:42:f5:73:
93:a7:70:48:23:88:f4:84:b5:d4:24:50:d6:dc:99:
5f:2b:c0:52:c6:ae:2c:42:28:b0:f8:f9:1b:5b:fa:
fb:ab:43:01:47:33:f3:92:c6:6b:79:72:bb:3c:9e:
da:bd:62:93:92:cc:0b:39:a9:ec:15:21:70:04:76:
20:14:ce:e6:d6:5d:e2:46:3a:ce:72:41:09:21:26:
82:c5:82:bc:6b:b3:9c:91:ef:2c:65:bb:5c:38:9b:
0b:be:3d:f9:fb:61:33:5b:04:f1:77:eb:7d:ed:46:
49:be:01:fe:1d:1e:93:b2:4b:e3:cb:7b:e6:76:38:
67:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C6:BD:A5:28:53:CB:A2:29:A4:A4:A7:38:C5:49:88:3B:D2:65:F7
X509v3 Authority Key Identifier:
keyid:3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/1Ma9pShTy6IppKSnOMVJiDvSZfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.96.0/19
79.170.224.0/21
89.45.0.0/22
93.113.112.0/21
94.139.128.0/19
178.76.76.0-178.76.127.255
185.32.0.0/22
IPv6:
2a00:f900::/32
Signature Algorithm: sha256WithRSAEncryption
75:55:bc:c1:98:ad:3b:7e:5b:02:24:15:5a:c3:d5:e2:d5:68:
39:67:9a:0f:a1:bc:ee:6e:71:ac:9a:f9:c9:cd:93:73:8a:d0:
c4:a7:80:41:78:b1:ee:49:a3:4c:4d:87:c9:55:b5:06:fe:18:
44:bc:ac:00:6c:1e:36:ea:5c:f3:3c:f6:09:1d:1c:18:c8:1f:
0a:ac:f1:dd:a5:5e:6f:2b:f9:05:3e:6c:b7:c9:ef:78:93:50:
56:ad:d6:ca:33:d5:cf:14:8d:65:df:22:76:83:9a:7e:54:e5:
f0:b8:9c:b4:3f:43:30:bd:43:c8:c3:c1:6c:c5:93:44:db:93:
49:32:c7:10:c2:7e:54:d3:d4:4b:13:76:9f:df:24:99:72:79:
cb:d9:de:52:41:6e:c7:fc:74:1c:8f:58:f2:a2:1e:51:e8:db:
56:8e:61:6b:48:f2:a5:ca:ff:47:32:8d:d2:f7:cd:60:4b:58:
03:b5:24:bd:b3:12:5a:97:b2:a2:ec:f7:f8:e3:2c:f4:35:1c:
08:f9:ea:22:5b:d7:fd:bd:40:bd:c0:5e:ca:07:a4:68:4c:e1:
da:f2:a8:76:b8:b7:ea:3b:4f:a2:f2:b3:b4:30:50:d3:41:61:
4d:62:8d:5d:59:0c:f2:50:00:28:6d:cd:ec:a6:bf:4d:1d:7a:
10:9f:d7:6c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYw/QvUXCDA4cGzZl1x6wUjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWIxMDQ0NjNlOTIwYjQ1NTQyYjZhZjFhMjdkNTk1MGU4
NmU5YTAwHhcNMjMxMjA2MTMxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGM2YmRhNTI4NTNjYmEyMjlhNGE0YTczOGM1NDk4ODNiZDI2NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA8BLo3mCTVrqNqPSWedy3YWEfaR
HM9CVjT0qdgk4ee+v9Xq7xraycPQU57cEbeKjf8H2na6tUQWQXr3ZiZ5Ve+cHqdm
wEKTPJT//Py4RVBI1+2d+hgkrp9WegFHSWeoAHQmtJMnS4q2lYV6eFmzOMvxHhjT
Zy56EdYATf/VTR9vlvZC9XOTp3BII4j0hLXUJFDW3JlfK8BSxq4sQiiw+PkbW/r7
q0MBRzPzksZreXK7PJ7avWKTkswLOansFSFwBHYgFM7m1l3iRjrOckEJISaCxYK8
a7Ocke8sZbtcOJsLvj35+2EzWwTxd+t97UZJvgH+HR6Tskvjy3vmdjhnewIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFNTGvaUoU8uiKaSkpzjFSYg70mX3MB8GA1UdIwQY
MBaAFD3rEERj6SC0VUK2rxon1ZUOhumgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMt
MTE5ZDhiZjcxN2JiLzEvMU1hOXBTaFR5NklwcEtTbk9NVkppRHZTWmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMtMTE5ZDhiZjcxN2Ji
LzEvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQFJSJgAwQD
T6rgAwQCWS0AAwQDXXFwAwQFXouAMAwDBAKyTEwDBAeyTAADBAK5IAAwDQQCAAIw
BwMFACoA+QAwDQYJKoZIhvcNAQELBQADggEBAHVVvMGYrTt+WwIkFVrD1eLVaDln
mg+hvO5ucaya+cnNk3OK0MSngEF4se5Jo0xNh8lVtQb+GES8rABsHjbqXPM89gkd
HBjIHwqs8d2lXm8r+QU+bLfJ73iTUFat1soz1c8UjWXfInaDmn5U5fC4nLQ/QzC9
Q8jDwWzFk0Tbk0kyxxDCflTT1EsTdp/fJJlyecvZ3lJBbsf8dByPWPKiHlHo21aO
YWtI8qXK/0cyjdL3zWBLWAO1JL2zElqXsqLs9/jjLPQ1HAj56iJb1/29QL3AXsoH
pGhM4dryqHa4t+o7T6Lys7QwUNNBYU1ijV1ZDPJQAChtzeymv00dehCf12w=
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:17:33 2025 by rpki-client