Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/POftKxOuloEuUg7YwYC2A62wVsE.roa
File: POftKxOuloEuUg7YwYC2A62wVsE.roa (raw, json)
Hash identifier: fIzI/rWpxUiQ8d0O/7ZueaB70Uior79qt1GcdFpjLPQ=
Subject key identifier: 3C:E7:ED:2B:13:AE:96:81:2E:52:0E:D8:C1:80:B6:03:AD:B0:56:C1
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871089EC0DBCA1D93F66903D19012466F7
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/POftKxOuloEuUg7YwYC2A62wVsE.roa
Signing time: Thu 23 Mar 2023 22:14:46 +0000
ROA not before: Thu 23 Mar 2023 22:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398464
IP address blocks: 194.180.232.0/23 maxlen: 24
194.180.236.0/23 maxlen: 24
45.136.24.0/22 maxlen: 24
45.147.8.0/22 maxlen: 24
45.147.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:89:ec:0d:bc:a1:d9:3f:66:90:3d:19:01:24:66:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ce7ed2b13ae96812e520ed8c180b603adb056c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:14:a8:9e:3c:d8:f9:64:66:e0:0c:e1:53:
2a:4f:17:c2:69:6d:83:f6:40:4b:d7:c3:da:91:8d:
87:a4:63:1e:32:06:d7:0e:5b:15:de:1a:6f:27:10:
3d:b1:b4:98:3a:36:0f:d9:12:d5:b1:6d:eb:71:f8:
52:4e:44:32:87:7d:9c:b3:73:11:88:d6:ee:52:26:
cc:bc:2b:15:53:15:ed:57:c4:71:d2:87:61:97:0f:
7f:33:8e:12:47:b6:08:2e:4f:40:87:f3:14:a5:87:
84:ba:4a:e1:ef:40:3a:72:6e:c5:75:da:48:eb:43:
23:ba:40:dc:4b:fd:1c:9d:d8:cf:5a:f7:15:ab:99:
e5:7b:36:0f:f0:b7:5a:b7:4e:dd:db:33:54:b3:f8:
a3:c9:51:bd:0c:98:18:50:ac:04:0e:28:bd:23:48:
46:4c:bc:07:db:0b:a8:7c:1f:0a:49:8e:f1:f9:02:
fc:93:e8:d6:55:93:84:a4:e7:49:90:37:42:4e:3d:
f3:cc:d4:a5:b9:3e:15:6a:05:cf:d8:e8:49:66:cf:
4f:62:3e:0e:68:cd:fb:32:a6:d9:d1:b0:a8:a2:21:
f9:a1:99:80:68:4a:61:e1:88:49:b1:54:bc:86:5b:
0b:fd:63:c3:6c:d2:23:0e:ba:84:73:99:b3:03:3f:
f5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E7:ED:2B:13:AE:96:81:2E:52:0E:D8:C1:80:B6:03:AD:B0:56:C1
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/POftKxOuloEuUg7YwYC2A62wVsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.24.0/22
45.147.8.0/22
45.147.232.0/22
194.180.232.0/23
194.180.236.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:24:fc:64:db:eb:38:3d:86:9b:8c:9f:4d:6c:85:26:1a:ac:
d2:f1:2f:d4:22:d1:8c:7f:fc:24:68:54:a7:75:70:13:1d:d7:
aa:61:23:1e:2e:ce:e6:85:55:84:eb:ce:e7:b6:d3:a8:bc:5e:
e2:b9:32:c0:de:4b:8e:a6:da:bb:83:0c:28:46:2f:d2:54:df:
e8:df:9b:f4:fb:44:c6:92:73:05:95:d5:a9:fc:76:09:c5:97:
25:d3:20:bf:54:69:dc:8c:07:1c:54:03:ff:4d:f6:9b:fd:fe:
2a:69:fc:a4:db:e1:c2:0c:79:7a:f8:37:8b:f4:fe:e9:b5:cd:
6c:82:9a:fa:01:4d:a4:1d:5d:27:40:91:03:28:d4:4d:82:d3:
28:08:52:b8:42:7d:25:61:53:03:c2:81:33:bd:7f:82:34:eb:
8f:aa:71:91:46:b2:00:ab:25:89:60:cc:47:69:de:41:c2:b3:
a2:4c:7b:69:d5:a1:c4:13:bb:85:a2:e3:46:2b:e5:57:88:33:
a1:5a:9e:4f:c1:53:bf:94:1c:aa:a8:7c:e9:36:12:01:52:31:
46:ae:3d:62:8f:17:a7:10:c9:6a:22:39:2a:a8:a6:47:d0:c6:
7f:d1:77:98:1d:ef:7c:7d:cd:64:1a:29:33:53:8e:a4:ae:80:
82:d9:30:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcQiewNvKHZP2aQPRkBJGb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U3ZWQyYjEzYWU5NjgxMmU1MjBlZDhjMTgwYjYwM2FkYjA1NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFQUqJ482PlkZuAM4VMqTxfCaW2D
9kBL18PakY2HpGMeMgbXDlsV3hpvJxA9sbSYOjYP2RLVsW3rcfhSTkQyh32cs3MR
iNbuUibMvCsVUxXtV8Rx0odhlw9/M44SR7YILk9Ah/MUpYeEukrh70A6cm7FddpI
60MjukDcS/0cndjPWvcVq5nlezYP8Ldat07d2zNUs/ijyVG9DJgYUKwEDii9I0hG
TLwH2wuofB8KSY7x+QL8k+jWVZOEpOdJkDdCTj3zzNSluT4VagXP2OhJZs9PYj4O
aM37MqbZ0bCooiH5oZmAaEph4YhJsVS8hlsL/WPDbNIjDrqEc5mzAz/17QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDzn7SsTrpaBLlIO2MGAtgOtsFbBMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvUE9mdEt4T3Vsb0V1VWc3WXdZQzJBNjJ3VnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYgYAwQC
LZMIAwQCLZPoAwQBwrToAwQBwrTsMA0GCSqGSIb3DQEBCwUAA4IBAQA6JPxk2+s4
PYabjJ9NbIUmGqzS8S/UItGMf/wkaFSndXATHdeqYSMeLs7mhVWE687nttOovF7i
uTLA3kuOptq7gwwoRi/SVN/o35v0+0TGknMFldWp/HYJxZcl0yC/VGncjAccVAP/
Tfab/f4qafyk2+HCDHl6+DeL9P7ptc1sgpr6AU2kHV0nQJEDKNRNgtMoCFK4Qn0l
YVMDwoEzvX+CNOuPqnGRRrIAqyWJYMxHad5BwrOiTHtp1aHEE7uFouNGK+VXiDOh
Wp5PwVO/lByqqHzpNhIBUjFGrj1ijxenEMlqIjkqqKZH0MZ/0XeYHe98fc1kGikz
U46kroCC2TCQ
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:32:57 2025 by rpki-client