Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/3mACwOjFDRcruHheGo0XeipTmjU.roa
File: 3mACwOjFDRcruHheGo0XeipTmjU.roa (raw, json)
Hash identifier: e6kiHkqIRwST1Afy5aUrX6GpuMkBcKOEYRzPKQcN/yY=
Subject key identifier: DE:60:02:C0:E8:C5:0D:17:2B:B8:78:5E:1A:8D:17:7A:2A:53:9A:35
Certificate issuer: /CN=de51c3c5ddc4fb61381c3bea24c1ba4f74998eab
Certificate serial: 018B196C16C1E537239D1A8F25DB87BF00FA
Authority key identifier: DE:51:C3:C5:DD:C4:FB:61:38:1C:3B:EA:24:C1:BA:4F:74:99:8E:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3lHDxd3E-2E4HDvqJMG6T3SZjqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/3mACwOjFDRcruHheGo0XeipTmjU.roa
Signing time: Tue 10 Oct 2023 11:49:55 +0000
ROA not before: Tue 10 Oct 2023 11:49:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200773
IP address blocks: 185.242.97.0/24 maxlen: 24
185.242.96.0/24 maxlen: 24
185.242.98.0/24 maxlen: 24
185.242.99.0/24 maxlen: 24
188.247.150.0/24 maxlen: 24
188.247.152.0/24 maxlen: 24
188.247.152.0/21 maxlen: 21
188.247.151.0/24 maxlen: 24
188.247.147.0/24 maxlen: 24
188.247.146.0/24 maxlen: 24
188.247.149.0/24 maxlen: 24
188.247.148.0/24 maxlen: 24
188.247.157.0/24 maxlen: 24
188.247.159.0/24 maxlen: 24
188.247.158.0/24 maxlen: 24
188.247.154.0/24 maxlen: 24
188.247.153.0/24 maxlen: 24
188.247.156.0/24 maxlen: 24
188.247.155.0/24 maxlen: 24
185.71.201.0/24 maxlen: 24
185.71.200.0/24 maxlen: 24
185.71.200.0/22 maxlen: 24
185.71.203.0/24 maxlen: 24
185.71.202.0/24 maxlen: 24
194.38.44.0/22 maxlen: 22
194.38.44.0/24 maxlen: 24
194.38.45.0/24 maxlen: 24
194.38.47.0/24 maxlen: 24
194.38.46.0/24 maxlen: 24
188.247.136.0/21 maxlen: 24
89.38.177.0/24 maxlen: 24
89.38.176.0/24 maxlen: 24
89.38.176.0/21 maxlen: 24
188.247.136.0/24 maxlen: 24
188.247.138.0/24 maxlen: 24
89.38.179.0/24 maxlen: 24
188.247.137.0/24 maxlen: 24
89.38.178.0/24 maxlen: 24
188.247.139.0/24 maxlen: 24
188.247.145.0/24 maxlen: 24
89.38.183.0/24 maxlen: 24
188.247.143.0/24 maxlen: 24
188.247.144.0/24 maxlen: 24
188.247.144.0/20 maxlen: 24
188.247.140.0/24 maxlen: 24
188.247.141.0/24 maxlen: 24
188.247.142.0/24 maxlen: 24
89.38.180.0/22 maxlen: 22
89.38.180.0/24 maxlen: 24
89.38.181.0/24 maxlen: 24
89.38.182.0/24 maxlen: 24
2a03:3ba0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:6c:16:c1:e5:37:23:9d:1a:8f:25:db:87:bf:00:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de51c3c5ddc4fb61381c3bea24c1ba4f74998eab
Validity
Not Before: Oct 10 11:49:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de6002c0e8c50d172bb8785e1a8d177a2a539a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:b1:fc:17:32:20:44:6f:0a:f6:bf:ed:cd:
66:8d:16:a1:79:a8:cd:38:cd:77:b2:40:e0:97:0b:
db:50:d3:55:82:44:75:9d:1d:f2:92:20:61:97:99:
4b:30:c5:a7:34:da:1c:82:de:c0:2d:a5:f2:73:29:
1d:83:57:4d:43:23:a1:5d:8a:00:0f:be:d8:71:0c:
4e:9c:e5:41:d6:79:57:ed:92:8b:d5:ea:22:a8:0e:
bf:8f:a1:3d:e6:50:dc:d6:70:45:40:02:c6:93:13:
94:98:f2:23:b8:db:ad:a6:c8:2b:85:b5:8f:f0:f6:
2c:10:36:23:10:e9:23:2f:b9:70:99:94:6c:63:cb:
76:17:16:c7:29:10:08:c9:9b:44:4f:33:71:39:b5:
44:13:17:12:7d:3d:1f:d9:55:f8:f4:05:a2:04:f9:
40:50:2a:17:1e:16:8c:ad:37:ca:2d:6f:35:67:24:
43:9b:42:f3:ae:a5:bb:8e:67:5a:b8:90:db:13:e9:
e6:8a:3f:ac:02:dd:c5:d4:6c:01:b7:0e:14:7b:5c:
ba:7e:84:46:4c:14:a4:43:7f:b9:a4:e0:ae:b8:4e:
2a:e0:79:55:18:e4:6e:87:7e:9b:66:38:0f:20:90:
5a:f5:9c:73:13:5f:bd:46:66:40:2e:5f:a1:8d:24:
2b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:60:02:C0:E8:C5:0D:17:2B:B8:78:5E:1A:8D:17:7A:2A:53:9A:35
X509v3 Authority Key Identifier:
keyid:DE:51:C3:C5:DD:C4:FB:61:38:1C:3B:EA:24:C1:BA:4F:74:99:8E:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3lHDxd3E-2E4HDvqJMG6T3SZjqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/3mACwOjFDRcruHheGo0XeipTmjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/3lHDxd3E-2E4HDvqJMG6T3SZjqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.176.0/21
185.71.200.0/22
185.242.96.0/22
188.247.136.0-188.247.159.255
194.38.44.0/22
IPv6:
2a03:3ba0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:e3:be:a9:29:c3:18:f5:7b:27:fa:fb:38:cc:81:5d:ac:20:
0b:17:77:19:36:6a:eb:4c:57:8b:8e:56:ca:8c:8d:59:98:e1:
aa:f7:d1:9a:f0:b9:cc:52:e3:d5:4b:39:05:80:be:25:6c:22:
ae:94:e0:6e:1c:d4:d6:82:4f:34:da:17:76:17:1c:26:68:62:
fd:0a:bc:d2:cf:58:80:d8:91:62:93:11:c5:ec:ea:3b:64:e0:
f6:9e:62:6f:1b:04:50:6c:e6:32:b5:7e:08:7b:27:b2:59:29:
74:1c:18:5e:50:dd:f8:c4:3c:7b:39:22:59:6e:ba:85:0c:8c:
14:e6:68:88:64:0a:5d:8f:22:38:2e:96:4d:04:04:78:ce:a5:
2a:d9:f2:6d:eb:a7:e1:2e:0b:f6:e5:0e:a2:e2:19:12:88:f9:
84:31:5a:54:cb:26:97:10:63:0b:83:89:85:98:d9:dd:00:5a:
7e:25:c9:22:d7:23:e5:de:60:2d:60:17:7e:07:68:82:98:61:
b6:4d:3e:ca:72:61:db:0d:85:6b:aa:9e:52:4f:d2:e0:f1:63:
7a:a5:77:38:1b:a9:58:b8:42:b0:db:00:56:fd:aa:87:42:d9:
ec:78:ce:15:c5:63:26:26:b0:ef:cd:cb:fd:b7:3a:b2:bb:fd:
31:99:e6:fd
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYsZbBbB5TcjnRqPJduHvwD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNTFjM2M1ZGRjNGZiNjEzODFjM2JlYTI0YzFiYTRmNzQ5
OThlYWIwHhcNMjMxMDEwMTE0OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYwMDJjMGU4YzUwZDE3MmJiODc4NWUxYThkMTc3YTJhNTM5YTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUOx/BcyIERvCva/7c1mjRaheajN
OM13skDglwvbUNNVgkR1nR3ykiBhl5lLMMWnNNocgt7ALaXycykdg1dNQyOhXYoA
D77YcQxOnOVB1nlX7ZKL1eoiqA6/j6E95lDc1nBFQALGkxOUmPIjuNutpsgrhbWP
8PYsEDYjEOkjL7lwmZRsY8t2FxbHKRAIyZtETzNxObVEExcSfT0f2VX49AWiBPlA
UCoXHhaMrTfKLW81ZyRDm0LzrqW7jmdauJDbE+nmij+sAt3F1GwBtw4Ue1y6foRG
TBSkQ3+5pOCuuE4q4HlVGORuh36bZjgPIJBa9ZxzE1+9RmZALl+hjSQr6wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFN5gAsDoxQ0XK7h4XhqNF3oqU5o1MB8GA1UdIwQY
MBaAFN5Rw8XdxPthOBw76iTBuk90mY6rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xIRHhkM0UtMkU0SER2cUpNRzZUM1NaanFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82ZGU2NWUtMDRiZC00MzQ2LTg1YjEt
YTUzMjVkNDQxNzAyLzEvM21BQ3dPakZEUmNydUhoZUdvMFhlaXBUbWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82ZGU2NWUtMDRiZC00MzQ2LTg1YjEtYTUzMjVkNDQxNzAy
LzEvM2xIRHhkM0UtMkU0SER2cUpNRzZUM1NaanFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDWSawAwQC
uUfIAwQCufJgMAwDBAO894gDBAW894ADBALCJiwwDQQCAAIwBwMFACoDO6AwDQYJ
KoZIhvcNAQELBQADggEBAG7jvqkpwxj1eyf6+zjMgV2sIAsXdxk2autMV4uOVsqM
jVmY4ar30ZrwucxS49VLOQWAviVsIq6U4G4c1NaCTzTaF3YXHCZoYv0KvNLPWIDY
kWKTEcXs6jtk4PaeYm8bBFBs5jK1fgh7J7JZKXQcGF5Q3fjEPHs5IlluuoUMjBTm
aIhkCl2PIjgulk0EBHjOpSrZ8m3rp+EuC/blDqLiGRKI+YQxWlTLJpcQYwuDiYWY
2d0AWn4lySLXI+XeYC1gF34HaIKYYbZNPspyYdsNhWuqnlJP0uDxY3qldzgbqVi4
QrDbAFb9qodC2ex4zhXFYyYmsO/Ny/23OrK7/TGZ5v0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:57:55 2025 by rpki-client