Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/3mJkP4Sf7KozGtDcKNaB-P_v9Dk.roa
File: 3mJkP4Sf7KozGtDcKNaB-P_v9Dk.roa (raw, json)
Hash identifier: 6anBrpvRu67ztPKjdT+SaJwuoWTq8gJJHazt6kvRocE=
Subject key identifier: DE:62:64:3F:84:9F:EC:AA:33:1A:D0:DC:28:D6:81:F8:FF:EF:F4:39
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 018AF60B336B9CC2737BD5FC06060797E8E2
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/3mJkP4Sf7KozGtDcKNaB-P_v9Dk.roa
Signing time: Tue 03 Oct 2023 14:57:23 +0000
ROA not before: Tue 03 Oct 2023 14:57:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5378
IP address blocks: 84.70.32.0/19 maxlen: 19
84.66.192.0/18 maxlen: 18
84.68.128.0/18 maxlen: 18
90.252.0.0/14 maxlen: 14
84.70.64.0/18 maxlen: 18
84.68.64.0/19 maxlen: 19
90.240.0.0/14 maxlen: 14
84.70.0.0/19 maxlen: 19
84.68.96.0/19 maxlen: 19
84.65.0.0/18 maxlen: 18
84.71.192.0/18 maxlen: 18
84.68.224.0/19 maxlen: 19
84.65.128.0/18 maxlen: 18
90.244.0.0/14 maxlen: 14
84.67.64.0/18 maxlen: 18
84.69.0.0/18 maxlen: 18
84.65.64.0/18 maxlen: 18
84.67.0.0/18 maxlen: 18
84.68.192.0/19 maxlen: 19
90.254.0.0/16 maxlen: 16
84.70.128.0/18 maxlen: 18
84.69.64.0/18 maxlen: 18
84.64.0.0/13 maxlen: 13
84.67.160.0/19 maxlen: 19
84.64.64.0/18 maxlen: 18
84.71.0.0/18 maxlen: 18
81.76.0.0/14 maxlen: 14
84.66.0.0/18 maxlen: 18
84.67.192.0/19 maxlen: 19
90.255.255.0/24 maxlen: 24
84.64.0.0/18 maxlen: 18
84.70.192.0/18 maxlen: 18
84.65.192.0/18 maxlen: 18
84.67.128.0/19 maxlen: 19
84.68.0.0/18 maxlen: 18
84.69.192.0/18 maxlen: 18
84.64.192.0/18 maxlen: 18
84.71.128.0/18 maxlen: 18
84.66.128.0/18 maxlen: 18
84.69.128.0/18 maxlen: 18
84.64.128.0/18 maxlen: 18
84.67.224.0/19 maxlen: 19
90.248.0.0/14 maxlen: 14
84.71.64.0/18 maxlen: 18
84.66.64.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:0b:33:6b:9c:c2:73:7b:d5:fc:06:06:07:97:e8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Oct 3 14:57:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de62643f849fecaa331ad0dc28d681f8ffeff439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:63:64:4d:72:31:9d:5d:dd:62:c8:91:ce:d1:
7e:c6:b6:fd:04:e3:07:3f:c3:42:86:e7:86:2e:9c:
e3:0d:0e:b3:fa:57:ac:ba:99:f4:94:53:54:36:ea:
ec:ec:e9:ef:07:83:66:be:12:b1:74:96:88:27:6c:
fd:60:fd:93:90:5b:00:3e:a0:42:8f:c6:51:75:00:
70:52:73:58:8d:dd:88:91:a2:79:75:d4:f9:25:2f:
25:0d:e2:f3:4d:89:8a:b3:8b:4f:73:c1:d5:77:6e:
7a:77:fa:4a:69:60:b6:ee:e1:ff:0d:36:b6:69:48:
3b:53:b2:85:6f:ad:c8:d0:41:f7:43:3e:b2:ed:8e:
85:50:f1:c3:3d:bf:66:75:81:a3:ce:b5:8a:fe:f9:
d9:df:ca:67:c3:d9:d3:01:91:ed:95:f5:1c:31:d7:
86:1e:d9:29:03:ce:6e:58:43:e8:ea:7d:b5:b3:63:
0c:46:b6:85:97:be:b5:fd:08:55:8e:88:69:3c:32:
ab:f9:7b:4e:c5:d1:f5:e5:bd:0a:08:85:3d:f8:1a:
f9:7f:28:8b:24:f5:48:ef:bf:5d:0b:5d:d4:a0:24:
eb:35:4e:6f:54:43:a0:0c:72:0d:2a:28:e4:f5:a7:
02:04:06:0c:10:a2:f8:02:ba:b4:8f:13:12:d3:a8:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:62:64:3F:84:9F:EC:AA:33:1A:D0:DC:28:D6:81:F8:FF:EF:F4:39
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/3mJkP4Sf7KozGtDcKNaB-P_v9Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.76.0.0/14
84.64.0.0/13
90.240.0.0/12
Signature Algorithm: sha256WithRSAEncryption
93:f3:7f:dc:e4:83:e4:56:0c:65:02:34:49:c5:cc:bc:9f:54:
60:ed:2e:f8:98:d2:0c:1f:81:46:b6:9c:ac:e9:07:1d:8b:7a:
3f:bf:01:24:cf:dd:f5:3b:f8:38:fb:70:11:e7:34:52:0a:85:
91:cc:3c:d4:ab:24:50:3a:1b:22:ba:8a:02:16:d5:d5:eb:c5:
10:e2:37:31:c9:8c:18:44:c4:c7:c7:ee:bd:63:dd:ff:0e:fb:
1c:eb:38:fe:e4:76:ab:48:42:06:08:76:c1:49:bd:8a:fb:1b:
30:3b:16:86:2f:0e:b8:f3:5b:5b:f0:32:42:9b:8e:38:f5:cc:
9a:64:7b:27:f8:7d:c3:f0:47:8a:02:80:f4:64:5c:66:b4:7c:
f8:89:b3:63:aa:cf:77:74:c5:c7:73:8b:28:b7:11:17:47:fc:
a4:68:d2:f5:25:de:6e:70:d5:dc:4f:0b:92:ad:8e:d8:5a:de:
67:21:40:3c:cb:17:34:15:e5:f1:3c:ee:81:a9:62:a2:10:10:
0b:b8:50:69:f0:22:f3:76:ed:7b:b1:19:70:49:81:69:83:f5:
53:1e:b6:40:91:5a:35:ef:f2:27:2d:81:9b:f6:cb:08:fc:20:
82:a9:b1:5f:67:0f:09:dc:82:b9:47:d2:ee:2f:84:4f:29:76:
87:a5:2e:25
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYr2CzNrnMJze9X8BgYHl+jiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjMxMDAzMTQ1NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYyNjQzZjg0OWZlY2FhMzMxYWQwZGMyOGQ2ODFmOGZmZWZmNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWNkTXIxnV3dYsiRztF+xrb9BOMH
P8NChueGLpzjDQ6z+lesupn0lFNUNurs7OnvB4NmvhKxdJaIJ2z9YP2TkFsAPqBC
j8ZRdQBwUnNYjd2IkaJ5ddT5JS8lDeLzTYmKs4tPc8HVd256d/pKaWC27uH/DTa2
aUg7U7KFb63I0EH3Qz6y7Y6FUPHDPb9mdYGjzrWK/vnZ38pnw9nTAZHtlfUcMdeG
HtkpA85uWEPo6n21s2MMRraFl761/QhVjohpPDKr+XtOxdH15b0KCIU9+Br5fyiL
JPVI779dC13UoCTrNU5vVEOgDHINKijk9acCBAYMEKL4Arq0jxMS06jx+wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFN5iZD+En+yqMxrQ3CjWgfj/7/Q5MB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvM21Ka1A0U2Y3S296R3REY0tOYUItUF92OURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMCUUwDAwNU
QAMDBFrwMA0GCSqGSIb3DQEBCwUAA4IBAQCT83/c5IPkVgxlAjRJxcy8n1Rg7S74
mNIMH4FGtpys6Qcdi3o/vwEkz931O/g4+3AR5zRSCoWRzDzUqyRQOhsiuooCFtXV
68UQ4jcxyYwYRMTHx+69Y93/Dvsc6zj+5HarSEIGCHbBSb2K+xswOxaGLw6481tb
8DJCm4449cyaZHsn+H3D8EeKAoD0ZFxmtHz4ibNjqs93dMXHc4sotxEXR/ykaNL1
Jd5ucNXcTwuSrY7YWt5nIUA8yxc0FeXxPO6BqWKiEBALuFBp8CLzdu17sRlwSYFp
g/VTHrZAkVo17/InLYGb9ssI/CCCqbFfZw8J3IK5R9LuL4RPKXaHpS4l
-----END CERTIFICATE-----
Generated at Thu May 8 22:04:35 2025 by rpki-client