Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/dbMKBIebpt5DGsH4VQXQkt-lWwU.roa
File: dbMKBIebpt5DGsH4VQXQkt-lWwU.roa (raw, json)
Hash identifier: x1Wj7irV2uV70eBoDBlkjuA44Nz6mIl5d4cdYY6SD7Q=
Subject key identifier: 75:B3:0A:04:87:9B:A6:DE:43:1A:C1:F8:55:05:D0:92:DF:A5:5B:05
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0188D21B2ACAC055A47BA640E86FA2396A4B
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/dbMKBIebpt5DGsH4VQXQkt-lWwU.roa
Signing time: Mon 19 Jun 2023 05:22:55 +0000
ROA not before: Mon 19 Jun 2023 05:22:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.180.128.0/22 maxlen: 24
194.233.151.0/24 maxlen: 24
194.233.148.0/24 maxlen: 24
194.233.149.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d2:1b:2a:ca:c0:55:a4:7b:a6:40:e8:6f:a2:39:6a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jun 19 05:22:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75b30a04879ba6de431ac1f85505d092dfa55b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:88:79:94:bc:0b:e2:df:a1:0c:d8:b7:37:20:
b1:9a:60:26:76:dc:2f:20:f0:4b:fe:47:4e:bf:6a:
a2:12:ed:a1:59:3f:94:1e:35:a5:5a:42:7e:c5:4e:
f1:cf:b7:22:f7:b7:f1:57:75:fe:fe:4c:f9:c5:15:
ae:3c:ba:10:50:5d:b0:a8:72:89:a4:3f:d2:c6:8f:
2b:3e:75:f0:29:e3:a0:bb:27:f1:98:a2:fa:00:d6:
3a:0f:1c:47:04:94:38:fb:c4:ac:76:e3:84:27:0c:
01:80:ff:3c:9e:1b:d7:b7:62:91:51:8c:48:8f:36:
ce:f6:e6:87:fe:38:5a:f4:60:a1:69:bf:79:e4:cf:
6e:7f:2d:f6:0c:4d:e8:24:76:03:a8:ee:58:53:44:
0d:34:cf:09:c4:6d:2f:a4:49:f5:98:b5:19:d8:a0:
02:0b:85:d3:ee:46:0e:a2:c3:e4:13:a1:20:8e:5b:
31:0a:7c:39:21:32:1e:5e:45:55:c8:7c:d3:ae:1e:
ec:39:c9:c5:44:60:4d:9c:a1:ef:37:10:49:49:db:
ce:a5:b2:f0:d1:0f:e0:d9:40:4a:40:80:2b:55:8f:
2c:52:55:a6:3e:60:bd:31:ae:9c:ef:5a:0a:5e:40:
06:55:6a:46:d3:2c:3b:47:08:02:b0:e7:de:57:8c:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B3:0A:04:87:9B:A6:DE:43:1A:C1:F8:55:05:D0:92:DF:A5:5B:05
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/dbMKBIebpt5DGsH4VQXQkt-lWwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.92.0/24
194.233.148.0/23
194.233.151.0/24
195.180.128.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:34:be:a0:5e:3d:3e:48:f6:ad:2d:e9:18:d3:d1:26:35:7b:
b9:57:d0:81:d8:9b:11:ad:2c:ac:ea:5a:de:fb:95:a7:8c:a7:
5b:6c:5b:26:61:a6:ca:c5:90:4d:80:d9:3e:52:e6:4c:1c:d9:
34:6e:ad:93:0c:85:7e:98:ba:94:d7:0b:e4:e5:22:03:c6:b3:
a2:8f:ca:28:32:0f:22:f1:2a:0f:19:03:e3:43:b6:7f:89:b5:
0e:b5:f2:85:3f:02:a2:64:b7:8d:18:9c:c4:2a:a2:cd:e4:7e:
e5:ec:7b:c3:5e:bb:21:85:58:b5:ee:e7:2a:51:5f:0e:7f:85:
b8:db:db:dc:0f:49:06:fb:39:32:65:c4:6c:95:8d:cb:ed:37:
c0:a1:73:12:db:f4:74:d9:8f:40:a5:ac:74:0d:89:69:56:35:
82:d9:4f:70:fd:d2:6e:10:2c:49:1f:61:89:51:81:9a:b0:00:
27:ce:c9:49:10:ca:b1:9a:53:af:d8:4f:97:82:bd:45:6a:8b:
76:f6:87:03:14:01:e1:07:83:94:aa:cf:65:df:0d:d4:f3:0c:
15:78:aa:28:d2:06:ee:e8:98:80:57:e2:54:2b:9d:33:59:8a:
ea:00:52:43:d5:fb:f3:4e:45:40:ad:55:29:cc:e9:d7:f8:a2:
8a:27:09:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjSGyrKwFWke6ZA6G+iOWpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwNjE5MDUyMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWIzMGEwNDg3OWJhNmRlNDMxYWMxZjg1NTA1ZDA5MmRmYTU1YjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4h5lLwL4t+hDNi3NyCxmmAmdtwv
IPBL/kdOv2qiEu2hWT+UHjWlWkJ+xU7xz7ci97fxV3X+/kz5xRWuPLoQUF2wqHKJ
pD/Sxo8rPnXwKeOguyfxmKL6ANY6DxxHBJQ4+8SsduOEJwwBgP88nhvXt2KRUYxI
jzbO9uaH/jha9GChab955M9ufy32DE3oJHYDqO5YU0QNNM8JxG0vpEn1mLUZ2KAC
C4XT7kYOosPkE6EgjlsxCnw5ITIeXkVVyHzTrh7sOcnFRGBNnKHvNxBJSdvOpbLw
0Q/g2UBKQIArVY8sUlWmPmC9Ma6c71oKXkAGVWpG0yw7RwgCsOfeV4yaqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHWzCgSHm6beQxrB+FUF0JLfpVsFMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvZGJNS0JJZWJwdDVER3NINFZRWFFrdC1sV3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwqNcAwQB
wumUAwQAwumXAwQCw7SAMA0GCSqGSIb3DQEBCwUAA4IBAQC3NL6gXj0+SPatLekY
09EmNXu5V9CB2JsRrSys6lre+5WnjKdbbFsmYabKxZBNgNk+UuZMHNk0bq2TDIV+
mLqU1wvk5SIDxrOij8ooMg8i8SoPGQPjQ7Z/ibUOtfKFPwKiZLeNGJzEKqLN5H7l
7HvDXrshhVi17ucqUV8Of4W429vcD0kG+zkyZcRslY3L7TfAoXMS2/R02Y9Apax0
DYlpVjWC2U9w/dJuECxJH2GJUYGasAAnzslJEMqxmlOv2E+Xgr1Faot29ocDFAHh
B4OUqs9l3w3U8wwVeKoo0gbu6JiAV+JUK50zWYrqAFJD1fvzTkVArVUpzOnX+KKK
JwlI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:37 2025 by rpki-client