Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/aICkRQVGcyuCFxYpqtjbigyCPq0.roa
File: aICkRQVGcyuCFxYpqtjbigyCPq0.roa (raw, json)
Hash identifier: 3rUa3wK1eu2KLEY1/iCyJppSp8IiUe5x2wmPU+xWm00=
Subject key identifier: 68:80:A4:45:05:46:73:2B:82:17:16:29:AA:D8:DB:8A:0C:82:3E:AD
Certificate issuer: /CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Certificate serial: 0D1FEBBC
Authority key identifier: DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/aICkRQVGcyuCFxYpqtjbigyCPq0.roa
Signing time: Mon 13 Jun 2022 21:05:44 +0000
ROA not before: Mon 13 Jun 2022 21:05:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 906
IP address blocks: 193.41.248.0/24 maxlen: 24
193.41.250.0/24 maxlen: 24
193.110.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220195772 (0xd1febbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Validity
Not Before: Jun 13 21:05:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6880a4450546732b82171629aad8db8a0c823ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5b:71:e0:38:1a:17:12:44:02:ef:34:5a:f7:
40:02:df:46:6c:29:e2:5c:fb:2a:b6:62:d1:a4:fa:
29:74:4b:0a:1f:df:b5:d6:bc:24:4a:c6:9f:48:4d:
42:94:1f:27:17:19:8c:5b:f4:2d:b1:dd:a8:3d:90:
74:6a:41:5d:40:39:f9:47:e4:83:47:0e:63:0e:24:
b0:08:89:d2:33:0e:0e:78:26:f0:3d:ce:0a:1a:e8:
f0:59:ae:fb:10:2c:1f:55:59:14:f9:2d:11:9e:8d:
21:e4:5b:07:cb:ec:71:03:fd:78:44:2a:9c:ed:c2:
88:9a:8e:bc:d7:0f:cf:20:d5:f9:38:d5:a3:c9:b6:
97:cb:52:8f:aa:80:57:3b:b7:8e:5d:88:2e:4b:8a:
9c:92:72:f2:67:54:c0:cb:4e:6d:cd:d0:42:a7:4a:
55:4b:74:78:5d:c5:57:55:40:2d:ab:60:13:5e:2a:
c2:bf:10:15:44:d8:13:7b:76:aa:5b:be:b6:94:9b:
aa:c1:75:1b:ee:b2:4d:63:12:39:3d:00:d9:f7:6a:
97:13:df:af:ec:d1:69:d2:ca:91:af:02:ba:13:08:
32:ff:1f:24:48:8c:92:95:17:f8:85:e5:1b:99:22:
19:8b:ed:a0:80:9a:40:1d:3d:7c:87:25:df:23:78:
26:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:80:A4:45:05:46:73:2B:82:17:16:29:AA:D8:DB:8A:0C:82:3E:AD
X509v3 Authority Key Identifier:
keyid:DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/aICkRQVGcyuCFxYpqtjbigyCPq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/3L-wBIqNpVb9nT3xB3QC-EP11wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.248.0/24
193.41.250.0/24
193.110.200.0/22
Signature Algorithm: sha256WithRSAEncryption
01:16:48:d8:b5:69:3b:b7:87:53:15:bd:d4:73:4f:ae:e0:24:
48:9e:c8:ee:c0:a1:ad:bf:6f:47:1c:62:b0:c6:63:e4:13:be:
a8:3c:78:2a:b9:5a:95:53:97:e1:32:09:e1:17:b6:43:81:9b:
e3:fa:e6:bc:2a:e9:0c:3e:d1:00:4e:e8:3d:86:a6:5a:cb:f6:
12:b9:99:f1:c2:2b:a0:34:7c:a5:84:fe:65:94:78:eb:8d:80:
62:cc:b0:58:ec:4f:eb:c8:c0:cb:c1:1b:aa:ca:32:24:ee:9d:
4f:f6:ed:fd:f4:be:64:0c:47:6b:13:13:8a:76:88:78:e7:30:
ab:d6:7a:9c:9f:ce:2f:67:92:b3:13:a6:15:45:e5:af:f5:79:
ca:d2:d3:6e:c4:bb:e1:c0:30:28:d9:a1:90:71:41:05:7e:85:
52:0f:35:9b:a3:2a:99:aa:11:5d:b5:54:13:70:63:b3:2e:fa:
f1:ec:9b:dc:7a:76:fa:4b:3b:7a:e9:50:2e:14:2c:6a:50:4d:
45:19:84:b6:17:a4:fe:d4:82:c1:bb:6a:0b:4a:39:0b:ed:27:
64:1a:55:72:9a:a5:eb:9a:dd:58:71:13:93:e2:1f:4e:73:0e:
7f:ec:9f:07:1f:79:f0:e4:ca:59:d9:87:41:8c:74:b5:b0:d4:
08:ab:be:97
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDR/rvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2JmYjAwNDhhOGRhNTU2ZmQ5ZDNkZjEwNzc0MDJmODQzZjVkNzAzMB4XDTIyMDYx
MzIxMDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg4MGE0NDUwNTQ2
NzMyYjgyMTcxNjI5YWFkOGRiOGEwYzgyM2VhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpbceA4GhcSRALvNFr3QALfRmwp4lz7KrZi0aT6KXRLCh/f
tda8JErGn0hNQpQfJxcZjFv0LbHdqD2QdGpBXUA5+Ufkg0cOYw4ksAiJ0jMODngm
8D3OChro8Fmu+xAsH1VZFPktEZ6NIeRbB8vscQP9eEQqnO3CiJqOvNcPzyDV+TjV
o8m2l8tSj6qAVzu3jl2ILkuKnJJy8mdUwMtObc3QQqdKVUt0eF3FV1VALatgE14q
wr8QFUTYE3t2qlu+tpSbqsF1G+6yTWMSOT0A2fdqlxPfr+zRadLKka8CuhMIMv8f
JEiMkpUX+IXlG5kiGYvtoICaQB09fIcl3yN4Jm8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRogKRFBUZzK4IXFimq2NuKDII+rTAfBgNVHSMEGDAWgBTcv7AEio2lVv2d
PfEHdAL4Q/XXAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNMLXdCSXFOcFZiOW5UM3hCM1FDLUVQMTF3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZGNiNzBkLTc5NDctNDU2OS1iYzg0LWUwNjBiNGZjYmNjYi8x
L2FJQ2tSUVZHY3l1Q0Z4WXBxdGpiaWd5Q1BxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZGNiNzBkLTc5NDctNDU2OS1iYzg0LWUwNjBiNGZjYmNjYi8xLzNMLXdCSXFOcFZi
OW5UM3hCM1FDLUVQMTF3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMEp+AMEAMEp+gMEAsFuyDANBgkq
hkiG9w0BAQsFAAOCAQEAARZI2LVpO7eHUxW91HNPruAkSJ7I7sChrb9vRxxisMZj
5BO+qDx4KrlalVOX4TIJ4Re2Q4Gb4/rmvCrpDD7RAE7oPYamWsv2ErmZ8cIroDR8
pYT+ZZR4642AYsywWOxP68jAy8EbqsoyJO6dT/bt/fS+ZAxHaxMTinaIeOcwq9Z6
nJ/OL2eSsxOmFUXlr/V5ytLTbsS74cAwKNmhkHFBBX6FUg81m6MqmaoRXbVUE3Bj
sy768eyb3Hp2+ks7eulQLhQsalBNRRmEthek/tSCwbtqC0o5C+0nZBpVcpql65rd
WHETk+IfTnMOf+yfBx958OTKWdmHQYx0tbDUCKu+lw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:10:31 2025 by rpki-client