Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/Dhot65yrTN_MQqwbUTIdT-bFmts.roa
File: Dhot65yrTN_MQqwbUTIdT-bFmts.roa (raw, json)
Hash identifier: iDE1pwMddK3fDz5KZjKk8q4CrEvUEXzrNYs2tYIVeHI=
Subject key identifier: 0E:1A:2D:EB:9C:AB:4C:DF:CC:42:AC:1B:51:32:1D:4F:E6:C5:9A:DB
Certificate issuer: /CN=d25b90b8981b591d75a7e935e1304a74075602fd
Certificate serial: 01893ECE8B360FBC77C20A7F1C0279CEBC7F
Authority key identifier: D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/Dhot65yrTN_MQqwbUTIdT-bFmts.roa
Signing time: Mon 10 Jul 2023 07:57:50 +0000
ROA not before: Mon 10 Jul 2023 07:57:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205798
IP address blocks: 193.141.109.0/24 maxlen: 24
193.141.121.0/24 maxlen: 24
193.142.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:ce:8b:36:0f:bc:77:c2:0a:7f:1c:02:79:ce:bc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25b90b8981b591d75a7e935e1304a74075602fd
Validity
Not Before: Jul 10 07:57:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e1a2deb9cab4cdfcc42ac1b51321d4fe6c59adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b9:9c:23:78:09:34:d7:7a:e2:2c:9b:16:95:
ca:03:69:59:3e:b4:84:3d:48:cf:83:c1:c9:41:34:
a9:c1:4c:5f:8d:5c:ee:0f:65:9a:60:46:52:94:11:
43:1e:04:16:14:bb:40:55:84:32:2e:42:b0:b5:c4:
1a:e3:e3:2c:02:97:7c:82:f6:d6:36:a8:65:25:b6:
99:60:f6:29:58:8f:3a:5d:32:17:4d:1a:4b:4d:c0:
c6:92:b8:ff:3b:4d:f6:8e:05:95:9d:9a:fa:27:b8:
92:b2:4d:ac:8c:a0:09:46:72:77:56:ad:84:6c:b7:
97:25:e2:8e:54:04:18:14:53:21:7c:17:b2:e2:f6:
ee:bd:56:aa:6c:51:42:5b:45:8f:0e:f1:7b:71:d6:
7a:da:d7:ba:63:af:45:e9:7a:0f:a6:50:b8:32:d3:
f4:94:0f:1a:36:63:76:5c:b0:4a:4e:5b:17:aa:bb:
d0:1d:f1:6d:ba:06:67:bb:8e:44:64:f0:ef:05:fa:
67:2c:99:ca:22:db:9d:9e:5b:39:c5:74:91:1f:da:
b6:2a:aa:df:7a:5c:ba:f5:85:34:53:f5:8a:22:2f:
6f:a2:b6:f7:43:83:aa:d9:4d:d2:ae:2f:c7:3a:6c:
22:5f:3b:79:c2:89:b0:9f:d7:04:48:0c:e4:4c:d3:
05:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1A:2D:EB:9C:AB:4C:DF:CC:42:AC:1B:51:32:1D:4F:E6:C5:9A:DB
X509v3 Authority Key Identifier:
keyid:D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/Dhot65yrTN_MQqwbUTIdT-bFmts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.109.0/24
193.141.121.0/24
193.142.3.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7e:89:a5:be:e2:81:05:c0:17:02:e7:03:e2:e8:b2:78:40:
ba:6f:eb:4b:e2:4d:f3:1b:b1:41:4e:86:78:85:07:ee:e5:c2:
37:74:73:07:51:46:d3:2b:c9:1f:6b:bc:af:b4:2a:82:65:bc:
02:a3:ee:4b:ad:66:2a:df:ea:64:9d:57:de:70:18:2e:da:7c:
07:13:c0:5f:ee:4b:2d:5c:c8:3e:5e:ec:d4:90:10:db:fe:25:
af:76:52:21:e1:13:f7:7f:f0:75:e8:5c:5d:da:ef:9c:86:ce:
3f:8f:11:a8:fd:18:d6:4e:c5:89:59:a7:14:95:73:dd:36:81:
22:98:17:ba:de:43:1d:47:fd:9f:8e:b7:95:2c:b1:0d:a9:b6:
30:80:d7:5b:93:b3:84:2a:4c:79:c2:d3:3a:b4:19:42:0d:ef:
0c:f2:b2:12:88:fd:1a:2c:fb:f8:95:6a:87:8a:4a:d8:0b:33:
a9:8e:43:aa:08:9d:b3:a8:a5:3a:f4:03:8d:f3:ac:8e:ec:ca:
7e:78:e8:3f:0f:b3:7f:1c:ee:df:7a:40:76:15:e8:4d:1a:ad:
03:95:59:50:92:32:9c:47:ff:53:67:06:72:8f:cc:74:03:c6:
ec:c2:a6:99:0a:69:fe:3a:10:8f:a4:9c:2a:95:2c:0b:01:57:
da:63:2c:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYk+zos2D7x3wgp/HAJ5zrx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWI5MGI4OTgxYjU5MWQ3NWE3ZTkzNWUxMzA0YTc0MDc1
NjAyZmQwHhcNMjMwNzEwMDc1NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFhMmRlYjljYWI0Y2RmY2M0MmFjMWI1MTMyMWQ0ZmU2YzU5YWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bmcI3gJNNd64iybFpXKA2lZPrSE
PUjPg8HJQTSpwUxfjVzuD2WaYEZSlBFDHgQWFLtAVYQyLkKwtcQa4+MsApd8gvbW
NqhlJbaZYPYpWI86XTIXTRpLTcDGkrj/O032jgWVnZr6J7iSsk2sjKAJRnJ3Vq2E
bLeXJeKOVAQYFFMhfBey4vbuvVaqbFFCW0WPDvF7cdZ62te6Y69F6XoPplC4MtP0
lA8aNmN2XLBKTlsXqrvQHfFtugZnu45EZPDvBfpnLJnKItudnls5xXSRH9q2Kqrf
ely69YU0U/WKIi9vorb3Q4Oq2U3Sri/HOmwiXzt5womwn9cESAzkTNMFowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA4aLeucq0zfzEKsG1EyHU/mxZrbMB8GA1UdIwQY
MBaAFNJbkLiYG1kddafpNeEwSnQHVgL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODct
YTJhYmRhZGY1ZjkwLzEvRGhvdDY1eXJUTl9NUXF3YlVUSWRULWJGbXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODctYTJhYmRhZGY1Zjkw
LzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwY1tAwQA
wY15AwQAwY4DMA0GCSqGSIb3DQEBCwUAA4IBAQBNfomlvuKBBcAXAucD4uiyeEC6
b+tL4k3zG7FBToZ4hQfu5cI3dHMHUUbTK8kfa7yvtCqCZbwCo+5LrWYq3+pknVfe
cBgu2nwHE8Bf7kstXMg+XuzUkBDb/iWvdlIh4RP3f/B16Fxd2u+chs4/jxGo/RjW
TsWJWacUlXPdNoEimBe63kMdR/2fjreVLLENqbYwgNdbk7OEKkx5wtM6tBlCDe8M
8rISiP0aLPv4lWqHikrYCzOpjkOqCJ2zqKU69AON86yO7Mp+eOg/D7N/HO7fekB2
FehNGq0DlVlQkjKcR/9TZwZyj8x0A8bswqaZCmn+OhCPpJwqlSwLAVfaYyzs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:20 2025 by rpki-client