Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/dDqzRbZ31TkYoUTwcgVNndbsgIE.roa
File: dDqzRbZ31TkYoUTwcgVNndbsgIE.roa (raw, json)
Hash identifier: voGl9J5AlKpVKVEC9DrBZ0YEKDabMPD7KKTt5UDSFDU=
Subject key identifier: 74:3A:B3:45:B6:77:D5:39:18:A1:44:F0:72:05:4D:9D:D6:EC:80:81
Certificate issuer: /CN=8dce4df68044985a177b3032f00fc6fe224ad8b3
Certificate serial: 0184CE980819CDC1E5B3091F14E54609A8A7
Authority key identifier: 8D:CE:4D:F6:80:44:98:5A:17:7B:30:32:F0:0F:C6:FE:22:4A:D8:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jc5N9oBEmFoXezAy8A_G_iJK2LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/dDqzRbZ31TkYoUTwcgVNndbsgIE.roa
Signing time: Thu 01 Dec 2022 16:49:40 +0000
ROA not before: Thu 01 Dec 2022 16:49:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212696
IP address blocks: 185.195.128.0/22 maxlen: 24
2a0a:5ac0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:98:08:19:cd:c1:e5:b3:09:1f:14:e5:46:09:a8:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dce4df68044985a177b3032f00fc6fe224ad8b3
Validity
Not Before: Dec 1 16:49:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=743ab345b677d53918a144f072054d9dd6ec8081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:a4:83:c6:9e:a5:5e:5d:6e:da:ec:cc:04:
96:72:9d:fa:f0:ee:ff:23:36:e0:89:d4:03:37:59:
22:ad:24:fd:8e:2f:53:c1:33:89:87:dc:80:bd:5e:
51:e7:00:5f:5d:80:78:00:f1:fe:f3:bd:b6:f6:e1:
35:bf:15:40:2b:43:be:e2:d4:79:46:59:05:6f:3b:
ab:a5:f9:ab:ad:bc:d0:61:d2:0e:8c:a8:5e:ca:20:
7a:bc:98:35:0f:f3:54:45:f7:ce:5e:45:e3:d3:21:
b7:e3:33:af:01:9e:ff:45:9c:50:1b:35:05:26:29:
e3:cb:2d:ad:69:c6:12:c5:4e:88:20:62:6d:af:c0:
39:ff:a4:cd:b8:8f:11:75:4f:f6:1a:2d:c5:c6:e5:
2e:a2:e6:56:11:d6:63:0b:6b:49:8b:ea:bc:31:af:
df:b3:7a:df:13:04:aa:cb:07:40:22:3d:7a:c9:1c:
71:3c:20:7b:c7:03:eb:9d:e1:13:a1:e2:1a:cf:78:
52:de:12:97:88:84:58:78:b4:20:1a:22:99:cf:23:
47:b6:3e:da:66:ea:bf:60:55:e3:88:aa:b2:a9:d1:
0b:eb:6f:6b:13:77:8b:c3:13:6f:1f:cb:d6:a2:a3:
a7:74:47:2b:3b:0a:5b:1d:9a:79:3c:49:1c:36:6b:
8a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3A:B3:45:B6:77:D5:39:18:A1:44:F0:72:05:4D:9D:D6:EC:80:81
X509v3 Authority Key Identifier:
keyid:8D:CE:4D:F6:80:44:98:5A:17:7B:30:32:F0:0F:C6:FE:22:4A:D8:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jc5N9oBEmFoXezAy8A_G_iJK2LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/dDqzRbZ31TkYoUTwcgVNndbsgIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/jc5N9oBEmFoXezAy8A_G_iJK2LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.128.0/22
IPv6:
2a0a:5ac0::/32
Signature Algorithm: sha256WithRSAEncryption
95:ae:3b:2d:f9:81:31:f3:02:8c:d9:9d:8f:56:e3:e7:f3:ba:
fa:35:06:7b:10:bb:56:1b:b6:c0:9e:59:88:1a:42:34:71:59:
d1:bc:93:12:a7:41:28:7c:45:5c:c7:1a:de:3e:00:d0:0e:c1:
70:62:8f:9f:74:83:5c:01:45:b1:06:42:10:af:95:aa:06:10:
06:4b:af:a0:e3:23:ec:5f:14:f2:ec:ab:d3:42:24:af:0e:33:
36:ba:09:14:e9:16:b0:8a:9a:2f:2c:8a:9c:a6:b5:b4:39:de:
d1:2e:a1:3d:b7:ce:ed:08:9c:36:4c:d5:df:54:ef:38:c5:f7:
3d:d9:93:15:9d:ce:5b:77:70:4e:63:67:e9:7e:23:b8:51:9a:
7d:ee:ec:72:af:8c:7f:18:62:d9:0a:89:9f:bb:a3:c7:72:af:
2d:f7:66:6e:28:e0:b3:81:68:40:57:34:b4:83:3d:1d:a7:f8:
67:c1:d9:bf:d8:81:23:1e:2c:46:d6:f7:e0:26:ae:a2:35:d4:
ff:36:b6:93:c7:f7:06:48:2f:75:3a:70:76:49:3e:7c:58:a3:
48:5f:a0:41:f3:09:69:3d:42:66:6c:4e:78:21:40:ca:4a:c8:
b8:06:92:2b:6a:43:dd:db:b6:ef:4b:78:b9:98:c1:6b:bd:c0:
b1:b6:5d:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTOmAgZzcHlswkfFOVGCainMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkY2U0ZGY2ODA0NDk4NWExNzdiMzAzMmYwMGZjNmZlMjI0
YWQ4YjMwHhcNMjIxMjAxMTY0OTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNhYjM0NWI2NzdkNTM5MThhMTQ0ZjA3MjA1NGQ5ZGQ2ZWM4MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrKkg8aepV5dbtrszASWcp368O7/
IzbgidQDN1kirST9ji9TwTOJh9yAvV5R5wBfXYB4APH+87229uE1vxVAK0O+4tR5
RlkFbzurpfmrrbzQYdIOjKheyiB6vJg1D/NURffOXkXj0yG34zOvAZ7/RZxQGzUF
Jinjyy2tacYSxU6IIGJtr8A5/6TNuI8RdU/2Gi3FxuUuouZWEdZjC2tJi+q8Ma/f
s3rfEwSqywdAIj16yRxxPCB7xwPrneEToeIaz3hS3hKXiIRYeLQgGiKZzyNHtj7a
Zuq/YFXjiKqyqdEL629rE3eLwxNvH8vWoqOndEcrOwpbHZp5PEkcNmuKrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHQ6s0W2d9U5GKFE8HIFTZ3W7ICBMB8GA1UdIwQY
MBaAFI3OTfaARJhaF3swMvAPxv4iStizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamM1TjlvQkVtRm9YZXpBeThBX0dfaUpLMkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81YmRhNTQtZGI3YS00NmQzLTljZjkt
MTZiMWQyZWU4OGE2LzEvZERxelJiWjMxVGtZb1VUd2NnVk5uZGJzZ0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81YmRhNTQtZGI3YS00NmQzLTljZjktMTZiMWQyZWU4OGE2
LzEvamM1TjlvQkVtRm9YZXpBeThBX0dfaUpLMkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucOAMA0E
AgACMAcDBQAqClrAMA0GCSqGSIb3DQEBCwUAA4IBAQCVrjst+YEx8wKM2Z2PVuPn
87r6NQZ7ELtWG7bAnlmIGkI0cVnRvJMSp0EofEVcxxrePgDQDsFwYo+fdINcAUWx
BkIQr5WqBhAGS6+g4yPsXxTy7KvTQiSvDjM2ugkU6RawipovLIqcprW0Od7RLqE9
t87tCJw2TNXfVO84xfc92ZMVnc5bd3BOY2fpfiO4UZp97uxyr4x/GGLZComfu6PH
cq8t92ZuKOCzgWhAVzS0gz0dp/hnwdm/2IEjHixG1vfgJq6iNdT/NraTx/cGSC91
OnB2ST58WKNIX6BB8wlpPUJmbE54IUDKSsi4BpIrakPd27bvS3i5mMFrvcCxtl0z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:30 2025 by rpki-client