Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/DObwtIRoVxDhQpm8ZsUhfZt0UH8.roa
File: DObwtIRoVxDhQpm8ZsUhfZt0UH8.roa (raw, json)
Hash identifier: NoYYafhXo8qxL1dUBm5SZ55mbugpiB5VASFBKRQs/dk=
Subject key identifier: 0C:E6:F0:B4:84:68:57:10:E1:42:99:BC:66:C5:21:7D:9B:74:50:7F
Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Certificate serial: 1A993EC7
Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/DObwtIRoVxDhQpm8ZsUhfZt0UH8.roa
Signing time: Mon 09 May 2022 11:18:16 +0000
ROA not before: Mon 09 May 2022 11:18:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8339
IP address blocks: 202.170.80.0/21 maxlen: 24
95.143.224.0/20 maxlen: 24
185.100.96.0/22 maxlen: 24
2a00:1b38::/32 maxlen: 32
2a02:e200::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 446250695 (0x1a993ec7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Validity
Not Before: May 9 11:18:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ce6f0b484685710e14299bc66c5217d9b74507f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:30:bd:be:9c:0d:a4:5b:dc:25:93:d0:4e:
73:a0:05:f7:31:72:3a:bb:ac:a2:ec:19:0c:47:f8:
42:df:c9:b2:a8:db:b3:05:e2:e3:b0:1d:3e:e7:34:
da:10:22:80:11:e5:08:ac:55:39:87:a2:f8:f3:87:
3c:b9:a7:2f:5d:00:86:72:fc:13:4f:25:0c:39:94:
d2:d7:17:80:33:65:88:7d:b0:4b:a5:9e:a7:29:d1:
cf:48:d7:19:97:ff:33:ba:9f:3d:77:72:77:1e:9a:
bb:51:ea:fd:c9:55:bc:df:f5:22:0b:4d:8a:18:5c:
96:50:f5:10:87:df:3e:08:ee:50:00:4a:17:9a:63:
92:85:08:35:47:55:c9:c5:9a:33:50:df:5d:38:06:
27:3c:08:0e:c8:e8:2b:75:68:24:60:f4:b5:b4:96:
e0:f7:5c:ff:66:d2:cb:43:d3:a6:ba:f5:d8:73:42:
54:7b:f7:e0:68:ad:59:91:4b:01:50:57:e6:33:c5:
82:c2:14:98:76:62:5a:3f:a6:5f:54:de:4b:1e:06:
b6:70:c7:f1:0a:af:7d:8f:f4:fc:df:c6:1c:b3:3f:
71:32:4c:0f:96:46:46:f1:34:40:0f:b5:3e:da:c0:
7d:4f:6d:7a:ac:28:94:2b:77:94:79:6e:69:ab:04:
c1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E6:F0:B4:84:68:57:10:E1:42:99:BC:66:C5:21:7D:9B:74:50:7F
X509v3 Authority Key Identifier:
keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/DObwtIRoVxDhQpm8ZsUhfZt0UH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.224.0/20
185.100.96.0/22
202.170.80.0/21
IPv6:
2a00:1b38::/32
2a02:e200::/30
Signature Algorithm: sha256WithRSAEncryption
46:09:08:83:8b:4f:2f:21:e5:eb:37:18:98:a1:24:73:0c:e7:
58:63:fd:c0:4c:bd:e3:ed:82:f8:18:af:a7:67:ce:61:08:f0:
b4:97:3c:33:6a:e8:2d:9e:ef:64:c9:d0:d7:2e:be:b1:37:25:
9a:5d:26:1e:96:b0:dc:55:f5:9c:e3:6d:38:72:2b:74:c6:6b:
a1:cc:11:d4:58:7c:5d:25:68:f6:f0:05:6e:51:e7:59:69:23:
2a:2e:c7:18:b7:67:02:75:1b:8e:63:ad:cc:53:90:35:8a:fb:
f0:99:7b:dd:94:0e:4a:18:95:35:8e:91:15:25:d0:f2:c3:16:
a1:8c:33:9e:d2:0f:3e:f3:ea:11:01:a4:2a:16:4b:72:30:5c:
30:98:ae:f7:2f:ef:0b:22:44:1a:5e:16:ea:94:e3:39:e8:54:
cd:2d:66:1a:1b:3d:1c:20:75:db:9a:b1:5e:56:96:39:fd:c7:
54:e8:27:1e:6b:cb:34:5e:a5:35:7e:b8:f3:a9:6c:40:51:76:
c6:93:ab:67:d3:7f:e2:5f:11:8d:88:3f:c5:23:7e:96:40:26:
20:95:3a:9c:8a:f6:23:56:dc:e7:9e:14:3f:96:85:e5:fc:2e:
ce:ae:28:16:dd:fc:db:8f:da:f0:55:c6:fd:6d:36:13:07:e9:
9e:d0:8f:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEGpk+xzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmYxYzg4NDJlN2NmODkxYjIzNGQzYTFlMGUyZTBlZjczZTg0MmFhMB4XDTIyMDUw
OTExMTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNlNmYwYjQ4NDY4
NTcxMGUxNDI5OWJjNjZjNTIxN2Q5Yjc0NTA3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJvML2+nA2kW9wlk9BOc6AF9zFyOrusouwZDEf4Qt/Jsqjb
swXi47AdPuc02hAigBHlCKxVOYei+POHPLmnL10AhnL8E08lDDmU0tcXgDNliH2w
S6WepynRz0jXGZf/M7qfPXdydx6au1Hq/clVvN/1IgtNihhcllD1EIffPgjuUABK
F5pjkoUINUdVycWaM1DfXTgGJzwIDsjoK3VoJGD0tbSW4Pdc/2bSy0PTprr12HNC
VHv34GitWZFLAVBX5jPFgsIUmHZiWj+mX1TeSx4GtnDH8QqvfY/0/N/GHLM/cTJM
D5ZGRvE0QA+1PtrAfU9teqwolCt3lHluaasEwfUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQM5vC0hGhXEOFCmbxmxSF9m3RQfzAfBgNVHSMEGDAWgBTS8ciELnz4kbI0
06Hg4uDvc+hCqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2SEloQzU4LUpHeU5OT2g0T0xnNzNQb1Fxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYzk5YWU3LWI2NzEtNDBiOS1iYjFlLWExOTQ0NGY3YTMzNy8x
L0RPYnd0SVJvVnhEaFFwbThac1VoZlp0MFVIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
Yzk5YWU3LWI2NzEtNDBiOS1iYjFlLWExOTQ0NGY3YTMzNy8xLzB2SEloQzU4LUpH
eU5OT2g0T0xnNzNQb1Fxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEBF+P4AMEArlkYAMEA8qqUDAUBAIA
AjAOAwUAKgAbOAMFAioC4gAwDQYJKoZIhvcNAQELBQADggEBAEYJCIOLTy8h5es3
GJihJHMM51hj/cBMvePtgvgYr6dnzmEI8LSXPDNq6C2e72TJ0NcuvrE3JZpdJh6W
sNxV9ZzjbThyK3TGa6HMEdRYfF0laPbwBW5R51lpIyouxxi3ZwJ1G45jrcxTkDWK
+/CZe92UDkoYlTWOkRUl0PLDFqGMM57SDz7z6hEBpCoWS3IwXDCYrvcv7wsiRBpe
FuqU4znoVM0tZhobPRwgdduasV5Wljn9x1ToJx5ryzRepTV+uPOpbEBRdsaTq2fT
f+JfEY2IP8UjfpZAJiCVOpyK9iNW3OeeFD+WheX8Ls6uKBbd/NuP2vBVxv1tNhMH
6Z7Qj44=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:58 2025 by rpki-client