Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/dnmOtiwyYYNYGKWTvRNORGm9_HA.roa
File: dnmOtiwyYYNYGKWTvRNORGm9_HA.roa (raw, json)
Hash identifier: IL8j65BvKK57GliXhfqCfyw5mn+/AboTHPdQH6q+IWA=
Subject key identifier: 76:79:8E:B6:2C:32:61:83:58:18:A5:93:BD:13:4E:44:69:BD:FC:70
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018713ADC11DAB5D98602443B6C13DA49AE5
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/dnmOtiwyYYNYGKWTvRNORGm9_HA.roa
Signing time: Fri 24 Mar 2023 12:52:46 +0000
ROA not before: Fri 24 Mar 2023 12:52:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203252
IP address blocks: 185.224.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:ad:c1:1d:ab:5d:98:60:24:43:b6:c1:3d:a4:9a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Mar 24 12:52:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76798eb62c3261835818a593bd134e4469bdfc70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:57:37:7b:60:15:02:b2:1a:ba:17:97:9e:8a:
3b:92:22:55:e1:7c:e1:c5:c5:ad:b2:54:d6:1b:21:
a1:94:ef:06:f5:0a:64:89:61:69:0a:9c:8a:30:d2:
49:ef:12:a4:e0:15:b1:94:2f:d6:4b:0b:33:92:56:
16:dc:87:0e:36:5f:f6:14:3f:2a:8e:4f:04:ec:9a:
00:e1:5e:09:54:c1:ac:c9:fe:e8:28:e4:85:7e:b4:
b5:b5:a8:13:aa:5c:5b:cd:c4:ee:8f:23:b3:9f:d6:
4f:35:a6:d0:32:11:8f:ce:21:76:6c:fb:ff:5d:fe:
81:0e:0f:68:2d:77:08:c6:71:eb:90:f6:cb:bc:fe:
01:41:bb:a5:7c:81:86:b7:7e:b2:35:be:76:d0:f8:
62:57:ff:26:05:0f:09:50:e5:39:f6:b7:87:30:1e:
b9:7d:f1:ee:94:24:fb:74:31:7f:03:c4:53:f7:c9:
5f:3a:e7:95:ce:29:5a:20:83:82:bb:18:6e:4e:42:
e1:77:d6:a9:b3:5e:31:d8:e3:c7:ab:cd:23:11:69:
8c:00:85:12:1f:47:13:96:26:bc:c3:2a:5e:76:2b:
67:0b:79:52:12:6e:3d:7b:7f:c2:72:24:7a:0b:bb:
3d:d3:c0:af:72:a6:b0:0c:3f:52:e7:49:88:91:55:
37:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:79:8E:B6:2C:32:61:83:58:18:A5:93:BD:13:4E:44:69:BD:FC:70
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/dnmOtiwyYYNYGKWTvRNORGm9_HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.212.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:66:df:3c:17:27:7b:5c:b1:c5:13:f6:2f:6c:50:62:ac:e1:
33:3b:70:e0:d2:1d:29:09:1b:43:63:7d:66:94:cf:2b:37:a9:
7a:c8:98:1c:15:1b:cb:25:d8:a7:e2:b8:e9:a7:4d:c0:05:01:
42:54:88:9e:48:26:49:26:52:e5:8c:67:28:19:82:d0:85:3c:
ab:9c:08:f5:52:2a:5a:0f:fa:85:f6:8e:f0:f0:eb:e4:4a:ad:
7d:56:1c:e7:0c:ad:cc:fd:06:55:4e:08:b6:9a:28:c1:f2:2e:
65:24:4c:0a:a4:a9:b4:32:aa:5b:5d:c7:21:9b:66:23:87:85:
a3:3e:f4:99:41:49:19:84:c0:fd:4c:72:92:6d:bd:20:0c:bc:
b7:f9:7a:a8:6b:01:66:a6:20:7a:ee:10:2c:3b:b2:b4:b0:b9:
9b:01:71:20:6f:fe:c1:c5:7c:5a:b4:39:5b:73:2a:55:6b:a0:
fd:46:74:84:03:90:50:67:73:e7:b9:e5:4d:bf:5f:d6:87:61:
8f:20:a9:b7:32:6e:ba:d7:ef:77:73:22:d3:ea:3e:81:ab:c8:
89:1f:b4:5c:41:54:32:32:03:ed:f0:99:f4:53:17:64:48:20:
66:05:46:1e:ae:94:bc:63:6b:3e:9f:a8:c6:27:c6:92:1c:03:
f0:85:96:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcTrcEdq12YYCRDtsE9pJrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjMwMzI0MTI1MjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc5OGViNjJjMzI2MTgzNTgxOGE1OTNiZDEzNGU0NDY5YmRmYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFc3e2AVArIauheXnoo7kiJV4Xzh
xcWtslTWGyGhlO8G9QpkiWFpCpyKMNJJ7xKk4BWxlC/WSwszklYW3IcONl/2FD8q
jk8E7JoA4V4JVMGsyf7oKOSFfrS1tagTqlxbzcTujyOzn9ZPNabQMhGPziF2bPv/
Xf6BDg9oLXcIxnHrkPbLvP4BQbulfIGGt36yNb520PhiV/8mBQ8JUOU59reHMB65
ffHulCT7dDF/A8RT98lfOueVzilaIIOCuxhuTkLhd9aps14x2OPHq80jEWmMAIUS
H0cTlia8wypeditnC3lSEm49e3/CciR6C7s908CvcqawDD9S50mIkVU3ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZ5jrYsMmGDWBilk70TTkRpvfxwMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvZG5tT3Rpd3lZWU5ZR0tXVHZSTk9SR205X0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueDUMA0G
CSqGSIb3DQEBCwUAA4IBAQBfZt88Fyd7XLHFE/YvbFBirOEzO3Dg0h0pCRtDY31m
lM8rN6l6yJgcFRvLJdin4rjpp03ABQFCVIieSCZJJlLljGcoGYLQhTyrnAj1Uipa
D/qF9o7w8OvkSq19VhznDK3M/QZVTgi2mijB8i5lJEwKpKm0MqpbXcchm2Yjh4Wj
PvSZQUkZhMD9THKSbb0gDLy3+XqoawFmpiB67hAsO7K0sLmbAXEgb/7BxXxatDlb
cypVa6D9RnSEA5BQZ3PnueVNv1/Wh2GPIKm3Mm661+93cyLT6j6Bq8iJH7RcQVQy
MgPt8Jn0UxdkSCBmBUYerpS8Y2s+n6jGJ8aSHAPwhZbk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:23 2025 by rpki-client