Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/DW8PQPfdKSrsbCzmOyHLx9j6NmE.roa
File: DW8PQPfdKSrsbCzmOyHLx9j6NmE.roa (raw, json)
Hash identifier: d31pjvd6JwrJwdyUgzA+JqKM9/iuFNyNbUgJTjbvY70=
Subject key identifier: 0D:6F:0F:40:F7:DD:29:2A:EC:6C:2C:E6:3B:21:CB:C7:D8:FA:36:61
Certificate issuer: /CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Certificate serial: 01856F14E22D58B9D52F5BBE1E24120B6C75
Authority key identifier: 5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/DW8PQPfdKSrsbCzmOyHLx9j6NmE.roa
Signing time: Sun 01 Jan 2023 20:45:17 +0000
ROA not before: Sun 01 Jan 2023 20:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39242
IP address blocks: 109.70.160.0/21 maxlen: 21
81.19.112.0/20 maxlen: 20
2a02:ef0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e2:2d:58:b9:d5:2f:5b:be:1e:24:12:0b:6c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Validity
Not Before: Jan 1 20:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d6f0f40f7dd292aec6c2ce63b21cbc7d8fa3661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:31:09:94:3e:c4:a4:f5:77:5b:da:58:c4:
b2:0a:fe:32:07:73:b0:47:33:02:0a:49:26:3b:d9:
3b:f1:cd:6d:ab:70:a7:b3:c6:5f:31:d6:0f:d4:4d:
ad:9a:27:5a:a6:d2:7f:73:12:b3:82:53:3e:c5:4d:
8a:a9:3d:83:a5:a4:bb:4f:60:1a:64:33:72:60:4c:
ad:97:d1:02:4c:b5:5f:95:6c:d7:59:7b:f4:c6:1d:
03:cf:87:dd:66:05:88:68:af:88:c4:42:99:7b:d0:
a4:ef:46:f4:62:7e:fb:95:61:6b:e2:a1:8e:e9:93:
f3:96:bd:da:df:07:76:16:fd:2e:94:47:3b:e3:c0:
40:09:3c:ee:27:3f:bf:57:fb:5a:c1:e2:0b:ae:df:
7a:83:fb:e2:bf:87:df:f3:2d:e4:60:fa:b8:d7:fe:
0e:f5:be:06:89:9e:36:7b:af:63:f2:94:92:7e:e1:
d2:ea:1d:58:51:cc:34:48:fd:49:8f:57:6e:12:06:
a5:2c:7b:b9:1c:7e:12:02:cf:6a:9f:fc:2f:0b:df:
7c:dc:8f:30:f6:c8:6e:81:7d:ea:d9:2e:67:86:bb:
47:6e:c7:f0:a3:c1:8d:ac:f8:fc:40:50:d0:bc:3c:
44:19:7f:26:41:e1:61:66:37:8a:cb:ef:79:b1:28:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6F:0F:40:F7:DD:29:2A:EC:6C:2C:E6:3B:21:CB:C7:D8:FA:36:61
X509v3 Authority Key Identifier:
keyid:5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/DW8PQPfdKSrsbCzmOyHLx9j6NmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.112.0/20
109.70.160.0/21
IPv6:
2a02:ef0::/32
Signature Algorithm: sha256WithRSAEncryption
17:c2:2d:cd:33:e6:2f:7c:61:71:de:24:d8:c8:2f:97:66:b8:
a8:89:22:9b:49:cb:d3:51:e1:24:33:31:94:63:09:8d:2e:78:
2f:e7:d1:67:02:cf:55:12:72:4a:53:fd:14:aa:35:0e:58:6e:
73:39:ca:95:a1:bc:25:c6:97:00:29:08:ba:58:a4:95:fc:4f:
c0:36:73:90:f7:e9:9a:b1:1f:fc:2b:a2:26:59:33:39:2d:73:
b2:d3:6f:ca:a9:35:49:67:ba:93:75:f7:15:80:de:9c:00:0a:
32:06:55:3a:97:8f:36:c1:34:8f:03:0e:39:2f:33:35:0c:d0:
f1:06:ab:94:bf:f0:d3:29:19:01:44:67:c8:29:c3:e8:3c:8f:
51:ea:c8:39:0e:73:f1:bd:83:2d:63:c3:00:4c:87:b3:a3:8a:
31:f8:4b:96:d7:9e:9b:87:22:15:6c:a4:e6:c4:88:15:85:6a:
a1:b2:f2:e6:5d:7e:a7:67:93:86:86:58:ed:21:cd:a2:8b:f6:
00:9b:34:75:49:89:f5:80:5d:e4:b5:23:88:3d:11:cd:a3:a6:
3e:ae:02:fd:eb:b1:e7:6d:25:94:d3:27:21:85:cf:59:ea:cb:
87:36:54:1d:26:3e:52:c4:b7:fe:3a:83:b6:28:2d:2a:5c:c9:
95:61:a0:f5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvFOItWLnVL1u+HiQSC2x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTlmNDkwZDNiNjliMjJlMWUyN2MzMjZiYWY3MjMxMTA1
NmRkYjgwHhcNMjMwMTAxMjA0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZmMGY0MGY3ZGQyOTJhZWM2YzJjZTYzYjIxY2JjN2Q4ZmEzNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGExCZQ+xKT1d1vaWMSyCv4yB3Ow
RzMCCkkmO9k78c1tq3Cns8ZfMdYP1E2tmidaptJ/cxKzglM+xU2KqT2DpaS7T2Aa
ZDNyYEytl9ECTLVflWzXWXv0xh0Dz4fdZgWIaK+IxEKZe9Ck70b0Yn77lWFr4qGO
6ZPzlr3a3wd2Fv0ulEc748BACTzuJz+/V/taweILrt96g/viv4ff8y3kYPq41/4O
9b4GiZ42e69j8pSSfuHS6h1YUcw0SP1Jj1duEgalLHu5HH4SAs9qn/wvC9983I8w
9shugX3q2S5nhrtHbsfwo8GNrPj8QFDQvDxEGX8mQeFhZjeKy+95sSguGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA1vD0D33Skq7Gws5jshy8fY+jZhMB8GA1UdIwQY
MBaAFF1Z9JDTtpsi4eJ8MmuvcjEQVt24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEt
NzkzNDhlODM2NmJjLzEvRFc4UFFQZmRLU3JzYkN6bU95SEx4OWo2Tm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEtNzkzNDhlODM2NmJj
LzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEURNwAwQD
bUagMA0EAgACMAcDBQAqAg7wMA0GCSqGSIb3DQEBCwUAA4IBAQAXwi3NM+YvfGFx
3iTYyC+XZrioiSKbScvTUeEkMzGUYwmNLngv59FnAs9VEnJKU/0UqjUOWG5zOcqV
obwlxpcAKQi6WKSV/E/ANnOQ9+masR/8K6ImWTM5LXOy02/KqTVJZ7qTdfcVgN6c
AAoyBlU6l482wTSPAw45LzM1DNDxBquUv/DTKRkBRGfIKcPoPI9R6sg5DnPxvYMt
Y8MATIezo4ox+EuW156bhyIVbKTmxIgVhWqhsvLmXX6nZ5OGhljtIc2ii/YAmzR1
SYn1gF3ktSOIPRHNo6Y+rgL967HnbSWU0ychhc9Z6suHNlQdJj5SxLf+OoO2KC0q
XMmVYaD1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:38 2025 by rpki-client