Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/DpgHUu-dJ4cxG5o2Ben3erjbyPM.roa
File: DpgHUu-dJ4cxG5o2Ben3erjbyPM.roa (raw, json)
Hash identifier: h2vcdtVNLL0fX6xlbTtNP2+3zzlvrnnMKNtGe/+3Ia8=
Subject key identifier: 0E:98:07:52:EF:9D:27:87:31:1B:9A:36:05:E9:F7:7A:B8:DB:C8:F3
Certificate issuer: /CN=f5bba55e1f0bf8613ea9bbbe297a281b3c838180
Certificate serial: 01856D4194DE847CE3436063169519196B89
Authority key identifier: F5:BB:A5:5E:1F:0B:F8:61:3E:A9:BB:BE:29:7A:28:1B:3C:83:81:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9bulXh8L-GE-qbu-KXooGzyDgYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/DpgHUu-dJ4cxG5o2Ben3erjbyPM.roa
Signing time: Sun 01 Jan 2023 12:14:52 +0000
ROA not before: Sun 01 Jan 2023 12:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12593
IP address blocks: 185.151.104.0/22 maxlen: 22
94.176.196.0/22 maxlen: 22
94.125.120.0/21 maxlen: 21
212.90.160.0/19 maxlen: 19
2a04:42c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:94:de:84:7c:e3:43:60:63:16:95:19:19:6b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5bba55e1f0bf8613ea9bbbe297a281b3c838180
Validity
Not Before: Jan 1 12:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e980752ef9d2787311b9a3605e9f77ab8dbc8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:5a:7c:7b:f9:b1:a5:70:37:e0:a0:11:d9:
40:0e:21:fe:d4:30:b5:53:69:bc:97:38:a8:cf:d1:
ba:58:cf:ec:de:94:17:61:85:e2:67:90:9b:9c:0b:
5b:73:7b:75:47:56:a4:1e:5b:e1:91:39:1e:21:01:
bc:a6:dd:58:10:37:cd:90:ef:46:fc:f1:7a:4a:e8:
c6:dd:db:af:49:fb:9f:3e:cc:90:20:46:3c:5b:03:
57:b1:76:3d:1d:07:97:7c:be:e1:a2:af:8f:c7:01:
99:ae:49:fb:e6:4e:a5:cd:d7:d6:e1:b6:dc:cc:1a:
74:32:fc:23:31:c3:61:da:3b:34:0b:87:ab:53:06:
9b:11:03:e1:b2:a0:9e:66:fc:8f:c7:3b:75:c7:70:
bf:14:5c:a4:5c:81:53:80:0d:c2:ee:1f:09:2e:6b:
73:ee:e1:41:10:e0:31:68:7a:56:17:c2:be:37:a3:
0a:c2:0b:af:98:84:bc:c2:e7:07:06:ed:a5:4a:4d:
66:2e:81:38:3b:b2:fc:f2:46:86:a9:7f:1f:5f:1e:
b9:db:5a:a8:c9:33:88:4b:dd:ce:94:d1:9e:b9:f2:
49:89:91:ed:29:4d:fc:64:83:b8:e3:9f:b7:ab:fb:
cf:d4:f7:79:f8:70:1c:34:f4:96:6e:c9:96:48:aa:
90:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:98:07:52:EF:9D:27:87:31:1B:9A:36:05:E9:F7:7A:B8:DB:C8:F3
X509v3 Authority Key Identifier:
keyid:F5:BB:A5:5E:1F:0B:F8:61:3E:A9:BB:BE:29:7A:28:1B:3C:83:81:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bulXh8L-GE-qbu-KXooGzyDgYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/DpgHUu-dJ4cxG5o2Ben3erjbyPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/9bulXh8L-GE-qbu-KXooGzyDgYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.120.0/21
94.176.196.0/22
185.151.104.0/22
212.90.160.0/19
IPv6:
2a04:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
bf:94:bd:70:23:74:6e:b9:15:6e:56:71:49:ee:37:bf:f4:89:
b8:41:e2:c2:fb:14:bc:ef:59:bb:b4:6a:93:16:8b:2a:36:37:
8f:3e:d4:80:f2:7f:a6:01:7e:3e:10:bd:4a:5b:e7:34:29:7f:
c1:76:55:7e:62:31:d3:a3:c7:eb:63:02:31:c0:14:df:7a:6d:
5d:08:87:cf:71:2e:79:14:e5:76:ab:89:27:bc:a0:08:d6:b3:
01:20:ef:f2:01:0c:5a:47:7a:c4:5e:ae:36:d8:18:c1:21:5e:
41:4b:5f:1c:f8:37:1a:2c:b3:ff:ae:05:bd:88:65:39:ab:bf:
d4:b1:4d:62:a1:35:98:c8:60:69:5a:18:59:d7:94:e3:6c:40:
fd:ad:15:4c:6c:11:66:c9:69:7b:18:4b:31:a4:6a:ab:34:53:
25:bd:6f:0c:c3:3c:e4:0c:c5:4f:f0:88:65:73:60:71:45:24:
ca:d6:4f:a5:d3:36:b9:b4:fb:8d:76:35:6f:f2:ba:40:15:8b:
6e:0d:cc:11:dd:2d:8c:94:65:d9:68:62:75:a1:f0:95:02:a8:
b7:d5:a8:ba:80:b3:23:74:25:7e:32:c6:9c:13:0c:5b:f2:b8:
03:ac:e7:19:dc:3e:78:be:3c:2a:49:18:d7:a0:aa:3a:39:08:
ef:a9:c0:b9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtQZTehHzjQ2BjFpUZGWuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YmJhNTVlMWYwYmY4NjEzZWE5YmJiZTI5N2EyODFiM2M4
MzgxODAwHhcNMjMwMTAxMTIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTk4MDc1MmVmOWQyNzg3MzExYjlhMzYwNWU5Zjc3YWI4ZGJjOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxFafHv5saVwN+CgEdlADiH+1DC1
U2m8lzioz9G6WM/s3pQXYYXiZ5CbnAtbc3t1R1akHlvhkTkeIQG8pt1YEDfNkO9G
/PF6SujG3duvSfufPsyQIEY8WwNXsXY9HQeXfL7hoq+PxwGZrkn75k6lzdfW4bbc
zBp0MvwjMcNh2js0C4erUwabEQPhsqCeZvyPxzt1x3C/FFykXIFTgA3C7h8JLmtz
7uFBEOAxaHpWF8K+N6MKwguvmIS8wucHBu2lSk1mLoE4O7L88kaGqX8fXx6521qo
yTOIS93OlNGeufJJiZHtKU38ZIO445+3q/vP1Pd5+HAcNPSWbsmWSKqQRwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA6YB1LvnSeHMRuaNgXp93q428jzMB8GA1UdIwQY
MBaAFPW7pV4fC/hhPqm7vil6KBs8g4GAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJ1bFhoOEwtR0UtcWJ1LUtYb29HenlEZ1lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xN2NjNGEtMjkyYy00ZDUwLThkM2Ut
ZjViOTdjMGYwZjI0LzEvRHBnSFV1LWRKNGN4RzVvMkJlbjNlcmpieVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xN2NjNGEtMjkyYy00ZDUwLThkM2UtZjViOTdjMGYwZjI0
LzEvOWJ1bFhoOEwtR0UtcWJ1LUtYb29HenlEZ1lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXn14AwQC
XrDEAwQCuZdoAwQF1FqgMA0EAgACMAcDBQMqBELAMA0GCSqGSIb3DQEBCwUAA4IB
AQC/lL1wI3RuuRVuVnFJ7je/9Im4QeLC+xS871m7tGqTFosqNjePPtSA8n+mAX4+
EL1KW+c0KX/BdlV+YjHTo8frYwIxwBTfem1dCIfPcS55FOV2q4knvKAI1rMBIO/y
AQxaR3rEXq422BjBIV5BS18c+DcaLLP/rgW9iGU5q7/UsU1ioTWYyGBpWhhZ15Tj
bED9rRVMbBFmyWl7GEsxpGqrNFMlvW8MwzzkDMVP8Ihlc2BxRSTK1k+l0za5tPuN
djVv8rpAFYtuDcwR3S2MlGXZaGJ1ofCVAqi31ai6gLMjdCV+MsacEwxb8rgDrOcZ
3D54vjwqSRjXoKo6OQjvqcC5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:51 2025 by rpki-client