Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/DRHEyAIdDVEm1KR2B9FVkDgHTkI.roa
File: DRHEyAIdDVEm1KR2B9FVkDgHTkI.roa (raw, json)
Hash identifier: BBR20G/M+PhoUEWvlBw2CXzFsf8SGXtyjbQr+KhqqPQ=
Subject key identifier: 0D:11:C4:C8:02:1D:0D:51:26:D4:A4:76:07:D1:55:90:38:07:4E:42
Certificate issuer: /CN=1bcee40405aefb6da17a340eef159ce9c4d18322
Certificate serial: 0185734CA79BD18E384A725F5F5A847DF58C
Authority key identifier: 1B:CE:E4:04:05:AE:FB:6D:A1:7A:34:0E:EF:15:9C:E9:C4:D1:83:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G87kBAWu-22hejQO7xWc6cTRgyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/DRHEyAIdDVEm1KR2B9FVkDgHTkI.roa
Signing time: Mon 02 Jan 2023 16:24:41 +0000
ROA not before: Mon 02 Jan 2023 16:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62105
IP address blocks: 82.163.40.0/21 maxlen: 21
185.47.132.0/22 maxlen: 22
2a01:90a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:a7:9b:d1:8e:38:4a:72:5f:5f:5a:84:7d:f5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bcee40405aefb6da17a340eef159ce9c4d18322
Validity
Not Before: Jan 2 16:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d11c4c8021d0d5126d4a47607d1559038074e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:1a:9c:f4:24:d7:45:40:25:12:8d:c8:cd:
87:68:5b:08:f2:7d:f9:9d:cd:c9:d1:7b:97:83:3d:
ee:3c:cb:6c:82:98:c0:d0:b4:0b:6a:53:10:c3:be:
18:57:86:8c:c4:f2:cb:0a:da:fb:db:c6:ab:b4:d4:
af:cf:25:1b:70:ef:90:0c:c2:42:98:70:ea:f9:d1:
30:38:3c:89:cd:75:3a:3d:ff:30:53:9d:f6:58:5c:
61:09:d1:9c:2b:cd:2d:aa:32:c8:e5:df:5c:5d:4b:
5b:5c:fb:db:a0:6a:d9:35:d5:39:08:6b:45:6b:57:
16:fa:fc:86:9a:e3:4b:19:ff:e6:f5:7d:89:cc:84:
5c:70:44:91:39:ef:7e:4d:f4:40:8d:9a:cb:eb:ed:
be:19:58:6c:0f:7f:d7:86:09:e2:1b:ee:c9:e9:3e:
36:e6:1a:f4:c8:b7:eb:20:94:05:c7:7e:38:53:93:
80:7c:52:14:b6:4e:72:f2:da:a1:11:9e:22:93:f0:
b1:76:e8:81:21:2a:70:53:bb:e8:f3:a5:66:bd:8c:
eb:a7:d0:02:12:a1:4c:68:92:1a:dc:7c:14:af:ec:
08:47:c2:23:36:d3:a8:5a:8d:16:8e:49:b7:79:38:
71:ac:28:5a:c0:5f:69:2d:ff:6a:06:7c:a4:37:d3:
b6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:11:C4:C8:02:1D:0D:51:26:D4:A4:76:07:D1:55:90:38:07:4E:42
X509v3 Authority Key Identifier:
keyid:1B:CE:E4:04:05:AE:FB:6D:A1:7A:34:0E:EF:15:9C:E9:C4:D1:83:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G87kBAWu-22hejQO7xWc6cTRgyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/DRHEyAIdDVEm1KR2B9FVkDgHTkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/G87kBAWu-22hejQO7xWc6cTRgyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.40.0/21
185.47.132.0/22
IPv6:
2a01:90a0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:37:eb:fa:21:ff:cd:48:fa:dd:d6:c2:5f:3e:35:48:0c:87:
ff:97:cd:4f:51:0a:49:e1:71:63:3f:6d:62:c7:df:53:77:3e:
ae:bd:38:3f:0d:f5:d7:79:27:78:a4:84:24:21:36:df:2f:d4:
4d:0e:04:dc:a7:33:c3:25:ed:6c:dc:e3:6c:52:5f:f5:e5:9b:
ec:75:ec:9b:67:3d:19:33:44:2f:fc:e1:14:9d:a5:a4:c5:9f:
48:5e:97:95:aa:98:24:0b:f4:a8:a7:83:27:c3:fd:aa:d9:18:
8d:8b:a6:fc:a2:4f:3a:a7:67:64:47:c7:02:1a:fd:d0:ae:c7:
8d:47:77:93:21:a8:a9:62:f5:c5:ab:a0:eb:84:d6:15:8f:87:
a3:02:04:f5:f8:7b:ac:83:1d:77:9f:12:ef:e4:33:b2:5f:1e:
83:7e:b4:ea:5c:60:53:68:4b:c0:65:bc:7e:67:b4:19:00:2b:
0f:2e:b5:22:d7:e7:18:a3:1c:57:b4:0d:a0:36:24:39:11:68:
19:05:ba:70:ec:a3:cb:0e:70:e0:33:0f:cd:e8:5a:04:c3:bf:
79:f2:57:e3:96:1e:5a:69:c8:b4:2a:f6:dd:75:e9:f5:a7:7f:
b7:2e:07:28:8e:74:18:59:34:83:11:38:47:2e:e9:77:20:21:
21:2e:8b:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzTKeb0Y44SnJfX1qEffWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiY2VlNDA0MDVhZWZiNmRhMTdhMzQwZWVmMTU5Y2U5YzRk
MTgzMjIwHhcNMjMwMTAyMTYyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDExYzRjODAyMWQwZDUxMjZkNGE0NzYwN2QxNTU5MDM4MDc0ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkYanPQk10VAJRKNyM2HaFsI8n35
nc3J0XuXgz3uPMtsgpjA0LQLalMQw74YV4aMxPLLCtr728artNSvzyUbcO+QDMJC
mHDq+dEwODyJzXU6Pf8wU532WFxhCdGcK80tqjLI5d9cXUtbXPvboGrZNdU5CGtF
a1cW+vyGmuNLGf/m9X2JzIRccESROe9+TfRAjZrL6+2+GVhsD3/XhgniG+7J6T42
5hr0yLfrIJQFx344U5OAfFIUtk5y8tqhEZ4ik/CxduiBISpwU7vo86VmvYzrp9AC
EqFMaJIa3HwUr+wIR8IjNtOoWo0Wjkm3eThxrChawF9pLf9qBnykN9O2sQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA0RxMgCHQ1RJtSkdgfRVZA4B05CMB8GA1UdIwQY
MBaAFBvO5AQFrvttoXo0Du8VnOnE0YMiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzg3a0JBV3UtMjJoZWpRTzd4V2M2Y1RSZ3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hZjg5ZDgtOGMzNS00YzhjLWIxNWQt
N2U0NmFkNzQ4NDg0LzEvRFJIRXlBSWREVkVtMUtSMkI5RlZrRGdIVGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hZjg5ZDgtOGMzNS00YzhjLWIxNWQtN2U0NmFkNzQ4NDg0
LzEvRzg3a0JBV3UtMjJoZWpRTzd4V2M2Y1RSZ3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDUqMoAwQC
uS+EMA0EAgACMAcDBQAqAZCgMA0GCSqGSIb3DQEBCwUAA4IBAQBsN+v6If/NSPrd
1sJfPjVIDIf/l81PUQpJ4XFjP21ix99Tdz6uvTg/DfXXeSd4pIQkITbfL9RNDgTc
pzPDJe1s3ONsUl/15ZvsdeybZz0ZM0Qv/OEUnaWkxZ9IXpeVqpgkC/Sop4Mnw/2q
2RiNi6b8ok86p2dkR8cCGv3QrseNR3eTIaipYvXFq6DrhNYVj4ejAgT1+Husgx13
nxLv5DOyXx6DfrTqXGBTaEvAZbx+Z7QZACsPLrUi1+cYoxxXtA2gNiQ5EWgZBbpw
7KPLDnDgMw/N6FoEw7958lfjlh5aaci0Kvbdden1p3+3LgcojnQYWTSDEThHLul3
ICEhLotF
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:53 2025 by rpki-client