Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/do9XBIdv-W-dqE8N2AnZ83wSABo.roa
File: do9XBIdv-W-dqE8N2AnZ83wSABo.roa (raw, json)
Hash identifier: oQthsyPR6vzCWUVZb9WVXMEeWT9cHnJvt6wuUBNEwBg=
Subject key identifier: 76:8F:57:04:87:6F:F9:6F:9D:A8:4F:0D:D8:09:D9:F3:7C:12:00:1A
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 01856D13C8AD7B56B4932C9B66003283B1C6
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/do9XBIdv-W-dqE8N2AnZ83wSABo.roa
Signing time: Sun 01 Jan 2023 11:24:51 +0000
ROA not before: Sun 01 Jan 2023 11:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134121
IP address blocks: 212.115.52.0/22 maxlen: 22
93.90.72.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:c8:ad:7b:56:b4:93:2c:9b:66:00:32:83:b1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jan 1 11:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=768f5704876ff96f9da84f0dd809d9f37c12001a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:11:47:7b:e0:25:52:9e:f8:a2:d0:ff:37:eb:
ef:20:3c:8a:4d:2e:84:12:f1:fa:3c:2f:ac:c3:dc:
15:68:36:6d:bc:9f:65:79:68:ee:82:c2:3f:8e:fd:
0f:06:98:53:ad:11:d8:8c:2a:5f:d6:0e:ed:a8:68:
0a:61:99:31:3e:7f:18:0b:9a:b0:9d:eb:73:4c:52:
08:49:6e:3e:cb:10:10:81:3a:37:f6:a3:96:e1:3e:
87:1c:74:38:59:7d:22:61:34:1e:40:4c:f4:51:9f:
12:c3:20:99:e8:c8:f5:03:24:72:14:37:3a:ba:a7:
90:97:aa:c6:d6:cb:42:9d:a5:2a:4f:37:25:ce:9a:
ca:4e:5f:a0:8c:23:f2:bb:f4:1e:0f:a3:f5:6f:36:
4c:e4:c0:ca:50:14:91:97:3c:a5:38:3f:0d:eb:67:
9a:f7:bd:94:1b:a4:7a:3e:c4:e9:7e:dc:b6:b1:bc:
3b:57:35:60:df:53:60:ae:36:3f:17:9d:85:75:b3:
ff:e8:98:19:4e:61:b6:b0:90:01:3d:d6:35:7b:7b:
f4:6f:1f:bc:89:dc:7d:2e:87:5a:3a:3c:31:57:5e:
5d:9b:1c:98:fe:78:08:aa:23:4e:be:d6:22:5e:05:
8a:87:20:50:98:56:75:0e:67:fd:f1:29:13:30:eb:
0e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8F:57:04:87:6F:F9:6F:9D:A8:4F:0D:D8:09:D9:F3:7C:12:00:1A
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/do9XBIdv-W-dqE8N2AnZ83wSABo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.72.0/23
212.115.52.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:22:70:5a:74:33:79:e1:91:93:2a:b0:ea:ba:4f:e9:96:2e:
91:f0:d1:34:ec:0a:69:17:b6:b5:b1:3e:41:1d:67:a9:3a:0f:
03:c9:e8:5f:13:40:4e:08:86:75:19:cd:c0:c6:7a:73:37:36:
01:1e:5d:20:5d:ae:9e:18:8a:50:41:b5:8d:6b:00:19:af:60:
c7:fe:ce:23:9a:1b:36:49:e8:11:af:ea:ba:11:97:13:a6:e6:
84:2a:1d:53:8d:90:4e:3f:29:3e:a8:80:82:0a:3b:0f:b7:c3:
7d:fa:11:b7:88:1d:1d:37:da:49:7a:49:c0:40:10:70:78:13:
25:04:d4:f0:53:f7:fd:9f:39:81:34:b1:0c:1a:80:75:8e:0e:
e9:bc:1e:2e:af:74:1f:46:56:13:de:29:fc:d9:d0:a9:e8:61:
32:b9:55:f6:06:9d:f2:44:e7:96:18:77:20:ef:42:79:c7:15:
b8:a3:59:e4:bf:6b:a5:ef:21:00:ff:a1:82:5a:e4:46:8e:37:
70:cd:67:66:55:a5:f8:26:b1:b4:15:26:bf:f1:c2:46:4e:d1:
50:fa:80:4d:86:90:4a:ff:89:e9:ad:d4:57:0f:18:aa:28:09:
13:20:df:02:79:32:78:0c:0d:6e:cc:c2:89:5b:d3:3a:2c:29:
d1:e1:d8:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtE8ite1a0kyybZgAyg7HGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwMTAxMTEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhmNTcwNDg3NmZmOTZmOWRhODRmMGRkODA5ZDlmMzdjMTIwMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RFHe+AlUp74otD/N+vvIDyKTS6E
EvH6PC+sw9wVaDZtvJ9leWjugsI/jv0PBphTrRHYjCpf1g7tqGgKYZkxPn8YC5qw
netzTFIISW4+yxAQgTo39qOW4T6HHHQ4WX0iYTQeQEz0UZ8SwyCZ6Mj1AyRyFDc6
uqeQl6rG1stCnaUqTzclzprKTl+gjCPyu/QeD6P1bzZM5MDKUBSRlzylOD8N62ea
972UG6R6PsTpfty2sbw7VzVg31NgrjY/F52FdbP/6JgZTmG2sJABPdY1e3v0bx+8
idx9LodaOjwxV15dmxyY/ngIqiNOvtYiXgWKhyBQmFZ1Dmf98SkTMOsORwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaPVwSHb/lvnahPDdgJ2fN8EgAaMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvZG85WEJJZHYtVy1kcUU4TjJBblo4M3dTQUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXVpIAwQC
1HM0MA0GCSqGSIb3DQEBCwUAA4IBAQB+InBadDN54ZGTKrDquk/pli6R8NE07App
F7a1sT5BHWepOg8DyehfE0BOCIZ1Gc3AxnpzNzYBHl0gXa6eGIpQQbWNawAZr2DH
/s4jmhs2SegRr+q6EZcTpuaEKh1TjZBOPyk+qICCCjsPt8N9+hG3iB0dN9pJeknA
QBBweBMlBNTwU/f9nzmBNLEMGoB1jg7pvB4ur3QfRlYT3in82dCp6GEyuVX2Bp3y
ROeWGHcg70J5xxW4o1nkv2ul7yEA/6GCWuRGjjdwzWdmVaX4JrG0FSa/8cJGTtFQ
+oBNhpBK/4nprdRXDxiqKAkTIN8CeTJ4DA1uzMKJW9M6LCnR4dh6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:28 2025 by rpki-client