Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/x1DJdRgm_61CNbUir26yIfZ9zds.roa
File: x1DJdRgm_61CNbUir26yIfZ9zds.roa (raw, json)
Hash identifier: lp7LrSjnkdLnAL3c2Ouo5zRmIx3S9UHKqErOVjLcJto=
Subject key identifier: C7:50:C9:75:18:26:FF:AD:42:35:B5:22:AF:6E:B2:21:F6:7D:CD:DB
Certificate issuer: /CN=96773e9cc974301a78b7ee6d994528f1f882e46f
Certificate serial: 01856E6F96198FDF845E1F734B9C5EB741BD
Authority key identifier: 96:77:3E:9C:C9:74:30:1A:78:B7:EE:6D:99:45:28:F1:F8:82:E4:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lnc-nMl0MBp4t-5tmUUo8fiC5G8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/x1DJdRgm_61CNbUir26yIfZ9zds.roa
Signing time: Sun 01 Jan 2023 17:44:44 +0000
ROA not before: Sun 01 Jan 2023 17:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48294
IP address blocks: 185.38.244.0/22 maxlen: 24
185.126.248.0/22 maxlen: 22
188.164.224.0/21 maxlen: 24
185.81.244.0/22 maxlen: 24
185.81.252.0/22 maxlen: 24
194.150.200.0/23 maxlen: 24
91.194.46.0/23 maxlen: 24
94.126.208.0/21 maxlen: 24
185.77.56.0/22 maxlen: 22
2a02:5d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:96:19:8f:df:84:5e:1f:73:4b:9c:5e:b7:41:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96773e9cc974301a78b7ee6d994528f1f882e46f
Validity
Not Before: Jan 1 17:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c750c9751826ffad4235b522af6eb221f67dcddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:5e:b7:51:7f:a2:9b:e1:a9:94:0d:d9:f9:
59:e6:1c:68:b4:df:ab:85:1d:83:9b:e7:34:1f:c6:
71:38:cd:cd:00:2e:29:69:e7:a5:40:7a:f0:63:ca:
7e:43:30:93:cf:f4:c7:51:15:10:c2:f1:eb:18:9a:
bc:fb:ae:37:f9:98:70:ec:9d:d7:8d:05:80:86:45:
f2:91:54:7f:03:78:84:f3:6c:52:d1:6d:a6:08:7c:
89:69:f7:03:2b:47:d7:a7:36:33:0b:f4:c5:42:ec:
23:07:e9:12:8a:f7:14:4a:f3:8d:fe:7a:3e:74:84:
ec:f9:61:e8:ba:53:3f:da:ba:81:a9:e4:9d:a0:3a:
bb:f9:8c:f8:36:93:92:b9:40:e8:fa:38:ad:c6:03:
47:5f:fb:ec:d9:27:ba:fa:7e:f6:90:58:ba:bd:94:
b4:02:27:7f:79:f8:5d:c0:2c:63:f6:da:b8:9f:96:
56:c7:ef:3a:ab:e5:d8:7f:72:c6:28:ca:87:48:62:
19:d1:1a:ee:cd:95:96:61:3e:3c:10:87:ba:a7:dd:
9a:93:05:ff:d7:9f:3b:96:ee:ee:e2:25:ed:34:75:
1b:6b:c3:ce:cf:db:52:56:0e:fb:4b:73:73:42:3d:
50:5a:d9:1c:74:68:67:a0:a7:57:7f:67:1d:70:d5:
76:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:50:C9:75:18:26:FF:AD:42:35:B5:22:AF:6E:B2:21:F6:7D:CD:DB
X509v3 Authority Key Identifier:
keyid:96:77:3E:9C:C9:74:30:1A:78:B7:EE:6D:99:45:28:F1:F8:82:E4:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnc-nMl0MBp4t-5tmUUo8fiC5G8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/x1DJdRgm_61CNbUir26yIfZ9zds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/lnc-nMl0MBp4t-5tmUUo8fiC5G8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.46.0/23
94.126.208.0/21
185.38.244.0/22
185.77.56.0/22
185.81.244.0/22
185.81.252.0/22
185.126.248.0/22
188.164.224.0/21
194.150.200.0/23
IPv6:
2a02:5d80::/29
Signature Algorithm: sha256WithRSAEncryption
69:88:a5:4b:3b:f6:7a:a8:41:63:94:3d:40:34:8f:0d:1a:62:
c6:a9:c1:15:46:7a:d6:7e:ee:33:b3:6c:99:ba:b4:c7:c4:df:
ca:6f:11:d7:60:67:99:e2:a1:fc:d1:ef:6c:73:ce:ab:36:20:
75:c0:17:4a:5b:55:78:37:34:7b:bf:d9:80:e1:9a:cb:82:6a:
90:98:8f:7a:5b:5e:f1:b3:2b:df:22:8f:aa:8d:3c:87:84:bb:
69:0a:d0:da:97:92:14:b6:75:a1:06:c0:0d:e8:98:78:be:45:
fc:ce:6a:3e:8b:0c:e3:c7:8b:0b:fe:79:7b:b9:75:2f:59:f6:
3a:1b:93:3f:c1:86:5a:56:22:fb:7c:e4:c1:c2:70:7e:ca:cf:
8c:cb:3e:96:03:53:7f:53:5a:6e:49:d3:51:e9:ea:55:40:6e:
e6:51:72:5e:91:b9:99:a2:fb:90:be:18:2c:96:60:30:bf:4a:
2b:f4:18:58:08:c7:f3:80:cd:93:3c:79:c6:be:eb:02:00:47:
ad:30:0f:88:31:99:26:af:f9:ce:40:e5:5e:a4:d1:5d:c7:8c:
f9:94:5c:c5:f1:5c:a5:14:6d:47:46:84:35:ab:57:69:9b:99:
3d:ca:72:d4:11:50:73:36:85:fa:8e:b1:c1:84:c8:64:7e:2b:
68:e8:2c:8c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVub5YZj9+EXh9zS5xet0G9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzczZTljYzk3NDMwMWE3OGI3ZWU2ZDk5NDUyOGYxZjg4
MmU0NmYwHhcNMjMwMTAxMTc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzUwYzk3NTE4MjZmZmFkNDIzNWI1MjJhZjZlYjIyMWY2N2RjZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugdet1F/opvhqZQN2flZ5hxotN+r
hR2Dm+c0H8ZxOM3NAC4paeelQHrwY8p+QzCTz/THURUQwvHrGJq8+643+Zhw7J3X
jQWAhkXykVR/A3iE82xS0W2mCHyJafcDK0fXpzYzC/TFQuwjB+kSivcUSvON/no+
dITs+WHoulM/2rqBqeSdoDq7+Yz4NpOSuUDo+jitxgNHX/vs2Se6+n72kFi6vZS0
Aid/efhdwCxj9tq4n5ZWx+86q+XYf3LGKMqHSGIZ0RruzZWWYT48EIe6p92akwX/
1587lu7u4iXtNHUba8POz9tSVg77S3NzQj1QWtkcdGhnoKdXf2cdcNV2qQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMdQyXUYJv+tQjW1Iq9usiH2fc3bMB8GA1UdIwQY
MBaAFJZ3PpzJdDAaeLfubZlFKPH4guRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5jLW5NbDBNQnA0dC01dG1VVW84ZmlDNUc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85MTIwY2ItMGIwNi00ODYxLWI2NTct
NzU3ODM4NjcwOTQ4LzEveDFESmRSZ21fNjFDTmJVaXIyNnlJZlo5emRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS85MTIwY2ItMGIwNi00ODYxLWI2NTctNzU3ODM4NjcwOTQ4
LzEvbG5jLW5NbDBNQnA0dC01dG1VVW84ZmlDNUc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQBW8IuAwQD
Xn7QAwQCuSb0AwQCuU04AwQCuVH0AwQCuVH8AwQCuX74AwQDvKTgAwQBwpbIMA0E
AgACMAcDBQMqAl2AMA0GCSqGSIb3DQEBCwUAA4IBAQBpiKVLO/Z6qEFjlD1ANI8N
GmLGqcEVRnrWfu4zs2yZurTHxN/KbxHXYGeZ4qH80e9sc86rNiB1wBdKW1V4NzR7
v9mA4ZrLgmqQmI96W17xsyvfIo+qjTyHhLtpCtDal5IUtnWhBsAN6Jh4vkX8zmo+
iwzjx4sL/nl7uXUvWfY6G5M/wYZaViL7fOTBwnB+ys+Myz6WA1N/U1puSdNR6epV
QG7mUXJekbmZovuQvhgslmAwv0or9BhYCMfzgM2TPHnGvusCAEetMA+IMZkmr/nO
QOVepNFdx4z5lFzF8VylFG1HRoQ1q1dpm5k9ynLUEVBzNoX6jrHBhMhkfito6CyM
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:45:33 2025 by rpki-client