Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/DGvLa4BwiHf3qjOUNq9udagPW6E.roa
File: DGvLa4BwiHf3qjOUNq9udagPW6E.roa (raw, json)
Hash identifier: cSQBVBus7yEGpMb5uq1M2SpbzJnzEclF9hQZqbBjnpY=
Subject key identifier: 0C:6B:CB:6B:80:70:88:77:F7:AA:33:94:36:AF:6E:75:A8:0F:5B:A1
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50C5007E
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/DGvLa4BwiHf3qjOUNq9udagPW6E.roa
Signing time: Sat 01 Jan 2022 16:01:40 +0000
ROA not before: Sat 01 Jan 2022 16:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12429
IP address blocks: 193.246.32.0/21 maxlen: 21
193.246.40.0/21 maxlen: 21
193.223.24.0/22 maxlen: 22
193.223.20.0/22 maxlen: 22
193.222.64.0/19 maxlen: 20
188.92.48.0/21 maxlen: 22
188.92.48.0/22 maxlen: 22
193.223.44.0/22 maxlen: 22
193.223.48.0/20 maxlen: 20
193.246.208.0/20 maxlen: 20
194.11.144.0/21 maxlen: 24
2a02:a90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1355087998 (0x50c5007e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c6bcb6b80708877f7aa339436af6e75a80f5ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:92:d5:34:55:37:d2:1a:95:30:ff:a3:e8:eb:
45:0c:c9:83:71:af:b8:56:bb:9c:5e:b1:49:b1:94:
83:df:3e:e4:a8:d4:ff:6e:99:a1:30:d4:b6:30:96:
29:57:44:d4:b2:97:39:2d:25:78:26:a9:c7:1f:9a:
5f:05:69:9a:53:dc:4a:96:ca:e6:45:53:2b:0e:2c:
e7:3c:a7:46:04:ff:0e:da:c2:62:7c:b4:ee:ea:74:
f7:78:e2:f6:ea:1d:8c:b5:9a:16:c5:c5:4b:ec:e0:
84:06:94:a6:0b:83:54:c2:f2:00:47:aa:3d:ba:ff:
06:a7:47:ac:66:04:ed:39:80:e9:a0:82:66:8b:cc:
e3:2d:78:15:f7:7b:df:89:60:e6:6b:9d:ff:28:2b:
fc:69:f3:d5:db:ec:72:be:91:a5:14:75:50:56:6f:
1b:04:c7:7f:7e:9e:84:8c:f1:1a:68:f5:02:c3:52:
4e:d0:36:82:f0:bb:58:72:f2:4e:b4:98:b7:23:0a:
ba:19:b5:77:3f:1d:a6:55:68:39:a5:32:d8:c4:c5:
13:71:5a:04:75:3d:82:d2:3e:db:9a:7d:83:87:51:
8d:7c:41:dd:03:af:e6:d6:58:1e:c6:c9:bc:a2:3e:
75:ea:87:21:90:e6:b9:2a:90:89:88:72:9d:aa:65:
c1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:6B:CB:6B:80:70:88:77:F7:AA:33:94:36:AF:6E:75:A8:0F:5B:A1
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/DGvLa4BwiHf3qjOUNq9udagPW6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.48.0/21
193.222.64.0/19
193.223.20.0-193.223.27.255
193.223.44.0-193.223.63.255
193.246.32.0/20
193.246.208.0/20
194.11.144.0/21
IPv6:
2a02:a90::/32
Signature Algorithm: sha256WithRSAEncryption
9c:02:e3:8b:fc:6a:c2:56:25:2b:42:03:3f:eb:75:56:d6:31:
5b:fa:01:3f:85:38:28:73:7f:1c:16:26:73:d5:2c:8e:22:2c:
d3:94:18:a2:2d:3c:c1:4e:63:fe:35:67:87:e0:b2:07:83:27:
d0:8f:55:b3:59:be:65:6c:13:d5:cf:8c:71:41:58:88:dc:18:
72:ca:5b:29:ee:ac:af:fd:d8:16:03:07:1e:3b:1f:aa:7f:70:
3a:b4:a2:7e:0b:3d:5b:1d:e6:97:c4:13:3e:45:5a:e3:65:48:
78:d0:72:2e:1c:fe:d1:3e:5c:b1:97:cf:98:5a:b7:5d:d2:c9:
38:0e:00:bb:33:96:62:f3:2d:cc:1a:a2:a1:28:c4:5f:58:10:
9f:dc:ba:b7:a7:2b:c0:fa:a6:b7:32:0f:ec:34:66:91:04:85:
5a:35:74:94:cb:08:4d:ff:dd:74:7f:55:d3:ce:6e:52:51:e4:
17:87:cb:93:a8:57:12:14:e9:7e:2a:09:8a:68:82:94:a9:76:
e1:5f:78:50:a2:3a:02:a9:24:b5:6d:a7:ba:78:f8:50:35:b2:
d9:2a:47:c8:92:33:30:ce:dc:34:1a:94:fd:25:2d:b5:75:4d:
1b:0c:01:88:30:38:15:f1:57:5e:22:1b:9d:56:ad:06:3a:37:
08:ea:bc:68
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIEUMUAfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM2YmNiNmI4MDcw
ODg3N2Y3YWEzMzk0MzZhZjZlNzVhODBmNWJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO2S1TRVN9IalTD/o+jrRQzJg3GvuFa7nF6xSbGUg98+5KjU
/26ZoTDUtjCWKVdE1LKXOS0leCapxx+aXwVpmlPcSpbK5kVTKw4s5zynRgT/DtrC
Yny07up093ji9uodjLWaFsXFS+zghAaUpguDVMLyAEeqPbr/BqdHrGYE7TmA6aCC
ZovM4y14Ffd734lg5mud/ygr/Gnz1dvscr6RpRR1UFZvGwTHf36ehIzxGmj1AsNS
TtA2gvC7WHLyTrSYtyMKuhm1dz8dplVoOaUy2MTFE3FaBHU9gtI+25p9g4dRjXxB
3QOv5tZYHsbJvKI+deqHIZDmuSqQiYhynaplwZcCAwEAAaOCAkwwggJIMB0GA1Ud
DgQWBBQMa8trgHCId/eqM5Q2r251qA9boTAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L0RHdkxhNEJ3aUhmM3FqT1VOcTl1ZGFnUFc2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBi
BggrBgEFBQcBBwEB/wRTMFEwQAQCAAEwOgMEA7xcMAMEBcHeQDAMAwQCwd8UAwQC
wd8YMAwDBALB3ywDBAbB3wADBATB9iADBATB9tADBAPCC5AwDQQCAAIwBwMFACoC
CpAwDQYJKoZIhvcNAQELBQADggEBAJwC44v8asJWJStCAz/rdVbWMVv6AT+FOChz
fxwWJnPVLI4iLNOUGKItPMFOY/41Z4fgsgeDJ9CPVbNZvmVsE9XPjHFBWIjcGHLK
WynurK/92BYDBx47H6p/cDq0on4LPVsd5pfEEz5FWuNlSHjQci4c/tE+XLGXz5ha
t13SyTgOALszlmLzLcwaoqEoxF9YEJ/curenK8D6prcyD+w0ZpEEhVo1dJTLCE3/
3XR/VdPOblJR5BeHy5OoVxIU6X4qCYpogpSpduFfeFCiOgKpJLVtp7p4+FA1stkq
R8iSMzDO3DQalP0lLbV1TRsMAYgwOBXxV14iG51WrQY6NwjqvGg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:53:09 2025 by rpki-client