Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/DKMJgR5mlLnQAZYLd127bGnDnzM.roa
File: DKMJgR5mlLnQAZYLd127bGnDnzM.roa (raw, json)
Hash identifier: K6tSCDgUmfe9qxSiH6AREojDm9Q0+WuIid/dCu76n1A=
Subject key identifier: 0C:A3:09:81:1E:66:94:B9:D0:01:96:0B:77:5D:BB:6C:69:C3:9F:33
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B0E8818FAAD62DDB9B98B93008BE8
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/DKMJgR5mlLnQAZYLd127bGnDnzM.roa
Signing time: Sun 01 Jan 2023 13:35:07 +0000
ROA not before: Sun 01 Jan 2023 13:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199642
IP address blocks: 195.65.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:0e:88:18:fa:ad:62:dd:b9:b9:8b:93:00:8b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ca309811e6694b9d001960b775dbb6c69c39f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7b:d2:2b:37:e4:a7:7e:c9:bd:3f:75:43:0d:
fe:5a:0b:f1:76:b3:73:d7:94:70:65:9b:db:4c:6a:
16:2e:7a:f7:37:a7:f8:e8:09:31:3c:5f:4e:66:79:
9d:db:d5:83:c9:6c:2a:1e:19:8c:9a:56:13:3e:71:
05:2b:b9:a1:fc:a0:6b:e7:2d:aa:49:65:4a:04:4e:
f7:a6:f0:52:d8:97:47:53:f5:31:41:e7:16:bf:59:
3c:65:7c:70:e0:41:8a:4f:56:80:f7:b2:56:b2:17:
e0:09:cc:7b:87:54:46:d6:9d:ed:31:40:ef:30:c6:
91:f2:16:02:ea:13:49:ed:a2:39:e2:73:ba:98:d2:
77:e0:62:a5:0d:28:d8:c0:b8:c5:02:be:23:ae:c1:
c8:d2:ae:2a:93:4a:7d:79:19:53:98:2c:20:ce:14:
20:43:da:c7:e1:81:3e:cb:8b:52:98:de:8c:58:2d:
1a:55:8c:39:60:27:1a:0b:bd:b2:dd:2b:2b:c9:da:
4b:5d:bb:fe:ed:4d:f7:e9:98:10:83:aa:f3:d4:71:
9e:c1:c2:50:19:8a:0f:ac:bd:c8:2a:60:01:86:50:
49:d2:0c:61:bb:b7:bb:19:c3:d2:a2:c3:af:39:05:
ee:e2:72:5c:c9:32:ee:d5:84:3e:f3:33:f2:a6:ef:
f2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A3:09:81:1E:66:94:B9:D0:01:96:0B:77:5D:BB:6C:69:C3:9F:33
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/DKMJgR5mlLnQAZYLd127bGnDnzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.0.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:b3:60:9e:a2:a0:9f:40:75:a8:c2:38:dd:9f:f8:a4:40:ea:
13:88:61:42:82:3f:42:35:0a:34:fb:da:87:56:d1:c5:31:58:
08:40:37:92:d4:b2:b9:09:85:37:2e:1b:cb:cb:22:cc:73:e1:
8e:e4:82:cf:97:59:e6:0d:f2:33:bb:30:95:eb:a6:e6:07:2a:
56:bc:85:9c:6b:e8:7a:33:ea:d6:8a:aa:6d:49:e7:18:43:40:
4e:bf:b6:a2:af:1a:f1:99:e7:22:ab:1d:b1:74:ca:e1:74:0f:
b9:07:ef:c5:6b:21:9b:fc:10:6f:21:16:8a:f0:ea:46:06:2e:
ea:66:53:e0:d9:5c:09:90:52:98:29:bd:e2:fb:2f:12:be:6c:
ca:9d:dd:e4:29:90:41:ff:48:59:f3:3f:3b:84:9a:32:fa:05:
7c:8b:1b:a8:29:c1:53:9d:77:47:7b:8d:ce:8c:a0:48:c5:1a:
69:a1:ba:db:99:ff:1e:38:1a:01:3f:44:59:4b:ef:b8:2c:4a:
b7:df:ef:da:b6:bb:29:46:42:07:4f:25:1e:cd:55:50:8c:54:
dd:75:d0:0b:96:6a:40:0d:62:a0:ac:af:d1:dc:fc:40:88:70:
f9:83:5a:dc:83:17:bb:d9:77:8e:a2:bd:2e:05:a3:60:35:e0:
2e:87:0c:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiw6IGPqtYt25uYuTAIvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2EzMDk4MTFlNjY5NGI5ZDAwMTk2MGI3NzVkYmI2YzY5YzM5ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHvSKzfkp37JvT91Qw3+WgvxdrNz
15RwZZvbTGoWLnr3N6f46AkxPF9OZnmd29WDyWwqHhmMmlYTPnEFK7mh/KBr5y2q
SWVKBE73pvBS2JdHU/UxQecWv1k8ZXxw4EGKT1aA97JWshfgCcx7h1RG1p3tMUDv
MMaR8hYC6hNJ7aI54nO6mNJ34GKlDSjYwLjFAr4jrsHI0q4qk0p9eRlTmCwgzhQg
Q9rH4YE+y4tSmN6MWC0aVYw5YCcaC72y3SsrydpLXbv+7U336ZgQg6rz1HGewcJQ
GYoPrL3IKmABhlBJ0gxhu7e7GcPSosOvOQXu4nJcyTLu1YQ+8zPypu/yywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyjCYEeZpS50AGWC3ddu2xpw58zMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvREtNSmdSNW1sTG5RQVpZTGQxMjdiR25EbnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0EAMA0G
CSqGSIb3DQEBCwUAA4IBAQCas2CeoqCfQHWowjjdn/ikQOoTiGFCgj9CNQo0+9qH
VtHFMVgIQDeS1LK5CYU3LhvLyyLMc+GO5ILPl1nmDfIzuzCV66bmBypWvIWca+h6
M+rWiqptSecYQ0BOv7airxrxmeciqx2xdMrhdA+5B+/FayGb/BBvIRaK8OpGBi7q
ZlPg2VwJkFKYKb3i+y8SvmzKnd3kKZBB/0hZ8z87hJoy+gV8ixuoKcFTnXdHe43O
jKBIxRppobrbmf8eOBoBP0RZS++4LEq33+/atrspRkIHTyUezVVQjFTdddALlmpA
DWKgrK/R3PxAiHD5g1rcgxe72XeOor0uBaNgNeAuhwzS
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:35:06 2025 by rpki-client