Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/dPiv2RDLme9hLftYLSwhSbUeoak.roa
File: dPiv2RDLme9hLftYLSwhSbUeoak.roa (raw, json)
Hash identifier: x25t9RS4oS6ioCQyQy7KNWK8UPTlHqLrozw9hKhg/ZI=
Subject key identifier: 74:F8:AF:D9:10:CB:99:EF:61:2D:FB:58:2D:2C:21:49:B5:1E:A1:A9
Certificate issuer: /CN=5ff7352d47db9785f49118092de8704a67f6520d
Certificate serial: 0A19881C
Authority key identifier: 5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/dPiv2RDLme9hLftYLSwhSbUeoak.roa
Signing time: Thu 23 Jun 2022 14:49:31 +0000
ROA not before: Thu 23 Jun 2022 14:49:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43366
IP address blocks: 45.154.8.0/24 maxlen: 24
185.241.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169445404 (0xa19881c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff7352d47db9785f49118092de8704a67f6520d
Validity
Not Before: Jun 23 14:49:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74f8afd910cb99ef612dfb582d2c2149b51ea1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:c5:f0:bf:1a:98:71:58:fe:7f:c3:c1:be:
fb:46:0d:30:a2:d4:2d:a4:c3:8c:75:ee:8d:48:db:
a7:8f:cd:26:86:41:bb:41:6a:e8:24:68:6c:8a:8a:
5e:29:e3:2c:56:f8:39:b3:99:86:69:3e:81:ef:1b:
c9:9b:5c:3d:66:64:63:e6:af:a4:99:19:c1:3a:dd:
5e:61:82:95:16:1c:f2:ed:45:b2:14:ee:dd:a4:49:
1c:01:c1:02:76:9e:9b:5f:99:20:1f:55:88:ef:83:
f5:90:c8:e1:5a:a5:54:dc:c6:46:21:f4:e1:fb:2e:
96:18:43:37:59:9f:0a:d1:ed:8f:e8:48:f3:b1:2f:
9f:56:37:f5:92:3a:86:6b:c1:53:c5:c8:96:5e:24:
a0:1d:43:6d:65:7b:41:7b:b3:c6:6b:9f:40:4a:ab:
69:75:5e:ca:67:93:14:65:c8:d5:14:07:b2:6f:44:
92:c1:36:85:7a:9c:b8:ef:6c:6f:6e:cf:f0:1e:a7:
e2:1f:05:da:b6:03:7b:ce:b2:39:16:3b:11:75:10:
00:f4:33:a6:6a:b3:5f:69:6c:35:2d:2b:97:c4:f3:
1a:18:1e:e3:43:5e:54:c7:87:a2:11:6b:64:96:b5:
bb:2a:1b:98:1f:ef:07:5f:b2:83:52:b3:bb:81:8a:
4e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F8:AF:D9:10:CB:99:EF:61:2D:FB:58:2D:2C:21:49:B5:1E:A1:A9
X509v3 Authority Key Identifier:
keyid:5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/dPiv2RDLme9hLftYLSwhSbUeoak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.8.0/24
185.241.188.0/22
Signature Algorithm: sha256WithRSAEncryption
08:eb:18:9d:00:a8:99:96:62:b7:25:20:bc:fe:91:03:6b:42:
a9:b2:58:86:58:5d:76:95:b2:2c:44:cd:65:57:4c:f6:05:58:
84:89:e2:8f:ed:48:72:06:4a:b0:ea:9c:b1:b6:2a:5f:33:6a:
a0:c2:a8:75:78:1f:d3:d5:eb:92:85:ba:43:88:0d:8c:a7:64:
da:35:78:7c:a0:f3:5e:b9:17:e8:62:be:cb:1b:de:21:21:39:
62:35:d6:79:68:fc:0c:4f:b4:f0:aa:2c:8b:94:5b:ad:78:ac:
6b:95:50:cf:7f:e2:ca:79:8f:39:a4:33:bf:ff:0e:f5:1a:3f:
5a:b6:f9:16:d4:7a:b8:e5:2a:a2:c8:7d:06:7e:1f:a4:28:d6:
20:d8:df:a4:46:1c:45:d5:a6:28:18:60:1a:0e:16:9c:40:26:
2a:eb:94:7b:c6:e5:1d:f3:0b:3d:d6:9e:3c:46:8c:60:ac:b7:
fe:4f:d7:d5:25:a6:08:1a:81:2d:b2:dd:ec:2b:fa:6e:20:16:
8b:3a:0f:f2:b5:eb:ce:2c:f7:06:a5:af:af:6d:55:6b:f1:4f:
26:29:e9:a6:5a:19:16:df:07:e3:20:ad:3a:bf:29:99:53:11:
df:37:f5:f2:64:32:9f:26:8f:d0:38:59:2a:ea:58:0f:cd:5d:
07:25:a5:26
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEChmIHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZmY3MzUyZDQ3ZGI5Nzg1ZjQ5MTE4MDkyZGU4NzA0YTY3ZjY1MjBkMB4XDTIyMDYy
MzE0NDkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRmOGFmZDkxMGNi
OTllZjYxMmRmYjU4MmQyYzIxNDliNTFlYTFhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGZxfC/GphxWP5/w8G++0YNMKLULaTDjHXujUjbp4/NJoZB
u0Fq6CRobIqKXinjLFb4ObOZhmk+ge8byZtcPWZkY+avpJkZwTrdXmGClRYc8u1F
shTu3aRJHAHBAnaem1+ZIB9ViO+D9ZDI4VqlVNzGRiH04fsulhhDN1mfCtHtj+hI
87Evn1Y39ZI6hmvBU8XIll4koB1DbWV7QXuzxmufQEqraXVeymeTFGXI1RQHsm9E
ksE2hXqcuO9sb27P8B6n4h8F2rYDe86yORY7EXUQAPQzpmqzX2lsNS0rl8TzGhge
40NeVMeHohFrZJa1uyobmB/vB1+yg1Kzu4GKTk8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR0+K/ZEMuZ72Et+1gtLCFJtR6hqTAfBgNVHSMEGDAWgBRf9zUtR9uXhfSR
GAkt6HBKZ/ZSDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hfYzFMVWZibDRYMGtSZ0pMZWh3U21mMlVnMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZDVkMmIzLTdjNDItNDc4NS05NTk2LTUxNzQ4MWQwZjg1MC8x
L2RQaXYyUkRMbWU5aExmdFlMU3doU2JVZW9hay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZDVkMmIzLTdjNDItNDc4NS05NTk2LTUxNzQ4MWQwZjg1MC8xL1hfYzFMVWZibDRY
MGtSZ0pMZWh3U21mMlVnMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2aCAMEArnxvDANBgkqhkiG9w0B
AQsFAAOCAQEACOsYnQComZZityUgvP6RA2tCqbJYhlhddpWyLETNZVdM9gVYhIni
j+1IcgZKsOqcsbYqXzNqoMKodXgf09XrkoW6Q4gNjKdk2jV4fKDzXrkX6GK+yxve
ISE5YjXWeWj8DE+08Kosi5RbrXisa5VQz3/iynmPOaQzv/8O9Ro/Wrb5FtR6uOUq
osh9Bn4fpCjWINjfpEYcRdWmKBhgGg4WnEAmKuuUe8blHfMLPdaePEaMYKy3/k/X
1SWmCBqBLbLd7Cv6biAWizoP8rXrziz3BqWvr21Va/FPJinpploZFt8H4yCtOr8p
mVMR3zf18mQynyaP0DhZKupYD81dByWlJg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:41 2025 by rpki-client