Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/djFZgEiLwfHg5xTflUo5vI7pZtM.roa
File: djFZgEiLwfHg5xTflUo5vI7pZtM.roa (raw, json)
Hash identifier: UzjEdsOMtk5skNSkAFt9Nf19vSb2Yhw2yHkkqUwSRgI=
Subject key identifier: 76:31:59:80:48:8B:C1:F1:E0:E7:14:DF:95:4A:39:BC:8E:E9:66:D3
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 0185729EFB1D09DED3A1588ADFFF73E10CDB
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/djFZgEiLwfHg5xTflUo5vI7pZtM.roa
Signing time: Mon 02 Jan 2023 13:14:59 +0000
ROA not before: Mon 02 Jan 2023 13:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50661
IP address blocks: 192.166.32.0/22 maxlen: 22
109.197.96.0/21 maxlen: 22
109.207.144.0/20 maxlen: 21
185.167.32.0/22 maxlen: 23
195.191.180.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:fb:1d:09:de:d3:a1:58:8a:df:ff:73:e1:0c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Jan 2 13:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76315980488bc1f1e0e714df954a39bc8ee966d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:c8:33:21:0e:2c:8d:38:f3:59:84:2a:13:
bb:ea:5d:32:41:53:3b:98:2c:3c:af:01:e5:e3:35:
39:89:3a:70:71:5d:f2:0d:19:c1:98:0a:27:bb:87:
cf:05:5f:0c:4b:2c:cf:08:52:ab:dd:c3:1b:a9:62:
be:ea:eb:41:55:85:0a:ac:b0:84:9f:b2:bd:46:b0:
6b:1e:bc:6b:47:89:ca:ba:72:f7:c6:1d:c0:2c:8e:
51:36:ff:ea:18:f4:92:00:b0:45:6b:16:ee:4a:1e:
2a:01:e4:05:ff:ba:22:cf:68:a8:df:40:96:97:8a:
08:cf:b1:95:05:1b:2d:14:d7:0c:7a:74:cb:eb:a9:
5e:1b:10:05:fb:99:d7:a6:0a:38:32:52:11:a3:e3:
3f:69:0f:4d:37:30:62:31:02:3e:3f:64:12:54:86:
8c:7b:b9:d7:b4:da:5d:f1:38:d8:7d:67:66:4b:90:
0e:21:47:cd:5a:25:e0:db:06:6e:93:41:22:ed:27:
96:c6:89:ad:88:a1:c7:1b:fd:1c:66:84:a4:06:f2:
22:5d:05:72:7b:d6:90:d9:d3:4a:18:ce:d4:9a:9e:
d2:f2:84:07:4d:69:af:b4:fb:1b:ed:60:ef:e6:96:
e2:7e:f3:92:24:7f:f7:ca:00:4b:63:29:af:50:cf:
67:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:31:59:80:48:8B:C1:F1:E0:E7:14:DF:95:4A:39:BC:8E:E9:66:D3
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/djFZgEiLwfHg5xTflUo5vI7pZtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.96.0/21
109.207.144.0/20
185.167.32.0/22
192.166.32.0/22
195.191.180.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:ca:18:82:d4:d2:cd:0d:7b:69:1c:c5:5f:83:80:4d:ab:47:
c2:77:14:f1:9e:b9:8f:19:35:b1:25:61:0f:26:41:43:ea:32:
98:0b:e0:98:f6:47:b3:7d:cf:b4:ec:8b:76:4b:03:36:6f:1d:
06:50:9e:fa:c0:96:18:d6:e1:28:62:b3:12:16:14:cd:27:95:
d6:33:8e:c9:13:fd:c5:30:0a:4f:10:94:88:d9:9c:1c:39:45:
c7:37:37:bb:ca:a0:42:7b:3f:46:99:d0:7e:5c:56:f3:f4:7e:
d8:38:17:b0:a6:5a:2b:25:88:1d:24:71:2e:8d:22:a7:7d:58:
85:63:1d:47:6c:7f:70:da:99:e1:40:fc:c9:68:da:db:40:82:
02:64:7c:ea:0f:cc:63:fb:c4:22:7d:17:78:d3:de:97:5e:05:
6d:8a:0b:43:f1:1c:32:d6:c6:21:97:c9:44:9e:7b:37:85:f2:
2b:87:9d:16:9e:d6:4b:93:1f:be:a4:f9:8c:85:86:9d:25:de:
33:be:6e:81:11:fe:52:cd:d2:1d:09:43:db:24:a0:01:f6:12:
42:89:dd:fe:eb:92:48:ae:7a:04:40:f2:4e:f6:78:c5:1b:80:
17:81:a4:2b:83:d4:5d:d5:dc:58:00:7b:88:fd:75:1b:1e:8d:
98:e8:27:16
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVynvsdCd7ToViK3/9z4QzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjMwMTAyMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjMxNTk4MDQ4OGJjMWYxZTBlNzE0ZGY5NTRhMzliYzhlZTk2NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZjIMyEOLI0481mEKhO76l0yQVM7
mCw8rwHl4zU5iTpwcV3yDRnBmAonu4fPBV8MSyzPCFKr3cMbqWK+6utBVYUKrLCE
n7K9RrBrHrxrR4nKunL3xh3ALI5RNv/qGPSSALBFaxbuSh4qAeQF/7oiz2io30CW
l4oIz7GVBRstFNcMenTL66leGxAF+5nXpgo4MlIRo+M/aQ9NNzBiMQI+P2QSVIaM
e7nXtNpd8TjYfWdmS5AOIUfNWiXg2wZuk0Ei7SeWxomtiKHHG/0cZoSkBvIiXQVy
e9aQ2dNKGM7Ump7S8oQHTWmvtPsb7WDv5pbifvOSJH/3ygBLYymvUM9nBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHYxWYBIi8Hx4OcU35VKObyO6WbTMB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvZGpGWmdFaUx3ZkhnNXhUZmxVbzV2STdwWnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDbcVgAwQE
bc+QAwQCuacgAwQCwKYgAwQBw7+0MA0GCSqGSIb3DQEBCwUAA4IBAQC7yhiC1NLN
DXtpHMVfg4BNq0fCdxTxnrmPGTWxJWEPJkFD6jKYC+CY9kezfc+07It2SwM2bx0G
UJ76wJYY1uEoYrMSFhTNJ5XWM47JE/3FMApPEJSI2ZwcOUXHNze7yqBCez9GmdB+
XFbz9H7YOBewplorJYgdJHEujSKnfViFYx1HbH9w2pnhQPzJaNrbQIICZHzqD8xj
+8QifRd4096XXgVtigtD8Rwy1sYhl8lEnns3hfIrh50WntZLkx++pPmMhYadJd4z
vm6BEf5SzdIdCUPbJKAB9hJCid3+65JIrnoEQPJO9njFG4AXgaQrg9Rd1dxYAHuI
/XUbHo2Y6CcW
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:04:01 2025 by rpki-client