Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/Dtz5vZaPjAZdsNsBdL5gNj_hoFQ.roa
File: Dtz5vZaPjAZdsNsBdL5gNj_hoFQ.roa (raw, json)
Hash identifier: bt8LYTs2EndtcdrFGn8Bv1mtssYn9sg5yIvUF2tN8lA=
Subject key identifier: 0E:DC:F9:BD:96:8F:8C:06:5D:B0:DB:01:74:BE:60:36:3F:E1:A0:54
Certificate issuer: /CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Certificate serial: 018795494C20A7AC9092B2E4FAC943464549
Authority key identifier: 1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/Dtz5vZaPjAZdsNsBdL5gNj_hoFQ.roa
Signing time: Tue 18 Apr 2023 16:53:41 +0000
ROA not before: Tue 18 Apr 2023 16:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 185.124.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:49:4c:20:a7:ac:90:92:b2:e4:fa:c9:43:46:45:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Validity
Not Before: Apr 18 16:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0edcf9bd968f8c065db0db0174be60363fe1a054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:6c:45:bc:b0:54:13:e9:6d:0f:77:e3:c1:
67:97:00:9c:ce:22:e0:03:4d:13:82:cb:da:03:a5:
14:fb:2b:e1:0d:83:0d:22:31:fd:c7:98:80:7c:a9:
6d:09:a9:74:01:ea:22:b3:61:e3:01:53:67:40:d9:
16:f1:99:f2:e6:ab:a5:29:6b:9f:24:a7:3b:34:07:
20:1e:f7:ae:c2:56:17:86:10:d1:9d:05:31:14:3c:
46:3b:7d:ea:6b:e8:30:aa:1b:80:69:5c:16:8c:7e:
ef:07:e7:da:51:9a:af:91:fd:30:ad:18:00:a4:a1:
9f:02:5c:03:a7:c4:02:a1:5f:3a:94:64:99:14:ee:
78:f7:ac:92:f0:ba:e8:40:42:3c:75:30:bd:87:3c:
9d:5f:4e:ae:19:fc:21:a7:11:09:7e:62:76:b1:75:
6d:c7:59:04:b5:fa:dc:8a:69:5c:3e:ae:d4:cc:e1:
41:b0:3b:4c:fa:b0:b8:13:6c:be:8e:1a:1f:23:ac:
b6:37:70:6e:82:1c:bb:3f:15:44:7a:16:e9:db:07:
73:ab:a5:7d:4c:54:1c:5b:fe:a8:2b:8a:56:33:b5:
f2:6d:02:71:ad:c0:d1:6d:63:ae:5f:2c:e0:98:72:
3f:9b:7e:d0:cf:0f:1a:7e:07:f6:cb:26:cb:5e:2c:
93:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DC:F9:BD:96:8F:8C:06:5D:B0:DB:01:74:BE:60:36:3F:E1:A0:54
X509v3 Authority Key Identifier:
keyid:1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/Dtz5vZaPjAZdsNsBdL5gNj_hoFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/HpUuiDc295y9nFZHBL88NmIbjso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.132.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:12:90:47:fe:55:98:c1:0d:39:2f:ef:16:c6:95:bd:55:b0:
88:d6:8c:df:ce:1d:63:4d:89:46:4f:81:71:e6:fe:ca:10:51:
fb:6a:3c:13:5e:a4:a2:1f:62:3d:22:ab:08:d4:c8:6e:44:8c:
be:bc:55:4d:36:ba:5e:fb:b0:93:28:be:17:5b:db:1c:7c:b8:
31:91:da:05:0b:8f:e4:dd:95:6e:8b:40:64:ce:10:65:a3:9f:
f6:fc:0a:ac:32:a0:12:b2:04:48:bf:da:a5:d2:cf:81:5c:8c:
46:77:52:7f:5f:50:44:a5:64:74:05:ed:b6:64:e5:06:b2:2f:
5d:8f:1c:87:27:c9:82:30:84:3f:10:61:8d:2f:e3:58:b9:42:
ad:f1:76:27:b8:1f:28:b2:af:2c:4c:5e:8b:22:df:fc:08:f9:
b2:ee:09:49:17:69:c1:47:27:a4:f7:21:5b:83:9b:f3:0a:71:
22:91:78:84:d6:b2:98:47:2c:1f:0b:1d:45:33:ef:02:9f:33:
a0:f5:11:63:d1:8f:92:1f:31:3b:83:36:0d:52:64:cb:d4:47:
75:97:c3:97:86:ff:42:99:90:f4:bc:6d:3a:eb:31:69:e4:98:
94:57:58:bc:2f:e1:3d:94:94:1d:9b:cc:09:41:f8:0c:12:bc:
98:b3:ec:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeVSUwgp6yQkrLk+slDRkVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTUyZTg4MzczNmY3OWNiZDljNTY0NzA0YmYzYzM2NjIx
YjhlY2EwHhcNMjMwNDE4MTY1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRjZjliZDk2OGY4YzA2NWRiMGRiMDE3NGJlNjAzNjNmZTFhMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjlsRbywVBPpbQ9348FnlwCcziLg
A00TgsvaA6UU+yvhDYMNIjH9x5iAfKltCal0Aeois2HjAVNnQNkW8Zny5qulKWuf
JKc7NAcgHveuwlYXhhDRnQUxFDxGO33qa+gwqhuAaVwWjH7vB+faUZqvkf0wrRgA
pKGfAlwDp8QCoV86lGSZFO5496yS8LroQEI8dTC9hzydX06uGfwhpxEJfmJ2sXVt
x1kEtfrcimlcPq7UzOFBsDtM+rC4E2y+jhofI6y2N3Bughy7PxVEehbp2wdzq6V9
TFQcW/6oK4pWM7XybQJxrcDRbWOuXyzgmHI/m37Qzw8afgf2yybLXiyTbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7c+b2Wj4wGXbDbAXS+YDY/4aBUMB8GA1UdIwQY
MBaAFB6VLog3NvecvZxWRwS/PDZiG47KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBVdWlEYzI5NXk5bkZaSEJMODhObUlianNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iMTQwYWUtYzA0Ny00ZmY2LTg2NGYt
MzU2MDM1NjU3MWE3LzEvRHR6NXZaYVBqQVpkc05zQmRMNWdOal9ob0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iMTQwYWUtYzA0Ny00ZmY2LTg2NGYtMzU2MDM1NjU3MWE3
LzEvSHBVdWlEYzI5NXk5bkZaSEJMODhObUlianNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXyEMA0G
CSqGSIb3DQEBCwUAA4IBAQBfEpBH/lWYwQ05L+8WxpW9VbCI1ozfzh1jTYlGT4Fx
5v7KEFH7ajwTXqSiH2I9IqsI1MhuRIy+vFVNNrpe+7CTKL4XW9scfLgxkdoFC4/k
3ZVui0BkzhBlo5/2/AqsMqASsgRIv9ql0s+BXIxGd1J/X1BEpWR0Be22ZOUGsi9d
jxyHJ8mCMIQ/EGGNL+NYuUKt8XYnuB8osq8sTF6LIt/8CPmy7glJF2nBRyek9yFb
g5vzCnEikXiE1rKYRywfCx1FM+8CnzOg9RFj0Y+SHzE7gzYNUmTL1Ed1l8OXhv9C
mZD0vG066zFp5JiUV1i8L+E9lJQdm8wJQfgMEryYs+wm
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:58:17 2025 by rpki-client