Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/djX6FYDo1jABUxZDmV7bWLxVHt4.roa
File: djX6FYDo1jABUxZDmV7bWLxVHt4.roa (raw, json)
Hash identifier: LuDrnpTM3Aq/ketujNj7dwbJpVevWWNYVQa+7tXXBjU=
Subject key identifier: 76:35:FA:15:80:E8:D6:30:01:53:16:43:99:5E:DB:58:BC:55:1E:DE
Certificate issuer: /CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Certificate serial: 05574F88
Authority key identifier: 43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/djX6FYDo1jABUxZDmV7bWLxVHt4.roa
Signing time: Sat 01 Jan 2022 05:54:53 +0000
ROA not before: Sat 01 Jan 2022 05:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202813
IP address blocks: 185.153.227.0/24 maxlen: 24
185.14.61.0/24 maxlen: 24
185.14.60.0/24 maxlen: 24
185.14.63.0/24 maxlen: 24
185.14.62.0/24 maxlen: 24
185.178.17.0/24 maxlen: 24
185.178.16.0/24 maxlen: 24
185.178.19.0/24 maxlen: 24
185.178.18.0/24 maxlen: 24
185.153.225.0/24 maxlen: 24
185.153.224.0/24 maxlen: 24
185.153.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89608072 (0x5574f88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Validity
Not Before: Jan 1 05:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7635fa1580e8d63001531643995edb58bc551ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3a:1f:8c:46:a5:06:ca:ce:c7:87:08:07:a5:
af:4d:14:a4:af:e4:ff:2b:f9:f1:96:98:8d:93:ce:
bb:65:9c:e4:0a:64:26:52:87:88:62:4d:c6:44:30:
46:84:b5:4d:ab:cf:f3:4e:c2:4f:fd:4c:d1:be:cc:
bd:10:61:07:1b:b8:fd:dc:85:85:9d:c0:ea:d6:78:
a3:1c:10:ea:95:5e:9d:45:63:56:8a:37:51:4b:56:
84:a3:49:88:f4:cd:e7:6f:c4:e1:06:c5:b7:32:fc:
14:8a:95:f5:30:bc:04:7c:da:74:ef:7e:62:41:ce:
8e:d9:aa:81:f7:08:48:db:0c:2a:90:71:d4:32:f5:
ab:69:f0:9a:3a:b1:af:81:65:39:9d:36:00:06:cd:
98:f7:b4:27:8d:31:23:8c:a7:8a:fa:fc:36:c9:65:
64:7d:2f:74:74:59:1d:5d:08:1a:02:fb:b8:71:a3:
b0:e0:89:60:ac:b1:18:71:70:48:fb:49:67:dd:de:
4d:09:3d:ae:a5:25:28:d3:82:63:73:d0:50:a7:39:
40:cc:ba:c3:60:d1:2d:9a:54:cc:f4:f7:05:73:dc:
12:4a:a5:4c:f7:3c:2c:9b:cd:90:58:94:8e:f9:3a:
55:45:e0:ce:6c:2f:e6:85:16:72:30:0c:8d:86:a6:
e6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:35:FA:15:80:E8:D6:30:01:53:16:43:99:5E:DB:58:BC:55:1E:DE
X509v3 Authority Key Identifier:
keyid:43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/djX6FYDo1jABUxZDmV7bWLxVHt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.60.0/22
185.153.224.0/22
185.178.16.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:7a:16:07:51:75:e1:dc:be:12:73:52:ad:f3:1f:04:fd:8c:
3b:de:d3:80:66:20:b3:aa:00:a0:25:aa:45:cb:fd:46:2a:f1:
9f:e8:da:a1:85:00:20:b4:37:f0:68:68:8a:9f:ca:7d:33:08:
e1:3b:1c:51:f9:05:d6:1c:56:0f:30:d1:d1:f2:86:ff:a8:c7:
54:bd:b4:81:b2:06:13:67:fb:2c:ef:62:1b:1e:f7:ec:6f:c5:
99:17:7c:9d:2e:8c:76:20:29:52:46:cb:c4:12:1d:7d:f4:95:
80:13:e4:4d:df:c0:21:91:2d:d2:22:cf:9d:6c:53:2f:db:ad:
82:9e:c0:3d:7e:2d:dd:0c:d5:86:3f:77:bb:35:91:85:cc:35:
39:52:90:3d:3a:12:d3:dd:7c:9a:b4:91:27:5b:ab:3d:1a:49:
67:eb:0c:f1:8d:0b:5e:b6:83:9d:82:f9:29:e8:5c:95:6e:81:
87:63:be:df:b0:e9:4c:fa:1c:c8:9f:3c:64:ef:f3:ab:92:d3:
64:ba:12:78:3e:07:6e:f9:f6:4e:df:db:62:12:aa:c6:b9:5d:
a3:32:4e:c7:b8:0a:31:08:ae:43:c9:73:af:8c:08:b9:c8:6a:
7f:1e:1b:3c:e9:9f:f1:71:71:8b:1b:03:f5:85:cd:69:39:c2:
f9:0e:f2:69
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBVdPiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzdlMDMwZDQ0NjYxYTRjMjAxZWJhMDNkZTQ1MmIwNGI4ZTdkOWU1MB4XDTIyMDEw
MTA1NTQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYzNWZhMTU4MGU4
ZDYzMDAxNTMxNjQzOTk1ZWRiNThiYzU1MWVkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk6H4xGpQbKzseHCAelr00UpK/k/yv58ZaYjZPOu2Wc5Apk
JlKHiGJNxkQwRoS1TavP807CT/1M0b7MvRBhBxu4/dyFhZ3A6tZ4oxwQ6pVenUVj
Voo3UUtWhKNJiPTN52/E4QbFtzL8FIqV9TC8BHzadO9+YkHOjtmqgfcISNsMKpBx
1DL1q2nwmjqxr4FlOZ02AAbNmPe0J40xI4ynivr8NsllZH0vdHRZHV0IGgL7uHGj
sOCJYKyxGHFwSPtJZ93eTQk9rqUlKNOCY3PQUKc5QMy6w2DRLZpUzPT3BXPcEkql
TPc8LJvNkFiUjvk6VUXgzmwv5oUWcjAMjYam5jcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR2NfoVgOjWMAFTFkOZXttYvFUe3jAfBgNVHSMEGDAWgBRDfgMNRGYaTCAe
ugPeRSsEuOfZ5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1EzNEREVVJtR2t3Z0hyb0Qza1VyQkxqbjJlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvNGJlMjU5LWJlOTYtNDBmYS04ODBlLWJiZDIxMDZmMzM3MC8x
L2RqWDZGWURvMWpBQlV4WkRtVjdiV0x4Vkh0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
NGJlMjU5LWJlOTYtNDBmYS04ODBlLWJiZDIxMDZmMzM3MC8xL1EzNEREVVJtR2t3
Z0hyb0Qza1VyQkxqbjJlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArkOPAMEArmZ4AMEArmyEDANBgkq
hkiG9w0BAQsFAAOCAQEAO3oWB1F14dy+EnNSrfMfBP2MO97TgGYgs6oAoCWqRcv9
Rirxn+jaoYUAILQ38Ghoip/KfTMI4TscUfkF1hxWDzDR0fKG/6jHVL20gbIGE2f7
LO9iGx737G/FmRd8nS6MdiApUkbLxBIdffSVgBPkTd/AIZEt0iLPnWxTL9utgp7A
PX4t3QzVhj93uzWRhcw1OVKQPToS0918mrSRJ1urPRpJZ+sM8Y0LXraDnYL5Kehc
lW6Bh2O+37DpTPocyJ88ZO/zq5LTZLoSeD4Hbvn2Tt/bYhKqxrldozJOx7gKMQiu
Q8lzr4wIuchqfx4bPOmf8XFxixsD9YXNaTnC+Q7yaQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:52 2025 by rpki-client