Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6bf232-1a28-4aa4-8ebd-bf7fa94d2a4e/1/DuB5pyPkNXczWxLu-FYS1mTN-HI.roa
File: DuB5pyPkNXczWxLu-FYS1mTN-HI.roa (raw, json)
Hash identifier: MG5MFXcP77UhS/dOYYMGPB/ecPwIUl6V9cOg4EbZ4/w=
Subject key identifier: 0E:E0:79:A7:23:E4:35:77:33:5B:12:EE:F8:56:12:D6:64:CD:F8:72
Certificate issuer: /CN=9bc7381b82f975abf19d7d501a8d90bcdc439f06
Certificate serial: 0186931D2460FE15DFE68E63B380AD558B76
Authority key identifier: 9B:C7:38:1B:82:F9:75:AB:F1:9D:7D:50:1A:8D:90:BC:DC:43:9F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8c4G4L5davxnX1QGo2QvNxDnwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6bf232-1a28-4aa4-8ebd-bf7fa94d2a4e/1/DuB5pyPkNXczWxLu-FYS1mTN-HI.roa
Signing time: Mon 27 Feb 2023 13:43:25 +0000
ROA not before: Mon 27 Feb 2023 13:43:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199634
IP address blocks: 176.57.72.0/21 maxlen: 21
185.8.124.0/22 maxlen: 22
2a02:d840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:1d:24:60:fe:15:df:e6:8e:63:b3:80:ad:55:8b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc7381b82f975abf19d7d501a8d90bcdc439f06
Validity
Not Before: Feb 27 13:43:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ee079a723e43577335b12eef85612d664cdf872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:c6:ba:9f:43:c0:92:c3:6c:c7:4e:ac:bb:
b5:eb:a4:ec:37:99:bd:00:51:34:86:3f:d7:cb:07:
b9:8f:95:ae:6d:a4:19:f3:20:1b:46:be:02:72:f1:
52:29:0c:b4:68:17:c7:07:77:6e:6a:fd:4f:ac:99:
74:d1:3c:78:cf:9c:5f:77:8f:da:66:c6:ad:c1:d6:
61:b0:ea:bb:85:91:d1:96:cf:af:56:f5:f4:cc:b6:
ca:82:66:0b:e8:c8:49:5a:a1:cf:d1:b7:29:5d:b2:
36:0a:f2:90:b0:2f:7a:5e:d5:93:80:fd:5f:41:16:
cb:05:eb:69:51:d2:03:f3:08:a0:5d:11:3a:21:79:
78:b9:ab:70:09:e8:81:c7:ab:74:93:7a:f4:19:d0:
ca:c2:0a:8c:c3:6c:ab:2d:ec:80:10:01:6e:46:8c:
90:79:95:f9:71:5e:75:74:98:32:a4:01:fc:45:e9:
35:aa:18:26:89:a6:02:8e:f8:3e:42:ba:4f:aa:9e:
bf:eb:e6:45:13:ef:aa:ff:c1:81:46:5f:9f:4d:63:
b7:cf:95:15:c3:fa:f8:32:b0:1d:65:06:2a:ab:b3:
23:f9:0c:36:71:26:39:c3:e7:b5:4b:d5:2f:27:ee:
33:e3:6e:aa:0d:7c:8e:13:cf:34:72:a9:a1:9c:fa:
67:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E0:79:A7:23:E4:35:77:33:5B:12:EE:F8:56:12:D6:64:CD:F8:72
X509v3 Authority Key Identifier:
keyid:9B:C7:38:1B:82:F9:75:AB:F1:9D:7D:50:1A:8D:90:BC:DC:43:9F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8c4G4L5davxnX1QGo2QvNxDnwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6bf232-1a28-4aa4-8ebd-bf7fa94d2a4e/1/DuB5pyPkNXczWxLu-FYS1mTN-HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6bf232-1a28-4aa4-8ebd-bf7fa94d2a4e/1/m8c4G4L5davxnX1QGo2QvNxDnwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.72.0/21
185.8.124.0/22
IPv6:
2a02:d840::/29
Signature Algorithm: sha256WithRSAEncryption
80:42:e2:1e:bd:b8:d7:f2:5a:b6:e9:e6:5b:ef:0f:8e:62:7f:
e7:ea:33:e5:b1:65:f9:8c:ea:de:5b:7e:11:9e:9c:7b:dd:eb:
ce:91:06:44:f7:d3:3f:85:b9:aa:bb:41:4a:b5:9e:39:27:06:
5d:7e:18:3c:7c:3c:2c:a3:8f:dd:ee:6d:0a:41:36:8d:55:34:
ed:c2:17:0f:87:50:00:bd:d4:19:99:96:df:59:e5:92:9a:2e:
45:0f:20:25:d4:c3:03:fc:7c:5c:58:4e:35:b5:5f:a6:3d:c6:
59:4c:fa:b2:28:3a:00:53:fd:12:bf:34:4c:5e:df:6b:3e:46:
dd:76:bf:ab:2b:55:b8:a2:e6:eb:7e:48:dd:89:47:71:0e:2c:
9a:06:d9:f7:a1:f6:f5:9d:5c:fa:5b:36:b4:18:98:ac:b8:c7:
d5:83:8d:20:bf:ff:1d:40:f6:81:36:de:3d:fa:eb:dc:c2:63:
21:e3:b9:1c:9d:e9:d1:23:7d:ae:a6:28:df:66:5c:a3:87:01:
b4:8f:77:64:ae:93:b5:07:1a:45:ee:45:4c:e9:80:15:37:ec:
29:b6:6d:f6:7b:4b:d1:78:8b:98:28:de:a5:92:5e:bd:b2:cd:
c9:00:1d:52:08:ba:1f:10:24:10:a4:a3:57:8d:0b:d5:c4:a2:
85:4c:e4:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYaTHSRg/hXf5o5js4CtVYt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzczODFiODJmOTc1YWJmMTlkN2Q1MDFhOGQ5MGJjZGM0
MzlmMDYwHhcNMjMwMjI3MTM0MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWUwNzlhNzIzZTQzNTc3MzM1YjEyZWVmODU2MTJkNjY0Y2RmODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsofGup9DwJLDbMdOrLu166TsN5m9
AFE0hj/Xywe5j5WubaQZ8yAbRr4CcvFSKQy0aBfHB3duav1PrJl00Tx4z5xfd4/a
ZsatwdZhsOq7hZHRls+vVvX0zLbKgmYL6MhJWqHP0bcpXbI2CvKQsC96XtWTgP1f
QRbLBetpUdID8wigXRE6IXl4uatwCeiBx6t0k3r0GdDKwgqMw2yrLeyAEAFuRoyQ
eZX5cV51dJgypAH8Rek1qhgmiaYCjvg+QrpPqp6/6+ZFE++q/8GBRl+fTWO3z5UV
w/r4MrAdZQYqq7Mj+Qw2cSY5w+e1S9UvJ+4z426qDXyOE880cqmhnPpnGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA7geacj5DV3M1sS7vhWEtZkzfhyMB8GA1UdIwQY
MBaAFJvHOBuC+XWr8Z19UBqNkLzcQ58GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThjNEc0TDVkYXZ4blgxUUdvMlF2TnhEbndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82YmYyMzItMWEyOC00YWE0LThlYmQt
YmY3ZmE5NGQyYTRlLzEvRHVCNXB5UGtOWGN6V3hMdS1GWVMxbVROLUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82YmYyMzItMWEyOC00YWE0LThlYmQtYmY3ZmE5NGQyYTRl
LzEvbThjNEc0TDVkYXZ4blgxUUdvMlF2TnhEbndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsDlIAwQC
uQh8MA0EAgACMAcDBQMqAthAMA0GCSqGSIb3DQEBCwUAA4IBAQCAQuIevbjX8lq2
6eZb7w+OYn/n6jPlsWX5jOreW34Rnpx73evOkQZE99M/hbmqu0FKtZ45JwZdfhg8
fDwso4/d7m0KQTaNVTTtwhcPh1AAvdQZmZbfWeWSmi5FDyAl1MMD/HxcWE41tV+m
PcZZTPqyKDoAU/0SvzRMXt9rPkbddr+rK1W4oubrfkjdiUdxDiyaBtn3ofb1nVz6
Wza0GJisuMfVg40gv/8dQPaBNt49+uvcwmMh47kcnenRI32upijfZlyjhwG0j3dk
rpO1BxpF7kVM6YAVN+wptm32e0vReIuYKN6lkl69ss3JAB1SCLofECQQpKNXjQvV
xKKFTOQI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:07 2025 by rpki-client