Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/X_Pof9kRKi8fUYkaL62s5xwf3jI.roa
File: X_Pof9kRKi8fUYkaL62s5xwf3jI.roa (raw, json)
Hash identifier: dsO6aJCLhUGMZzyyNZiPgBamVlAOwFjn+9ycPSwxfO8=
Subject key identifier: 5F:F3:E8:7F:D9:11:2A:2F:1F:51:89:1A:2F:AD:AC:E7:1C:1F:DE:32
Certificate issuer: /CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Certificate serial: 018215323C337B78FEE29AFE6E39B86BE2AB
Authority key identifier: DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/X_Pof9kRKi8fUYkaL62s5xwf3jI.roa
Signing time: Tue 19 Jul 2022 06:43:09 +0000
ROA not before: Tue 19 Jul 2022 06:43:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39090
IP address blocks: 185.116.17.0/24 maxlen: 24
185.116.19.0/24 maxlen: 24
84.39.64.0/19 maxlen: 19
2a02:d180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:15:32:3c:33:7b:78:fe:e2:9a:fe:6e:39:b8:6b:e2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Validity
Not Before: Jul 19 06:43:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ff3e87fd9112a2f1f51891a2fadace71c1fde32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:0e:be:2b:d2:e2:ca:6d:0a:71:84:74:70:
bc:f0:66:f8:78:2c:87:95:5f:74:8e:e3:cb:b7:12:
b4:c2:09:be:09:73:2d:eb:71:ea:6c:77:c8:2f:97:
a7:b2:b8:e3:b8:0f:0e:2e:b3:78:a0:6a:43:ef:f0:
4e:ce:68:e5:56:98:1e:e5:d7:62:f1:52:db:8a:db:
36:63:7e:1b:0e:31:05:1a:0c:8c:93:c9:4c:5f:ba:
65:9e:52:33:d0:a9:09:89:1d:cb:62:98:5d:f8:f8:
68:08:ee:db:05:8b:d4:60:d4:35:79:6f:1a:9a:b6:
0f:25:49:f9:46:02:7b:84:bd:0f:f1:a5:8f:8b:7a:
66:57:38:77:f5:e0:e0:ef:c9:8c:a2:ea:1f:38:43:
7f:35:da:7c:8b:4f:93:a5:0c:c9:51:b0:36:b9:72:
5e:dd:26:d4:b8:48:e3:4c:6c:62:07:d4:dd:88:42:
52:7a:ac:5d:c8:4b:5c:ba:4b:f6:3e:65:69:ed:3e:
c9:19:60:90:fe:f8:11:58:1c:e5:71:d1:09:f7:3f:
bc:13:0e:7a:e9:b3:63:d1:75:c2:aa:d2:94:8e:6e:
78:6f:db:7b:09:e7:8f:88:f4:62:f5:18:9c:b2:b7:
d2:bf:55:d8:15:d9:36:47:16:1d:0b:11:c1:df:8f:
eb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F3:E8:7F:D9:11:2A:2F:1F:51:89:1A:2F:AD:AC:E7:1C:1F:DE:32
X509v3 Authority Key Identifier:
keyid:DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/X_Pof9kRKi8fUYkaL62s5xwf3jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/3SppXEEiHdjt3PxcS1zAt4nLlTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.64.0/19
185.116.17.0/24
185.116.19.0/24
IPv6:
2a02:d180::/29
Signature Algorithm: sha256WithRSAEncryption
81:e3:9e:87:3e:36:47:2c:98:79:9e:b7:ac:9f:45:51:08:1e:
aa:0b:30:da:77:97:a8:ce:93:bd:4b:8c:1e:e6:cd:be:8c:2e:
bb:fe:29:fc:ed:37:85:7b:2f:13:64:7d:63:3b:64:e6:90:c8:
bd:b1:17:be:57:ee:1b:08:75:c9:9d:eb:7a:46:90:30:31:cf:
f6:b8:d5:d7:6b:64:31:b4:ae:96:78:55:fb:e9:fa:4b:9f:e3:
11:98:ba:db:ca:4e:e6:0f:c2:af:be:05:a4:2c:1c:b7:a6:74:
ff:74:4b:93:c1:e8:44:44:da:58:03:85:57:ad:b6:5c:c0:a8:
03:d3:51:80:be:11:03:9f:e1:d4:96:db:77:76:3f:c3:d4:c7:
31:ff:07:21:f5:5b:0c:5b:5b:37:f7:45:f4:75:55:04:c7:48:
b6:ae:7c:22:14:4b:6b:6b:d3:c3:e2:b1:20:b2:39:e0:4f:7c:
c3:4f:18:62:ac:97:97:aa:ce:e7:e1:80:32:a0:74:b8:4a:d0:
5b:ca:60:53:b3:fc:20:b7:f8:f4:97:4c:38:f2:54:6e:cf:da:
a2:9f:ee:9d:69:b8:a7:60:2a:53:42:7e:3a:01:ec:68:ec:cb:
16:7a:fc:fb:da:0b:e4:47:d0:df:4c:23:a4:36:88:ca:4b:0f:
51:d8:66:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYIVMjwze3j+4pr+bjm4a+KrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMmE2OTVjNDEyMjFkZDhlZGRjZmM1YzRiNWNjMGI3ODlj
Yjk1M2IwHhcNMjIwNzE5MDY0MzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmYzZTg3ZmQ5MTEyYTJmMWY1MTg5MWEyZmFkYWNlNzFjMWZkZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt70OvivS4sptCnGEdHC88Gb4eCyH
lV90juPLtxK0wgm+CXMt63HqbHfIL5ensrjjuA8OLrN4oGpD7/BOzmjlVpge5ddi
8VLbits2Y34bDjEFGgyMk8lMX7plnlIz0KkJiR3LYphd+PhoCO7bBYvUYNQ1eW8a
mrYPJUn5RgJ7hL0P8aWPi3pmVzh39eDg78mMouofOEN/Ndp8i0+TpQzJUbA2uXJe
3SbUuEjjTGxiB9TdiEJSeqxdyEtcukv2PmVp7T7JGWCQ/vgRWBzlcdEJ9z+8Ew56
6bNj0XXCqtKUjm54b9t7CeePiPRi9RicsrfSv1XYFdk2RxYdCxHB34/rEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF/z6H/ZESovH1GJGi+trOccH94yMB8GA1UdIwQY
MBaAFN0qaVxBIh3Y7dz8XEtcwLeJy5U7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEt
MjA4ZGMwNjhkNTNjLzEvWF9Qb2Y5a1JLaThmVVlrYUw2MnM1eHdmM2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEtMjA4ZGMwNjhkNTNj
LzEvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVCdAAwQA
uXQRAwQAuXQTMA0EAgACMAcDBQMqAtGAMA0GCSqGSIb3DQEBCwUAA4IBAQCB456H
PjZHLJh5nresn0VRCB6qCzDad5eozpO9S4we5s2+jC67/in87TeFey8TZH1jO2Tm
kMi9sRe+V+4bCHXJnet6RpAwMc/2uNXXa2QxtK6WeFX76fpLn+MRmLrbyk7mD8Kv
vgWkLBy3pnT/dEuTwehERNpYA4VXrbZcwKgD01GAvhEDn+HUltt3dj/D1Mcx/wch
9VsMW1s390X0dVUEx0i2rnwiFEtra9PD4rEgsjngT3zDTxhirJeXqs7n4YAyoHS4
StBbymBTs/wgt/j0l0w48lRuz9qin+6dabinYCpTQn46Aexo7MsWevz72gvkR9Df
TCOkNojKSw9R2GZS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:11 2025 by rpki-client