Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/dkxYPR49Mj0t40yTTEXdmu_R8Qk.roa
File: dkxYPR49Mj0t40yTTEXdmu_R8Qk.roa (raw, json)
Hash identifier: /K22dz6iCwZif8e9btCRq1FKnK8aPOlI3pzejhVk59k=
Subject key identifier: 76:4C:58:3D:1E:3D:32:3D:2D:E3:4C:93:4C:45:DD:9A:EF:D1:F1:09
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 32BB222E
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/dkxYPR49Mj0t40yTTEXdmu_R8Qk.roa
Signing time: Sat 01 Jan 2022 16:07:28 +0000
ROA not before: Sat 01 Jan 2022 16:07:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34587
IP address blocks: 178.237.173.0/24 maxlen: 24
81.94.213.0/24 maxlen: 24
81.94.208.0/20 maxlen: 24
81.94.214.0/24 maxlen: 24
5.226.176.0/21 maxlen: 24
178.237.160.0/23 maxlen: 24
178.237.163.0/24 maxlen: 24
178.237.165.0/24 maxlen: 24
178.237.170.0/24 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
2a03:a860:10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 851124782 (0x32bb222e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 16:07:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=764c583d1e3d323d2de34c934c45dd9aefd1f109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e6:cb:2b:0a:6b:cd:d8:02:be:61:84:8c:b1:
e3:3b:e4:07:0c:d3:2e:30:a2:a9:86:33:59:cf:6e:
93:fa:94:07:0e:83:f4:db:0e:09:98:da:b4:46:df:
c1:51:bb:ae:c6:48:36:e2:09:ca:b2:3d:30:77:95:
20:9f:5d:aa:20:3a:67:e7:50:15:e3:6f:4c:e5:ea:
fa:62:95:d8:0a:49:cd:4d:db:af:f1:c3:ea:fb:a0:
5a:2f:07:23:7e:ec:77:8b:05:64:4a:9a:e3:c8:4f:
2f:d6:c8:1f:1c:41:2f:13:0b:60:c6:cf:13:66:c2:
5a:a5:d1:55:1f:19:da:e7:89:cf:ab:a5:90:ab:91:
83:50:98:a2:09:5b:fb:4a:0a:25:2f:bb:f8:a5:2f:
11:e9:d0:a1:fc:a3:6f:df:b2:28:2c:6f:23:e5:fd:
91:63:fd:82:cf:33:14:a9:c1:a2:3c:ff:2d:2e:1e:
33:ed:ca:47:f9:38:80:23:0b:81:5d:5a:ce:4a:10:
d8:74:69:3a:f9:4f:da:34:ac:41:d2:f4:dd:02:fd:
e6:f3:5f:d7:c8:2c:24:1f:66:ec:df:7c:4f:27:60:
7e:2a:06:b7:25:1c:4c:a7:eb:ee:88:13:34:95:be:
81:3b:a1:86:bd:27:e1:63:12:0e:b3:78:d8:cb:eb:
7d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4C:58:3D:1E:3D:32:3D:2D:E3:4C:93:4C:45:DD:9A:EF:D1:F1:09
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/dkxYPR49Mj0t40yTTEXdmu_R8Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
81.94.208.0/20
178.237.160.0/23
178.237.163.0/24
178.237.165.0/24
178.237.170.0/24
178.237.173.0/24
IPv6:
2a03:a860:10::/44
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
10:83:30:72:54:06:d3:4a:cb:5b:88:17:96:5d:b8:0a:89:ef:
05:70:24:09:58:be:f5:04:ee:f1:34:f3:8c:71:32:38:80:9a:
7d:08:db:e9:d5:7e:c4:31:1a:5f:2a:fd:41:0a:ac:00:fc:f5:
e8:8a:d5:13:20:90:a9:ed:36:8a:31:3b:d0:ec:6b:e8:82:89:
66:a5:a3:f7:d6:e4:6d:8f:02:7f:6a:99:ad:ab:02:4f:bb:98:
75:7d:ca:09:3e:0b:57:95:7e:8f:75:77:c7:8d:99:ef:90:b3:
97:0a:d1:70:77:14:0b:07:0c:21:cd:fb:e4:d7:42:62:23:c5:
ab:d4:f5:0a:2a:b5:2c:0a:cd:b6:ac:f1:94:21:6b:20:50:bf:
0b:0a:2c:8a:84:c2:67:f8:35:53:33:52:72:4d:75:40:51:01:
bb:4d:b8:84:2b:21:3d:86:a4:b2:d7:b8:3a:c3:b6:ae:a6:d5:
62:7a:ed:9a:ee:e0:6c:ea:7a:2d:ff:69:a9:28:15:da:9c:be:
aa:61:99:cf:ec:82:af:8f:cd:b6:87:61:a4:1a:82:4b:40:24:
a5:eb:b4:c0:c3:ff:f1:7c:11:ef:26:84:e8:8e:26:57:2d:ef:
67:d0:fb:4a:f4:bb:70:e6:e2:46:57:a0:c6:bb:7a:65:a2:cd:
b6:d1:40:db
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEMrsiLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWI2NmVjNWU4ZjI0MDVmNmY4ZDQ4NmU3M2ZiODJiOGRlMGRlZTBmMB4XDTIyMDEw
MTE2MDcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY0YzU4M2QxZTNk
MzIzZDJkZTM0YzkzNGM0NWRkOWFlZmQxZjEwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHmyysKa83YAr5hhIyx4zvkBwzTLjCiqYYzWc9uk/qUBw6D
9NsOCZjatEbfwVG7rsZINuIJyrI9MHeVIJ9dqiA6Z+dQFeNvTOXq+mKV2ApJzU3b
r/HD6vugWi8HI37sd4sFZEqa48hPL9bIHxxBLxMLYMbPE2bCWqXRVR8Z2ueJz6ul
kKuRg1CYoglb+0oKJS+7+KUvEenQofyjb9+yKCxvI+X9kWP9gs8zFKnBojz/LS4e
M+3KR/k4gCMLgV1azkoQ2HRpOvlP2jSsQdL03QL95vNf18gsJB9m7N98TydgfioG
tyUcTKfr7ogTNJW+gTuhhr0n4WMSDrN42MvrfccCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBR2TFg9Hj0yPS3jTJNMRd2a79HxCTAfBgNVHSMEGDAWgBSutm7F6PJAX2+N
SG5z+4K43g3uDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JyWnV4ZWp5UUY5dmpVaHVjX3VDdU40TjdnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8x
L2RreFlQUjQ5TWowdDQweVRURVhkbXVfUjhRay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8xL3JyWnV4ZWp5UUY5
dmpVaHVjX3VDdU40TjdnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswMAQCAAEwKgMEAwXisAMEBFFe0AMEAbLtoAMEALLt
owMEALLtpQMEALLtqgMEALLtrTAXBAIAAjARAwcEKgOoYAAQAwYAKgOoYAowDQYJ
KoZIhvcNAQELBQADggEBABCDMHJUBtNKy1uIF5ZduAqJ7wVwJAlYvvUE7vE084xx
MjiAmn0I2+nVfsQxGl8q/UEKrAD89eiK1RMgkKntNooxO9Dsa+iCiWalo/fW5G2P
An9qma2rAk+7mHV9ygk+C1eVfo91d8eNme+Qs5cK0XB3FAsHDCHN++TXQmIjxavU
9QoqtSwKzbas8ZQhayBQvwsKLIqEwmf4NVMzUnJNdUBRAbtNuIQrIT2GpLLXuDrD
tq6m1WJ67Zru4Gzqei3/aakoFdqcvqphmc/sgq+PzbaHYaQagktAJKXrtMDD//F8
Ee8mhOiOJlct72fQ+0r0u3Dm4kZXoMa7emWizbbRQNs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:34 2025 by rpki-client