Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/dDWaYCPVY8YjI0uWLG7GI_SYlho.roa
File: dDWaYCPVY8YjI0uWLG7GI_SYlho.roa (raw, json)
Hash identifier: 3r6q0ejMrxoXpIhJtOhbm6jo5nkg8W5kSC6wskftTMg=
Subject key identifier: 74:35:9A:60:23:D5:63:C6:23:23:4B:96:2C:6E:C6:23:F4:98:96:1A
Certificate issuer: /CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Certificate serial: 01857014FCCE71157B0D26F9AF86E23E7D2F
Authority key identifier: 95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/dDWaYCPVY8YjI0uWLG7GI_SYlho.roa
Signing time: Mon 02 Jan 2023 01:25:01 +0000
ROA not before: Mon 02 Jan 2023 01:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34154
IP address blocks: 193.17.230.0/24 maxlen: 24
217.71.216.0/21 maxlen: 24
195.160.196.0/22 maxlen: 24
185.121.196.0/22 maxlen: 24
2a00:1fe8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:fc:ce:71:15:7b:0d:26:f9:af:86:e2:3e:7d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Validity
Not Before: Jan 2 01:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74359a6023d563c623234b962c6ec623f498961a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dd:05:51:b0:f9:b7:02:40:2b:eb:82:5f:5d:
f2:5c:34:e5:d8:ad:8d:ee:29:da:6a:56:e5:01:4b:
99:b0:4d:13:ce:16:a4:05:4d:19:48:97:db:17:ef:
76:0c:ff:fa:6f:f5:70:71:48:43:08:2d:7b:fd:0f:
9d:62:98:7e:f9:a3:40:39:4f:e5:59:6c:4d:ee:3a:
3b:2c:6b:ac:73:dc:d2:4c:56:91:f9:77:e9:df:c7:
04:4b:31:25:0e:c8:f1:55:b9:b1:d0:82:98:ee:0e:
ae:76:a1:1e:b1:ba:25:bb:59:1a:24:fd:de:ba:75:
04:02:a4:f4:7a:15:01:01:58:20:b4:7e:2a:3a:2e:
ca:e1:aa:af:1e:d4:6a:c7:8c:1b:f6:44:b4:ab:23:
a7:48:6b:12:07:ee:2f:bb:7f:ca:4a:dd:49:b9:25:
a7:b4:d7:19:e4:93:1d:75:e5:8c:36:b7:95:bf:84:
64:2f:80:d9:e0:6c:de:c3:df:be:d2:c2:cc:82:af:
da:2b:22:9e:34:3a:0c:95:51:db:d9:eb:5d:1b:40:
13:91:92:92:a3:f9:d6:7d:82:ad:ab:4f:93:7f:ce:
8c:22:bd:a9:f7:3d:da:77:09:f7:d4:27:64:5f:38:
d0:26:50:b3:ac:24:04:7d:d6:46:22:af:e9:b5:73:
c5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:35:9A:60:23:D5:63:C6:23:23:4B:96:2C:6E:C6:23:F4:98:96:1A
X509v3 Authority Key Identifier:
keyid:95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/dDWaYCPVY8YjI0uWLG7GI_SYlho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.196.0/22
193.17.230.0/24
195.160.196.0/22
217.71.216.0/21
IPv6:
2a00:1fe8::/32
Signature Algorithm: sha256WithRSAEncryption
1a:25:5e:4c:81:fc:c1:b6:13:79:45:8b:e9:59:02:16:bc:e7:
9f:ea:2b:6f:91:82:da:7d:43:c7:1d:f5:11:f5:5b:0e:cb:1b:
87:ae:6b:f6:31:c9:2b:5e:f1:33:6c:35:e9:46:19:2e:e2:2e:
86:a8:69:b6:fe:7f:b8:9e:76:b3:a9:82:6b:0c:33:32:01:b4:
60:f5:10:98:aa:e1:e6:f3:83:fc:dd:a0:16:20:62:30:5f:78:
3f:81:37:c2:85:f3:88:96:90:aa:55:e8:de:ae:4a:06:48:ec:
0d:0d:94:b2:bf:bd:0a:dd:c9:f9:25:28:5e:0e:0a:fd:c9:db:
b9:80:05:78:16:2f:f5:7d:f2:72:ee:88:80:06:d9:83:4a:cd:
9e:4a:08:bb:74:e7:fc:13:6b:00:7d:f8:e8:2c:a8:9d:4d:8e:
18:db:bd:fd:8d:6c:e6:92:58:39:8d:72:2c:4b:0e:13:eb:37:
89:49:b1:8c:71:48:91:04:cb:34:cc:6b:e2:88:8e:65:72:35:
89:37:3a:c0:f6:fa:d5:7d:0b:c9:8c:4d:dc:a7:c3:0f:e3:5b:
ba:d8:bc:cc:0d:77:6a:cb:c2:7d:93:0a:ed:1e:04:c7:4a:0a:
55:37:28:18:1e:cd:f4:6c:d0:db:29:ca:94:4c:91:04:13:82:
ee:db:91:f4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwFPzOcRV7DSb5r4biPn0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZmQwM2I1ZjM1YjMxN2I0ZDMyZmYxYTRiMmMxN2JiMzc2
YzIxZTEwHhcNMjMwMTAyMDEyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDM1OWE2MDIzZDU2M2M2MjMyMzRiOTYyYzZlYzYyM2Y0OTg5NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t0FUbD5twJAK+uCX13yXDTl2K2N
7inaalblAUuZsE0TzhakBU0ZSJfbF+92DP/6b/VwcUhDCC17/Q+dYph++aNAOU/l
WWxN7jo7LGusc9zSTFaR+Xfp38cESzElDsjxVbmx0IKY7g6udqEesbolu1kaJP3e
unUEAqT0ehUBAVggtH4qOi7K4aqvHtRqx4wb9kS0qyOnSGsSB+4vu3/KSt1JuSWn
tNcZ5JMddeWMNreVv4RkL4DZ4Gzew9++0sLMgq/aKyKeNDoMlVHb2etdG0ATkZKS
o/nWfYKtq0+Tf86MIr2p9z3adwn31CdkXzjQJlCzrCQEfdZGIq/ptXPF6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHQ1mmAj1WPGIyNLlixuxiP0mJYaMB8GA1UdIwQY
MBaAFJX9A7XzWzF7TTL/GkssF7s3bCHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2Et
ZDYwZjQ0YTkzNGIxLzEvZERXYVlDUFZZOFlqSTB1V0xHN0dJX1NZbGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2EtZDYwZjQ0YTkzNGIx
LzEvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuXnEAwQA
wRHmAwQCw6DEAwQD2UfYMA0EAgACMAcDBQAqAB/oMA0GCSqGSIb3DQEBCwUAA4IB
AQAaJV5MgfzBthN5RYvpWQIWvOef6itvkYLafUPHHfUR9VsOyxuHrmv2MckrXvEz
bDXpRhku4i6GqGm2/n+4nnazqYJrDDMyAbRg9RCYquHm84P83aAWIGIwX3g/gTfC
hfOIlpCqVejerkoGSOwNDZSyv70K3cn5JSheDgr9ydu5gAV4Fi/1ffJy7oiABtmD
Ss2eSgi7dOf8E2sAffjoLKidTY4Y2739jWzmklg5jXIsSw4T6zeJSbGMcUiRBMs0
zGviiI5lcjWJNzrA9vrVfQvJjE3cp8MP41u62LzMDXdqy8J9kwrtHgTHSgpVNygY
Hs30bNDbKcqUTJEEE4Lu25H0
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:33 2025 by rpki-client