Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/DC35473CwpXebdKRnlaWlX2s6j8.roa
File: DC35473CwpXebdKRnlaWlX2s6j8.roa (raw, json)
Hash identifier: NhEBvrpc1v0HmGloluxWBW1y0tGCjKEG08z0L9UmqIY=
Subject key identifier: 0C:2D:F9:E3:BD:C2:C2:95:DE:6D:D2:91:9E:56:96:95:7D:AC:EA:3F
Certificate issuer: /CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
Certificate serial: 01868FCFF1BF4DB243C1DD88839D8F6F1294
Authority key identifier: 40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/DC35473CwpXebdKRnlaWlX2s6j8.roa
Signing time: Sun 26 Feb 2023 22:20:15 +0000
ROA not before: Sun 26 Feb 2023 22:20:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29259
IP address blocks: 84.11.255.0/24 maxlen: 24
83.170.0.0/18 maxlen: 18
84.11.0.0/16 maxlen: 16
195.158.212.0/22 maxlen: 24
2001:1b10::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8f:cf:f1:bf:4d:b2:43:c1:dd:88:83:9d:8f:6f:12:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
Validity
Not Before: Feb 26 22:20:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c2df9e3bdc2c295de6dd2919e5696957dacea3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d0:ce:fd:0a:56:2d:73:de:50:b6:9a:a9:76:
49:25:ad:09:4d:25:10:9d:7d:02:84:9e:13:42:78:
c0:58:6f:62:b4:9f:cd:e5:bc:38:7e:dd:9f:7d:f1:
3d:9a:68:b3:59:78:4d:7a:82:68:93:b5:ee:ed:3a:
55:3d:5e:e6:ba:bd:84:f9:aa:ee:4c:5a:12:1e:45:
a1:9c:76:58:81:49:3f:8f:6e:1f:31:9a:40:76:54:
ef:43:85:90:9e:1d:3c:4d:07:ee:37:d2:bb:6e:9c:
fe:2f:d7:49:48:90:f2:85:78:87:43:17:2a:a7:36:
a4:47:99:7a:1e:1b:b6:00:54:23:6e:b7:82:31:44:
8f:30:3a:50:91:cf:62:ed:b1:d8:0a:45:be:da:c5:
7d:7a:8c:9c:e2:6e:da:eb:24:b6:ea:48:69:b0:b3:
93:60:2c:65:54:3c:2f:83:42:e1:29:39:87:af:7f:
9b:0f:94:11:09:00:87:94:77:f8:3c:ab:d7:5e:91:
5b:5a:eb:8c:d5:98:d8:f7:b0:ff:d3:0f:f4:c2:d8:
e9:16:5b:0f:1a:78:85:10:44:88:e7:13:78:cb:20:
19:f4:e7:cf:97:19:1f:47:c5:f0:76:5b:5d:54:41:
56:2c:d7:45:d7:48:1a:20:72:57:0a:f0:cb:45:26:
7a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2D:F9:E3:BD:C2:C2:95:DE:6D:D2:91:9E:56:96:95:7D:AC:EA:3F
X509v3 Authority Key Identifier:
keyid:40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/DC35473CwpXebdKRnlaWlX2s6j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/QKJJ6t6yqSj-DC51yRgki1oaKLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.170.0.0/18
84.11.0.0/16
195.158.212.0/22
IPv6:
2001:1b10::/32
Signature Algorithm: sha256WithRSAEncryption
9f:3c:8a:5f:61:63:c7:8c:43:29:6f:3f:d9:36:18:53:46:2b:
ad:4e:06:cb:97:16:1e:3c:aa:0a:02:52:ee:61:f8:c7:35:28:
ab:67:a1:77:71:87:ab:3e:2b:89:52:aa:34:d3:30:55:32:85:
31:1f:41:9d:b7:cb:a6:10:75:61:7f:c6:ab:4f:2d:97:b3:92:
29:ca:5c:c2:73:c2:d0:25:a4:c0:73:7b:5e:aa:a3:00:84:3a:
fe:b4:5f:14:39:4f:0f:54:cd:80:cb:c3:a2:b8:70:93:fe:60:
af:43:00:06:10:1e:13:5e:38:b1:66:86:c5:43:31:10:56:f8:
c2:f2:41:9e:8c:0f:28:fd:ff:d0:91:97:70:96:99:0e:ea:10:
85:ae:1b:ef:be:61:11:c7:31:fb:2b:36:8e:6b:3e:37:b9:d4:
71:fe:0c:b7:c8:13:1f:78:90:4a:88:5b:30:f8:09:45:72:3e:
41:d9:24:a7:3b:96:5a:ae:b5:61:f9:32:2e:d5:05:a2:f9:4c:
46:2d:4c:cb:97:da:9c:72:d9:b3:f2:f2:19:f8:f7:46:43:06:
d2:40:db:a5:99:d8:36:56:02:2a:f7:7d:22:d8:db:0d:46:f9:
ce:a0:5d:88:0b:a9:31:d1:36:11:d5:fc:70:fc:d6:f9:40:66:
26:04:cf:33
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYaPz/G/TbJDwd2Ig52PbxKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYTI0OWVhZGViMmE5MjhmZTBjMmU3NWM5MTgyNDhiNWEx
YTI4YjkwHhcNMjMwMjI2MjIyMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJkZjllM2JkYzJjMjk1ZGU2ZGQyOTE5ZTU2OTY5NTdkYWNlYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNDO/QpWLXPeULaaqXZJJa0JTSUQ
nX0ChJ4TQnjAWG9itJ/N5bw4ft2fffE9mmizWXhNeoJok7Xu7TpVPV7mur2E+aru
TFoSHkWhnHZYgUk/j24fMZpAdlTvQ4WQnh08TQfuN9K7bpz+L9dJSJDyhXiHQxcq
pzakR5l6Hhu2AFQjbreCMUSPMDpQkc9i7bHYCkW+2sV9eoyc4m7a6yS26khpsLOT
YCxlVDwvg0LhKTmHr3+bD5QRCQCHlHf4PKvXXpFbWuuM1ZjY97D/0w/0wtjpFlsP
GniFEESI5xN4yyAZ9OfPlxkfR8XwdltdVEFWLNdF10gaIHJXCvDLRSZ6fQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAwt+eO9wsKV3m3SkZ5WlpV9rOo/MB8GA1UdIwQY
MBaAFECiSeresqko/gwudckYJItaGii5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtKSjZ0NnlxU2otREM1MXlSZ2tpMW9hS0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hZTU0ODgtMTE5ZC00MGFhLWFlNDAt
ODMzMGU3ZTMyZTE5LzEvREMzNTQ3M0N3cFhlYmRLUm5sYVdsWDJzNmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hZTU0ODgtMTE5ZC00MGFhLWFlNDAtODMzMGU3ZTMyZTE5
LzEvUUtKSjZ0NnlxU2otREM1MXlSZ2tpMW9hS0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQGU6oAAwMA
VAsDBALDntQwDQQCAAIwBwMFACABGxAwDQYJKoZIhvcNAQELBQADggEBAJ88il9h
Y8eMQylvP9k2GFNGK61OBsuXFh48qgoCUu5h+Mc1KKtnoXdxh6s+K4lSqjTTMFUy
hTEfQZ23y6YQdWF/xqtPLZezkinKXMJzwtAlpMBze16qowCEOv60XxQ5Tw9UzYDL
w6K4cJP+YK9DAAYQHhNeOLFmhsVDMRBW+MLyQZ6MDyj9/9CRl3CWmQ7qEIWuG+++
YRHHMfsrNo5rPje51HH+DLfIEx94kEqIWzD4CUVyPkHZJKc7llqutWH5Mi7VBaL5
TEYtTMuX2pxy2bPy8hn490ZDBtJA26WZ2DZWAir3fSLY2w1G+c6gXYgLqTHRNhHV
/HD81vlAZiYEzzM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:54:30 2025 by rpki-client