Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Db-cv0uSydeMQR6pUNO75oNI5jc.roa
File: Db-cv0uSydeMQR6pUNO75oNI5jc.roa (raw, json)
Hash identifier: PBxWo7k4zmGcIpprnKWX9lB96d+DnpyeNqzBgJgOgGQ=
Subject key identifier: 0D:BF:9C:BF:4B:92:C9:D7:8C:41:1E:A9:50:D3:BB:E6:83:48:E6:37
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018B821379D6E807FF0184271EE2B1C15298
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Db-cv0uSydeMQR6pUNO75oNI5jc.roa
Signing time: Mon 30 Oct 2023 19:33:16 +0000
ROA not before: Mon 30 Oct 2023 19:33:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 103.246.249.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
46.229.243.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
2a12:3200:4000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:82:13:79:d6:e8:07:ff:01:84:27:1e:e2:b1:c1:52:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Oct 30 19:33:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dbf9cbf4b92c9d78c411ea950d3bbe68348e637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ea:af:a4:0e:af:de:68:a7:e2:aa:80:9e:ca:
ba:30:37:ba:7e:03:22:46:75:c8:8b:54:a0:c3:a7:
bc:b4:d5:87:a4:af:88:ad:79:4d:56:6e:23:cc:19:
ea:c7:55:af:ec:9f:8d:ac:e3:5e:e2:2b:36:63:3d:
62:23:27:fe:a2:8f:54:0c:c6:94:6d:ec:f2:3b:d7:
c1:bb:6f:07:1b:44:b5:9b:be:86:fe:4e:ec:92:f1:
73:01:62:e4:56:04:ef:f0:cc:45:62:e3:03:dd:94:
07:1a:d6:f3:b3:7e:35:54:62:e7:3f:5b:27:07:0e:
3f:3d:49:23:1a:c4:15:4e:6b:ee:f8:86:5c:a6:5f:
a0:bb:7c:4d:ae:2e:91:97:45:7e:d5:cb:03:3d:ed:
78:35:fe:43:32:d7:21:6e:f9:35:2e:48:c3:de:07:
72:2c:19:17:32:da:10:3a:24:86:16:f5:cf:e6:83:
a0:48:f0:4a:ac:d7:92:19:34:99:a9:3d:f8:e1:5f:
1a:37:94:cf:77:46:e0:e2:90:4a:f2:c5:ad:8a:ff:
8a:6e:be:c0:54:d6:9a:0b:33:8c:81:12:1c:55:84:
b4:81:eb:7a:a0:ba:30:26:b2:29:04:43:5b:75:53:
ae:a0:54:e6:69:61:72:de:f0:97:be:66:3c:58:5f:
19:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BF:9C:BF:4B:92:C9:D7:8C:41:1E:A9:50:D3:BB:E6:83:48:E6:37
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Db-cv0uSydeMQR6pUNO75oNI5jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.253.0/24
83.229.61.0/24
85.204.107.0/24
103.246.248.0/23
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
dc:4c:9e:05:b9:d3:fc:14:f8:e9:67:64:72:86:71:81:69:fd:
b1:2e:cc:a5:a3:6f:2e:59:f0:55:6f:1f:19:2c:f2:e4:e4:7a:
c1:32:ce:72:0e:7d:24:ce:86:14:d0:f0:74:50:dc:7b:a8:7a:
42:bd:1c:87:4f:ea:9a:56:54:ad:6a:f9:14:c3:ba:28:d6:8d:
b9:2d:6a:26:1a:dd:56:2e:b9:3c:b4:ad:34:d2:0d:33:62:1d:
94:ff:75:1d:f2:fc:85:a2:96:bc:f7:75:fd:83:78:3b:bd:a7:
a4:00:dd:60:41:62:b2:a1:64:e0:00:58:3a:07:5e:06:8a:ab:
17:c6:94:3c:4d:8b:7f:7b:12:4e:3d:60:d2:fe:eb:fa:02:47:
90:88:69:27:c5:79:7b:9d:6d:98:0d:5b:aa:f2:e3:9a:6e:98:
d0:56:20:91:1a:78:a2:b7:99:e6:e5:ab:8f:24:9b:7c:d3:cd:
b8:c9:2c:19:41:79:2e:3d:12:7f:d0:31:40:35:44:7f:fa:73:
ca:22:34:c8:19:29:ce:09:c4:d8:61:ee:e7:28:4f:5c:b1:da:
5e:74:a6:b2:c2:a5:87:67:a7:eb:fe:4f:81:cc:ce:99:f0:ca:
ca:e3:25:7e:9b:fd:11:3e:20:24:b1:63:59:60:6a:0e:ed:1f:
bf:e5:74:d6
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYuCE3nW6Af/AYQnHuKxwVKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMxMDMwMTkzMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJmOWNiZjRiOTJjOWQ3OGM0MTFlYTk1MGQzYmJlNjgzNDhlNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOqvpA6v3min4qqAnsq6MDe6fgMi
RnXIi1Sgw6e8tNWHpK+IrXlNVm4jzBnqx1Wv7J+NrONe4is2Yz1iIyf+oo9UDMaU
bezyO9fBu28HG0S1m76G/k7skvFzAWLkVgTv8MxFYuMD3ZQHGtbzs341VGLnP1sn
Bw4/PUkjGsQVTmvu+IZcpl+gu3xNri6Rl0V+1csDPe14Nf5DMtchbvk1LkjD3gdy
LBkXMtoQOiSGFvXP5oOgSPBKrNeSGTSZqT344V8aN5TPd0bg4pBK8sWtiv+Kbr7A
VNaaCzOMgRIcVYS0get6oLowJrIpBENbdVOuoFTmaWFy3vCXvmY8WF8ZqwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFA2/nL9LksnXjEEeqVDTu+aDSOY3MB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvRGItY3YwdVN5ZGVNUVI2cFVOTzc1b05JNWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQALuXzAwQA
LuX9AwQAU+U9AwQAVcxrAwQBZ/b4AwQAuWg/AwQAw0pdMBYEAgACMBAwDgMEASoS
MgMGBCoSMgBAMA0GCSqGSIb3DQEBCwUAA4IBAQDcTJ4FudP8FPjpZ2RyhnGBaf2x
Lsylo28uWfBVbx8ZLPLk5HrBMs5yDn0kzoYU0PB0UNx7qHpCvRyHT+qaVlStavkU
w7oo1o25LWomGt1WLrk8tK000g0zYh2U/3Ud8vyFopa893X9g3g7vaekAN1gQWKy
oWTgAFg6B14GiqsXxpQ8TYt/exJOPWDS/uv6AkeQiGknxXl7nW2YDVuq8uOabpjQ
ViCRGniit5nm5auPJJt80824ySwZQXkuPRJ/0DFANUR/+nPKIjTIGSnOCcTYYe7n
KE9csdpedKaywqWHZ6fr/k+BzM6Z8MrK4yV+m/0RPiAksWNZYGoO7R+/5XTW
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:17:32 2025 by rpki-client