Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/dO-R3ZnLZXzngEiENfp9VxKKANg.roa
File: dO-R3ZnLZXzngEiENfp9VxKKANg.roa (raw, json)
Hash identifier: 0rSj0TJt/L8wAlCOCpFB9V6UoQxod6eY4ifBAeCWJs0=
Subject key identifier: 74:EF:91:DD:99:CB:65:7C:E7:80:48:84:35:FA:7D:57:12:8A:00:D8
Certificate issuer: /CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Certificate serial: 018571F0FDEBEB1B00D4AA7DD27D8E2C3536
Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/dO-R3ZnLZXzngEiENfp9VxKKANg.roa
Signing time: Mon 02 Jan 2023 10:04:57 +0000
ROA not before: Mon 02 Jan 2023 10:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31742
IP address blocks: 185.119.20.0/22 maxlen: 22
93.191.24.0/21 maxlen: 21
46.255.248.0/21 maxlen: 21
212.85.252.0/22 maxlen: 22
83.137.224.0/21 maxlen: 21
2a00:d300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:fd:eb:eb:1b:00:d4:aa:7d:d2:7d:8e:2c:35:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Validity
Not Before: Jan 2 10:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74ef91dd99cb657ce780488435fa7d57128a00d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:86:21:50:25:88:e1:05:52:2d:3e:06:cf:bc:
b3:92:d6:ef:24:77:8c:7b:36:ba:cb:18:99:cc:28:
34:61:16:12:0e:8f:a0:f8:44:04:ef:55:5d:60:b1:
4f:cc:e4:9d:1c:31:b5:5c:66:45:cd:ce:0d:dd:4b:
c4:01:17:37:bf:5c:0f:50:ec:77:b5:de:b3:85:f6:
18:38:6b:4e:c6:b7:90:5a:af:cf:35:e4:f0:7a:00:
ed:a4:51:e7:36:e4:2a:a2:b9:3b:f5:13:e3:07:7c:
d7:79:93:a5:7f:cc:b7:6f:e9:a2:b7:6a:ce:45:f6:
d0:c4:33:85:79:2c:83:7c:35:d7:86:d7:01:b4:03:
b9:39:80:c7:a7:45:86:47:29:62:9c:d0:03:28:f4:
85:fd:2e:45:0d:68:b5:58:a3:43:05:9d:aa:e5:a1:
a6:7b:09:92:36:aa:d8:9f:11:f0:6d:ed:d9:30:00:
de:b8:ad:c9:0a:b8:d2:9d:5b:35:15:75:77:8d:b2:
56:f8:aa:51:38:28:bc:3d:b2:53:e2:17:3a:43:5d:
d1:c0:7d:c8:6b:66:4d:3c:7c:0a:be:31:b1:31:21:
f3:6b:91:30:36:bc:15:02:11:95:51:7d:46:26:dd:
57:a9:21:83:5e:31:d1:1e:1f:4b:4a:0d:44:13:8e:
0c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EF:91:DD:99:CB:65:7C:E7:80:48:84:35:FA:7D:57:12:8A:00:D8
X509v3 Authority Key Identifier:
keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/dO-R3ZnLZXzngEiENfp9VxKKANg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.248.0/21
83.137.224.0/21
93.191.24.0/21
185.119.20.0/22
212.85.252.0/22
IPv6:
2a00:d300::/32
Signature Algorithm: sha256WithRSAEncryption
97:ff:e7:a8:52:67:14:bf:c5:88:aa:79:64:eb:a2:f5:98:81:
b7:a1:4b:be:fe:ec:3d:db:4c:6c:5b:ce:d9:ed:e4:5f:f5:7c:
f2:58:e4:3f:b7:b1:bb:bc:1f:91:be:ba:79:83:fd:72:3b:75:
5c:b8:6a:fd:41:10:6d:e5:1e:73:4d:92:74:87:45:0c:92:41:
a8:7b:2f:88:21:95:dd:a7:b8:5a:5f:72:05:96:ba:fb:15:a5:
15:0e:0e:ed:9e:be:31:64:2b:fd:18:34:fa:ee:85:7f:a7:73:
54:fd:d8:c0:25:05:c9:d1:98:5c:bf:87:48:46:68:77:9b:de:
6c:d8:58:9d:22:ef:09:4d:25:ee:4a:ff:05:b5:fb:d5:14:18:
12:48:19:9c:7d:39:3a:83:f8:d5:10:66:71:e3:b9:a1:0c:ca:
66:d5:20:26:68:2c:f0:9f:d1:40:8a:85:48:87:d6:7c:83:8d:
79:9e:cc:d7:6e:ab:1a:50:57:3d:a6:31:cf:33:8e:1f:ef:44:
fc:98:c8:ee:32:87:a3:44:f5:2b:32:2e:72:e4:cc:c2:5e:ed:
79:b3:c5:1a:96:28:bf:65:ea:a0:56:b1:4b:3f:d7:ef:c6:56:
c0:2d:4d:6a:8d:05:65:e6:51:7c:cb:88:f7:02:b3:f7:e2:ac:
f4:2d:9c:27
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVx8P3r6xsA1Kp90n2OLDU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5
NzQ2MTEwHhcNMjMwMTAyMTAwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGVmOTFkZDk5Y2I2NTdjZTc4MDQ4ODQzNWZhN2Q1NzEyOGEwMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4YhUCWI4QVSLT4Gz7yzktbvJHeM
eza6yxiZzCg0YRYSDo+g+EQE71VdYLFPzOSdHDG1XGZFzc4N3UvEARc3v1wPUOx3
td6zhfYYOGtOxreQWq/PNeTwegDtpFHnNuQqork79RPjB3zXeZOlf8y3b+mit2rO
RfbQxDOFeSyDfDXXhtcBtAO5OYDHp0WGRylinNADKPSF/S5FDWi1WKNDBZ2q5aGm
ewmSNqrYnxHwbe3ZMADeuK3JCrjSnVs1FXV3jbJW+KpROCi8PbJT4hc6Q13RwH3I
a2ZNPHwKvjGxMSHza5EwNrwVAhGVUX1GJt1XqSGDXjHRHh9LSg1EE44MbQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHTvkd2Zy2V854BIhDX6fVcSigDYMB8GA1UdIwQY
MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt
Yjk1NGM1MGZkYmIwLzEvZE8tUjNabkxaWHpuZ0VpRU5mcDlWeEtLQU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw
LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLv/4AwQD
U4ngAwQDXb8YAwQCuXcUAwQC1FX8MA0EAgACMAcDBQAqANMAMA0GCSqGSIb3DQEB
CwUAA4IBAQCX/+eoUmcUv8WIqnlk66L1mIG3oUu+/uw920xsW87Z7eRf9XzyWOQ/
t7G7vB+Rvrp5g/1yO3VcuGr9QRBt5R5zTZJ0h0UMkkGoey+IIZXdp7haX3IFlrr7
FaUVDg7tnr4xZCv9GDT67oV/p3NU/djAJQXJ0Zhcv4dIRmh3m95s2FidIu8JTSXu
Sv8FtfvVFBgSSBmcfTk6g/jVEGZx47mhDMpm1SAmaCzwn9FAioVIh9Z8g415nszX
bqsaUFc9pjHPM44f70T8mMjuMoejRPUrMi5y5MzCXu15s8Ualii/ZeqgVrFLP9fv
xlbALU1qjQVl5lF8y4j3ArP34qz0LZwn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:42 2025 by rpki-client