Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dmWc4oG5Otf2-V0agfIs15OGIjw.roa
File: dmWc4oG5Otf2-V0agfIs15OGIjw.roa (raw, json)
Hash identifier: Sm0oSFsm761OSD5vAdPlG1dMzXha1u5dpHluOrBfCxw=
Subject key identifier: 76:65:9C:E2:81:B9:3A:D7:F6:F9:5D:1A:81:F2:2C:D7:93:86:22:3C
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 09984C4B
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dmWc4oG5Otf2-V0agfIs15OGIjw.roa
Signing time: Sat 01 Jan 2022 05:04:08 +0000
ROA not before: Sat 01 Jan 2022 05:04:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199770
IP address blocks: 84.232.62.0/24 maxlen: 24
88.148.16.0/24 maxlen: 24
88.148.14.0/24 maxlen: 24
88.148.29.0/24 maxlen: 24
84.232.108.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160975947 (0x9984c4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76659ce281b93ad7f6f95d1a81f22cd79386223c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3f:8f:6f:4e:ba:00:00:08:dc:9b:6b:80:ed:
a5:1e:58:01:4b:d2:b9:6c:c1:98:38:f5:91:39:ba:
7e:fc:f4:37:35:ff:6e:82:ae:ab:b1:2f:cf:b1:f2:
1c:40:da:46:ea:e8:6b:a1:6b:47:23:76:1e:e9:69:
70:ac:97:43:81:8e:81:8f:3f:e3:e9:37:38:a8:af:
d1:71:aa:50:a0:88:ea:ab:b4:6f:b1:6a:d2:74:ae:
65:ee:56:a6:e6:3c:2e:83:00:76:52:7f:35:9e:e3:
0a:7b:08:62:70:d2:35:21:60:39:13:38:ac:2a:de:
87:2c:e6:74:5a:a9:48:32:99:37:08:27:44:64:f8:
a9:13:0f:a0:e1:f5:78:20:3c:ba:e0:d7:49:ef:6f:
2c:6d:a3:56:e8:3e:fc:05:f5:93:9d:bb:2d:1a:4e:
ad:74:90:8d:c7:d0:7e:c4:ae:d1:ff:82:75:ab:6c:
a7:22:07:ef:88:83:51:50:7a:d8:08:a0:6e:fe:1a:
36:87:5e:f7:7f:c7:52:e2:b7:ad:97:b5:2a:c9:4a:
dc:b6:a2:5a:ae:6b:90:3b:97:89:3e:a8:80:79:cf:
4c:ca:a1:ce:cd:c1:78:4b:90:45:26:70:d9:90:12:
ce:d4:87:29:50:0c:6a:f3:0c:47:3c:91:da:a2:51:
c6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:65:9C:E2:81:B9:3A:D7:F6:F9:5D:1A:81:F2:2C:D7:93:86:22:3C
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dmWc4oG5Otf2-V0agfIs15OGIjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.62.0/24
84.232.108.0/23
88.148.14.0/24
88.148.16.0/24
88.148.29.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:82:9a:0c:ca:9b:77:8f:9c:e6:eb:c1:a6:68:b9:56:23:7d:
84:61:53:65:8a:e1:86:b4:f9:f5:16:fd:90:a8:ac:f2:f4:7d:
0f:b1:82:31:bb:b3:a4:94:44:b6:8b:87:26:d6:bc:5b:1d:2f:
40:07:be:ca:05:16:a7:af:87:1d:05:2e:fa:84:ba:06:41:6b:
2e:55:52:a2:73:1c:44:c8:2d:6b:44:90:6b:9a:83:f5:02:cd:
93:70:d5:a9:10:d9:f6:f8:07:81:d8:86:df:e8:4f:91:ef:30:
e3:88:af:f0:41:54:cf:62:15:a3:d2:14:0b:5a:f7:fa:fe:11:
9d:f8:c5:04:b5:a6:0d:0a:f2:a8:35:90:76:d2:34:98:81:9b:
94:c0:f4:40:3c:7d:a5:88:7a:00:33:d1:81:e6:80:bb:1d:84:
d8:d9:a0:c1:83:bf:17:54:25:b5:50:b9:9f:da:a7:05:49:0b:
c3:54:25:9e:e8:0f:47:18:2d:f8:68:d7:d5:02:88:99:34:af:
4a:ce:99:c2:56:46:ef:ce:14:4d:2a:00:50:7e:48:9b:d1:09:
69:df:ad:47:0e:6d:c2:60:69:e1:98:49:6b:f2:6e:80:98:ee:
17:53:9f:f2:bc:4e:41:86:0d:5e:5f:44:57:43:dc:49:a7:ee:
90:4a:38:cb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECZhMSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY2NTljZTI4MWI5
M2FkN2Y2Zjk1ZDFhODFmMjJjZDc5Mzg2MjIzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0/j29OugAACNyba4DtpR5YAUvSuWzBmDj1kTm6fvz0NzX/
boKuq7Evz7HyHEDaRuroa6FrRyN2HulpcKyXQ4GOgY8/4+k3OKiv0XGqUKCI6qu0
b7Fq0nSuZe5WpuY8LoMAdlJ/NZ7jCnsIYnDSNSFgORM4rCrehyzmdFqpSDKZNwgn
RGT4qRMPoOH1eCA8uuDXSe9vLG2jVug+/AX1k527LRpOrXSQjcfQfsSu0f+Cdats
pyIH74iDUVB62Aigbv4aNode93/HUuK3rZe1KslK3LaiWq5rkDuXiT6ogHnPTMqh
zs3BeEuQRSZw2ZASztSHKVAMavMMRzyR2qJRxiUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBR2ZZzigbk61/b5XRqB8izXk4YiPDAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L2RtV2M0b0c1T3RmMi1WMGFnZklzMTVPR0lqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFToPgMEAVTobAMEAFiUDgMEAFiU
EAMEAFiUHTANBgkqhkiG9w0BAQsFAAOCAQEAO4KaDMqbd4+c5uvBpmi5ViN9hGFT
ZYrhhrT59Rb9kKis8vR9D7GCMbuzpJREtouHJta8Wx0vQAe+ygUWp6+HHQUu+oS6
BkFrLlVSonMcRMgta0SQa5qD9QLNk3DVqRDZ9vgHgdiG3+hPke8w44iv8EFUz2IV
o9IUC1r3+v4RnfjFBLWmDQryqDWQdtI0mIGblMD0QDx9pYh6ADPRgeaAux2E2Nmg
wYO/F1QltVC5n9qnBUkLw1QlnugPRxgt+GjX1QKImTSvSs6ZwlZG784UTSoAUH5I
m9EJad+tRw5twmBp4ZhJa/JugJjuF1Of8rxOQYYNXl9EV0PcSafukEo4yw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:24 2025 by rpki-client