Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/028937-8903-495d-bc6c-f3e915ad3802/1/DKPxRRVOFk2FAiARpa3DQAM7QCU.roa
File: DKPxRRVOFk2FAiARpa3DQAM7QCU.roa (raw, json)
Hash identifier: PJVb61GYicKGe7X8t60kXqDXAH2MAwqPzXFJKnqdN/w=
Subject key identifier: 0C:A3:F1:45:15:4E:16:4D:85:02:20:11:A5:AD:C3:40:03:3B:40:25
Certificate issuer: /CN=5df27221c18fcafe74892bc0e97bf5ee7c344fa7
Certificate serial: 0185714C19F780A5AC773325FE5B5E499C6D
Authority key identifier: 5D:F2:72:21:C1:8F:CA:FE:74:89:2B:C0:E9:7B:F5:EE:7C:34:4F:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfJyIcGPyv50iSvA6Xv17nw0T6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/028937-8903-495d-bc6c-f3e915ad3802/1/DKPxRRVOFk2FAiARpa3DQAM7QCU.roa
Signing time: Mon 02 Jan 2023 07:04:50 +0000
ROA not before: Mon 02 Jan 2023 07:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211394
IP address blocks: 193.56.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:19:f7:80:a5:ac:77:33:25:fe:5b:5e:49:9c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df27221c18fcafe74892bc0e97bf5ee7c344fa7
Validity
Not Before: Jan 2 07:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ca3f145154e164d85022011a5adc340033b4025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:8d:4d:6d:96:34:07:6f:b9:3c:7a:85:17:
9f:7b:fa:c8:6c:40:49:99:36:6a:58:0d:e9:fc:af:
e8:cd:e2:9b:e3:db:e1:5e:86:7b:b4:57:2e:0a:fa:
0f:eb:e8:89:de:84:14:e0:90:d5:f7:42:b8:9e:fd:
1e:ae:48:88:0c:8e:25:bb:47:0f:52:25:b9:54:b0:
62:86:aa:a7:93:5b:ef:33:0b:23:c5:31:6b:4b:d2:
1d:16:cd:e8:27:b0:5b:dc:3f:58:77:13:d9:c2:90:
ac:09:bc:92:ee:84:6d:8f:fd:eb:41:e6:f9:18:22:
b0:13:3c:51:35:03:01:ef:1d:64:61:87:95:1a:32:
03:69:e7:5b:9a:a9:0e:03:94:41:a0:1f:db:6d:ec:
c7:b1:d7:40:7a:ff:08:3b:d3:b3:35:08:a6:30:08:
d2:c7:5d:2d:08:a1:94:6b:9c:58:5e:13:c4:3d:d3:
ce:36:c7:e9:13:db:80:5f:ff:54:16:04:55:42:34:
53:09:06:41:d1:b7:60:f8:db:5f:e0:90:ed:3f:14:
c2:4b:fb:6c:5f:ae:03:bb:b0:ef:87:f8:0f:63:79:
bb:85:48:89:a9:b2:35:a3:91:9c:ba:7c:c2:74:93:
08:47:01:df:5f:92:2a:2a:30:3b:65:34:fc:b8:cb:
9d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A3:F1:45:15:4E:16:4D:85:02:20:11:A5:AD:C3:40:03:3B:40:25
X509v3 Authority Key Identifier:
keyid:5D:F2:72:21:C1:8F:CA:FE:74:89:2B:C0:E9:7B:F5:EE:7C:34:4F:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfJyIcGPyv50iSvA6Xv17nw0T6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/028937-8903-495d-bc6c-f3e915ad3802/1/DKPxRRVOFk2FAiARpa3DQAM7QCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/028937-8903-495d-bc6c-f3e915ad3802/1/XfJyIcGPyv50iSvA6Xv17nw0T6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.9.0/24
Signature Algorithm: sha256WithRSAEncryption
20:b2:08:df:b9:65:c2:f4:d8:89:84:c3:4b:b2:e1:84:8f:dc:
76:43:d8:ef:1e:1e:77:9b:66:c5:5b:01:f3:09:0a:0c:dc:1e:
b7:e7:c0:28:68:e7:43:12:49:09:d8:f1:f6:8b:29:1a:f1:cb:
ad:72:94:f2:83:da:04:43:0d:31:0b:8e:f2:e0:7f:5c:a2:f7:
fe:15:51:7a:65:ca:ef:5b:63:57:6e:19:77:08:51:82:51:06:
f4:20:75:fb:07:50:b5:ba:54:bd:e4:8f:b4:9e:aa:8f:47:aa:
0e:ce:bf:a8:3c:e5:b2:c8:4b:aa:19:6a:f4:cb:eb:fb:95:94:
96:e1:d8:32:35:42:6e:7d:30:3e:f6:fc:bf:8d:1e:53:3a:9c:
18:e0:76:82:8f:ad:b9:93:0f:e7:fe:92:22:b4:fa:4c:f5:09:
c9:26:58:51:46:16:61:4d:57:35:ee:42:a8:78:10:8f:4e:3d:
4a:00:ec:67:d8:6f:74:34:f4:7c:a7:fb:cc:74:6c:a8:d5:dd:
1e:a0:4a:ef:83:fa:b5:10:03:12:e7:16:db:c7:85:5b:5b:55:
c8:f7:8d:9e:6c:51:92:79:f4:f9:1d:5d:1f:79:48:bf:bb:8e:
6f:3b:67:68:c4:fe:6e:60:53:66:95:0e:2e:97:32:17:9d:53:
ec:14:58:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTBn3gKWsdzMl/lteSZxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjI3MjIxYzE4ZmNhZmU3NDg5MmJjMGU5N2JmNWVlN2Mz
NDRmYTcwHhcNMjMwMTAyMDcwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2EzZjE0NTE1NGUxNjRkODUwMjIwMTFhNWFkYzM0MDAzM2I0MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLyNTW2WNAdvuTx6hRefe/rIbEBJ
mTZqWA3p/K/ozeKb49vhXoZ7tFcuCvoP6+iJ3oQU4JDV90K4nv0erkiIDI4lu0cP
UiW5VLBihqqnk1vvMwsjxTFrS9IdFs3oJ7Bb3D9YdxPZwpCsCbyS7oRtj/3rQeb5
GCKwEzxRNQMB7x1kYYeVGjIDaedbmqkOA5RBoB/bbezHsddAev8IO9OzNQimMAjS
x10tCKGUa5xYXhPEPdPONsfpE9uAX/9UFgRVQjRTCQZB0bdg+Ntf4JDtPxTCS/ts
X64Du7Dvh/gPY3m7hUiJqbI1o5GcunzCdJMIRwHfX5IqKjA7ZTT8uMudZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyj8UUVThZNhQIgEaWtw0ADO0AlMB8GA1UdIwQY
MBaAFF3yciHBj8r+dIkrwOl79e58NE+nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZKeUljR1B5djUwaVN2QTZYdjE3bncwVDZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wMjg5MzctODkwMy00OTVkLWJjNmMt
ZjNlOTE1YWQzODAyLzEvREtQeFJSVk9GazJGQWlBUnBhM0RRQU03UUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wMjg5MzctODkwMy00OTVkLWJjNmMtZjNlOTE1YWQzODAy
LzEvWGZKeUljR1B5djUwaVN2QTZYdjE3bncwVDZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTgJMA0G
CSqGSIb3DQEBCwUAA4IBAQAgsgjfuWXC9NiJhMNLsuGEj9x2Q9jvHh53m2bFWwHz
CQoM3B6358AoaOdDEkkJ2PH2iyka8cutcpTyg9oEQw0xC47y4H9covf+FVF6Zcrv
W2NXbhl3CFGCUQb0IHX7B1C1ulS95I+0nqqPR6oOzr+oPOWyyEuqGWr0y+v7lZSW
4dgyNUJufTA+9vy/jR5TOpwY4HaCj625kw/n/pIitPpM9QnJJlhRRhZhTVc17kKo
eBCPTj1KAOxn2G90NPR8p/vMdGyo1d0eoErvg/q1EAMS5xbbx4VbW1XI942ebFGS
efT5HV0feUi/u45vO2doxP5uYFNmlQ4ulzIXnVPsFFgS
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:58:58 2025 by rpki-client