Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/e22SGBw3SsoDGxdcddhiKJc3qNw.roa
File: e22SGBw3SsoDGxdcddhiKJc3qNw.roa (raw, json)
Hash identifier: DNre5PjZ1kHImo38a2V8fmYLz7amVUQu0hA51R/ZAWY=
Subject key identifier: 7B:6D:92:18:1C:37:4A:CA:03:1B:17:5C:75:D8:62:28:97:37:A8:DC
Certificate issuer: /CN=dd189621d2fa872166e6a05ee47a7d756243e919
Certificate serial: 01856F0240CE48A130231F3723465ABC1D79
Authority key identifier: DD:18:96:21:D2:FA:87:21:66:E6:A0:5E:E4:7A:7D:75:62:43:E9:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/e22SGBw3SsoDGxdcddhiKJc3qNw.roa
Signing time: Sun 01 Jan 2023 20:24:56 +0000
ROA not before: Sun 01 Jan 2023 20:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15751
IP address blocks: 185.51.72.0/22 maxlen: 23
109.125.0.0/18 maxlen: 18
212.129.64.0/24 maxlen: 24
212.129.68.0/22 maxlen: 22
212.129.66.0/23 maxlen: 23
212.129.72.0/21 maxlen: 21
212.129.80.0/20 maxlen: 20
2a01:b340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:40:ce:48:a1:30:23:1f:37:23:46:5a:bc:1d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd189621d2fa872166e6a05ee47a7d756243e919
Validity
Not Before: Jan 1 20:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b6d92181c374aca031b175c75d862289737a8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:da:87:84:7e:00:a8:7b:31:7c:2e:af:f6:64:
ff:fa:29:7d:50:86:2d:c1:16:72:97:bc:b4:4b:4f:
7c:30:f9:89:5d:4f:fd:ef:33:28:d6:4d:e8:25:32:
0d:64:b8:1b:d8:9b:e3:86:57:80:08:85:48:0a:a6:
13:d3:ed:60:24:e8:67:bc:71:1e:e2:34:5c:a0:6c:
ec:e2:29:05:36:cd:2e:0b:d2:64:82:f5:58:c9:4a:
77:a8:e6:07:22:eb:b9:0a:94:e3:9c:0c:64:0a:1a:
c7:06:6d:a4:ac:91:2b:e4:cf:5d:c2:96:21:79:5b:
69:f5:5d:1d:dd:71:ba:82:a6:58:40:d7:f7:15:49:
26:ad:ac:50:fb:0a:6b:45:f3:0f:1f:e3:aa:b5:9a:
b6:c2:35:e2:86:a6:53:3e:49:c1:56:27:58:95:f6:
da:00:bc:72:e7:f8:b1:5e:01:35:8a:bd:9e:a8:bb:
6a:13:b3:2a:db:ef:68:ef:1e:45:ea:69:76:b0:f8:
ef:73:e7:9a:3c:c8:00:87:15:5f:8e:fc:d0:2f:7f:
f7:82:71:66:5b:9e:0c:43:12:ae:d4:76:b6:83:93:
90:71:7b:30:79:a9:85:c2:70:f9:41:3d:79:d3:7a:
b6:e0:33:0e:5a:22:1d:1c:e2:6e:99:56:4d:e9:2d:
57:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6D:92:18:1C:37:4A:CA:03:1B:17:5C:75:D8:62:28:97:37:A8:DC
X509v3 Authority Key Identifier:
keyid:DD:18:96:21:D2:FA:87:21:66:E6:A0:5E:E4:7A:7D:75:62:43:E9:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/e22SGBw3SsoDGxdcddhiKJc3qNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.125.0.0/18
185.51.72.0/22
212.129.64.0/24
212.129.66.0-212.129.95.255
IPv6:
2a01:b340::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ce:ea:bb:eb:c3:e5:65:d4:88:a4:97:19:10:04:09:a5:d0:
a3:33:ca:5b:64:af:54:d3:a1:1b:20:84:ff:0f:e4:6f:f5:3b:
2c:7c:3b:79:9d:1b:32:be:ba:e5:3c:56:36:dc:be:57:2e:4a:
54:ac:d3:e9:6f:3c:a3:8b:64:34:26:31:f6:af:d9:07:fe:a7:
07:7d:45:90:e0:e4:07:95:5b:4d:e9:f9:4e:df:c5:74:24:af:
ac:0a:42:39:ae:ef:01:72:bb:a8:37:0f:4a:17:ff:80:29:7a:
e6:33:9a:93:39:cb:e7:c6:8e:49:df:9a:a8:1d:b1:21:f1:0b:
45:57:7f:41:f3:49:15:04:f4:e0:e1:02:1d:d9:1c:db:51:4e:
59:d7:1b:0b:28:1e:49:ee:db:f7:2d:41:f3:48:e4:dc:68:cb:
6e:ef:27:2d:f0:d9:14:2d:f9:07:c5:6e:96:a4:35:3a:7a:47:
3f:e1:55:b7:60:d2:8e:65:bb:88:ac:6a:51:ac:12:56:e7:ee:
e6:e1:6f:fa:0e:02:b4:2a:ac:be:16:7c:bc:ee:ab:52:3e:f3:
b6:9a:7f:da:ef:06:4a:83:05:0c:a9:28:f7:36:cf:74:70:f7:
bd:1b:32:0d:5b:9d:2d:69:7e:7b:77:39:37:4d:4f:64:a0:20:
3e:fa:42:21
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVvAkDOSKEwIx83I0ZavB15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTg5NjIxZDJmYTg3MjE2NmU2YTA1ZWU0N2E3ZDc1NjI0
M2U5MTkwHhcNMjMwMTAxMjAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZkOTIxODFjMzc0YWNhMDMxYjE3NWM3NWQ4NjIyODk3MzdhOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntqHhH4AqHsxfC6v9mT/+il9UIYt
wRZyl7y0S098MPmJXU/97zMo1k3oJTINZLgb2JvjhleACIVICqYT0+1gJOhnvHEe
4jRcoGzs4ikFNs0uC9JkgvVYyUp3qOYHIuu5CpTjnAxkChrHBm2krJEr5M9dwpYh
eVtp9V0d3XG6gqZYQNf3FUkmraxQ+wprRfMPH+OqtZq2wjXihqZTPknBVidYlfba
ALxy5/ixXgE1ir2eqLtqE7Mq2+9o7x5F6ml2sPjvc+eaPMgAhxVfjvzQL3/3gnFm
W54MQxKu1Ha2g5OQcXsweamFwnD5QT1503q24DMOWiIdHOJumVZN6S1X3QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHttkhgcN0rKAxsXXHXYYiiXN6jcMB8GA1UdIwQY
MBaAFN0YliHS+ochZuagXuR6fXViQ+kZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JpV0lkTDZoeUZtNXFCZTVIcDlkV0pENlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kNjMyN2YtODAzZS00N2ZjLThlMjUt
NDQzMTFmOWNiODU2LzEvZTIyU0dCdzNTc29ER3hkY2RkaGlLSmMzcU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kNjMyN2YtODAzZS00N2ZjLThlMjUtNDQzMTFmOWNiODU2
LzEvM1JpV0lkTDZoeUZtNXFCZTVIcDlkV0pENlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGbX0AAwQC
uTNIAwQA1IFAMAwDBAHUgUIDBAXUgUAwDQQCAAIwBwMFACoBs0AwDQYJKoZIhvcN
AQELBQADggEBAAzO6rvrw+Vl1IiklxkQBAml0KMzyltkr1TToRsghP8P5G/1Oyx8
O3mdGzK+uuU8VjbcvlcuSlSs0+lvPKOLZDQmMfav2Qf+pwd9RZDg5AeVW03p+U7f
xXQkr6wKQjmu7wFyu6g3D0oX/4ApeuYzmpM5y+fGjknfmqgdsSHxC0VXf0HzSRUE
9ODhAh3ZHNtRTlnXGwsoHknu2/ctQfNI5Nxoy27vJy3w2RQt+QfFbpakNTp6Rz/h
Vbdg0o5lu4isalGsElbn7ubhb/oOArQqrL4WfLzuq1I+87aaf9rvBkqDBQypKPc2
z3Rw970bMg1bnS1pfnt3OTdNT2SgID76QiE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:48 2025 by rpki-client