Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/DISGmytsTiB0UT82lzdHbS7ouI8.roa
File: DISGmytsTiB0UT82lzdHbS7ouI8.roa (raw, json)
Hash identifier: cVQN4NP0VTLZ38NuGK2+UdytLZAVXn2FIvs2XI/II/0=
Subject key identifier: 0C:84:86:9B:2B:6C:4E:20:74:51:3F:36:97:37:47:6D:2E:E8:B8:8F
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 0188DF09BBD47F7E8045388D96918EF3E006
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/DISGmytsTiB0UT82lzdHbS7ouI8.roa
Signing time: Wed 21 Jun 2023 17:38:56 +0000
ROA not before: Wed 21 Jun 2023 17:38:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29505
IP address blocks: 149.249.127.0/24 maxlen: 24
149.249.64.0/18 maxlen: 18
185.111.68.0/22 maxlen: 22
85.233.0.0/19 maxlen: 19
2a07:6c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:df:09:bb:d4:7f:7e:80:45:38:8d:96:91:8e:f3:e0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Jun 21 17:38:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c84869b2b6c4e2074513f369737476d2ee8b88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:70:37:d7:c1:7e:62:15:04:04:76:14:d6:0f:
2d:9f:1e:aa:d0:7c:c3:09:e4:3e:39:b5:48:1d:d5:
00:24:53:71:f4:f8:0d:f9:37:b9:ff:2d:13:f1:fc:
64:90:41:96:d9:49:30:07:bf:81:10:19:56:d5:d8:
73:7f:aa:d7:1b:04:9a:d7:09:07:93:68:4a:11:af:
c2:a7:b1:fd:e3:99:50:69:63:58:9b:dc:da:56:49:
ad:0a:f7:fc:15:11:ca:d7:fe:30:6c:7b:97:32:a9:
f7:3d:a3:f1:24:cb:b6:e9:66:c0:3d:fc:31:59:5a:
58:6b:ca:2e:de:e0:71:db:3d:fa:0c:32:8c:c4:aa:
67:7b:35:4b:93:88:1c:9f:3d:11:34:09:a0:1a:2b:
bb:4f:fc:95:37:2d:96:06:a3:22:b8:c7:35:36:cd:
eb:12:e6:85:a4:00:c1:82:1c:60:ca:9b:5d:9e:9d:
b4:79:1b:07:5b:80:97:26:8b:77:03:e6:7b:eb:0d:
a9:8d:d7:75:f9:5b:ae:3d:ce:0f:bd:67:e2:a7:21:
12:f3:34:f1:b0:4f:87:38:e6:1f:a4:40:82:9d:57:
17:72:89:3d:0e:ec:df:1c:f2:5c:d5:95:b7:cc:45:
6c:8b:60:48:90:e8:09:93:57:55:51:53:43:a8:3c:
8c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:84:86:9B:2B:6C:4E:20:74:51:3F:36:97:37:47:6D:2E:E8:B8:8F
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/DISGmytsTiB0UT82lzdHbS7ouI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.233.0.0/19
149.249.64.0/18
185.111.68.0/22
IPv6:
2a07:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:46:a4:c8:42:c0:d8:13:27:95:6b:d6:d9:92:54:e8:d4:e8:
5a:c0:04:39:7d:5c:eb:d8:e7:44:b8:eb:97:96:bc:ea:2d:4d:
70:82:a7:af:82:f0:8f:9e:b9:76:5d:ae:cf:6c:19:88:68:bd:
80:b2:d5:17:7e:98:13:6a:c2:d7:ea:f2:60:68:0d:6b:80:81:
2e:30:fb:23:5b:9d:2d:8e:0c:7e:d9:3d:3d:86:33:fd:5b:18:
ed:a3:91:51:07:c1:22:d3:1e:5d:be:aa:38:65:66:bc:3b:16:
42:1d:c9:ba:72:69:11:2f:83:82:0e:1b:f6:25:c7:55:5c:c7:
d7:ec:b4:c1:ef:d8:b6:ab:13:42:e6:8d:ba:b2:09:b1:10:74:
66:a7:e8:d6:47:a4:69:06:94:12:3a:7c:b8:22:de:a0:1b:be:
d9:c4:71:07:61:f1:d7:60:e1:11:55:7d:03:5a:7b:dd:88:08:
60:18:b2:c0:86:1a:e7:8d:78:76:fd:b5:02:45:05:99:f3:d7:
85:4b:e9:db:10:88:ce:dc:75:90:ba:9d:b5:b4:22:c1:10:12:
f7:fa:75:5e:ff:a7:7e:94:b1:a4:8e:78:9a:60:08:f4:12:93:
21:d6:ce:37:b5:9f:19:45:38:25:2b:1d:45:e1:6d:7c:e7:a5:
cc:20:6c:da
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYjfCbvUf36ARTiNlpGO8+AGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjMwNjIxMTczODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg0ODY5YjJiNmM0ZTIwNzQ1MTNmMzY5NzM3NDc2ZDJlZThiODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHA318F+YhUEBHYU1g8tnx6q0HzD
CeQ+ObVIHdUAJFNx9PgN+Te5/y0T8fxkkEGW2UkwB7+BEBlW1dhzf6rXGwSa1wkH
k2hKEa/Cp7H945lQaWNYm9zaVkmtCvf8FRHK1/4wbHuXMqn3PaPxJMu26WbAPfwx
WVpYa8ou3uBx2z36DDKMxKpnezVLk4gcnz0RNAmgGiu7T/yVNy2WBqMiuMc1Ns3r
EuaFpADBghxgyptdnp20eRsHW4CXJot3A+Z76w2pjdd1+VuuPc4PvWfipyES8zTx
sE+HOOYfpECCnVcXcok9DuzfHPJc1ZW3zEVsi2BIkOgJk1dVUVNDqDyMFQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAyEhpsrbE4gdFE/Npc3R20u6LiPMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvRElTR215dHNUaUIwVVQ4Mmx6ZEhiUzdvdUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVekAAwQG
lflAAwQCuW9EMA0EAgACMAcDBQMqB2xAMA0GCSqGSIb3DQEBCwUAA4IBAQAdRqTI
QsDYEyeVa9bZklTo1OhawAQ5fVzr2OdEuOuXlrzqLU1wgqevgvCPnrl2Xa7PbBmI
aL2AstUXfpgTasLX6vJgaA1rgIEuMPsjW50tjgx+2T09hjP9Wxjto5FRB8Ei0x5d
vqo4ZWa8OxZCHcm6cmkRL4OCDhv2JcdVXMfX7LTB79i2qxNC5o26sgmxEHRmp+jW
R6RpBpQSOny4It6gG77ZxHEHYfHXYOERVX0DWnvdiAhgGLLAhhrnjXh2/bUCRQWZ
89eFS+nbEIjO3HWQup21tCLBEBL3+nVe/6d+lLGkjniaYAj0EpMh1s43tZ8ZRTgl
Kx1F4W1856XMIGza
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:18 2025 by rpki-client