Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/9ba504-02af-4972-b0b9-822de9308e01/1/DklCcY0-E-QuHw4OG5t0zbo94Ww.roa
File: DklCcY0-E-QuHw4OG5t0zbo94Ww.roa (raw, json)
Hash identifier: /IjHr2p7iWmEOpGI8ilb+jYyUawZalrOm6+aHMbqfQk=
Subject key identifier: 0E:49:42:71:8D:3E:13:E4:2E:1F:0E:0E:1B:9B:74:CD:BA:3D:E1:6C
Certificate issuer: /CN=0e36aad7335f34e4cd829423beb089c4e0a4e874
Certificate serial: 0803B3B7
Authority key identifier: 0E:36:AA:D7:33:5F:34:E4:CD:82:94:23:BE:B0:89:C4:E0:A4:E8:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Djaq1zNfNOTNgpQjvrCJxOCk6HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/9ba504-02af-4972-b0b9-822de9308e01/1/DklCcY0-E-QuHw4OG5t0zbo94Ww.roa
Signing time: Sat 01 Jan 2022 10:03:07 +0000
ROA not before: Sat 01 Jan 2022 10:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.124.84.0/24 maxlen: 24
185.124.85.0/24 maxlen: 24
185.124.86.0/24 maxlen: 24
185.124.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134460343 (0x803b3b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e36aad7335f34e4cd829423beb089c4e0a4e874
Validity
Not Before: Jan 1 10:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e4942718d3e13e42e1f0e0e1b9b74cdba3de16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:02:8c:7b:66:c4:a6:7a:d0:19:77:10:1d:71:
0d:36:dc:51:ad:32:92:cc:90:df:3f:72:3d:2e:2e:
e3:1c:21:22:b6:04:bd:d5:be:f1:89:49:d7:c6:1a:
2d:81:56:06:93:05:5a:2f:13:63:88:16:74:7a:1b:
97:86:d9:59:e1:af:6a:1a:b2:7e:4e:18:6b:99:21:
d8:2d:46:51:95:a1:66:3a:91:a1:9b:00:2d:33:73:
00:39:14:a6:03:39:de:32:76:6a:e3:4b:13:ae:99:
aa:01:80:71:a9:f3:c0:8c:63:55:eb:f6:a7:fd:d9:
77:bc:8d:e6:94:66:36:35:13:5a:0f:f5:1f:76:30:
79:8c:e4:cd:8b:ff:bf:7f:aa:d5:7a:24:4d:69:3f:
b5:8c:a7:63:69:8e:6b:e6:7c:62:ea:3f:ab:13:9e:
7c:50:ef:49:a3:5f:a2:2a:cf:c8:fb:8e:0a:2c:31:
68:01:a4:15:77:f0:34:29:a9:ab:f4:43:dc:e2:f2:
b6:f4:96:c9:83:97:86:80:cc:e1:4d:c4:92:76:90:
ac:d0:d0:fb:23:e1:0a:f9:51:a0:02:4d:ff:83:b6:
bf:90:c7:72:04:17:5f:c9:0f:ca:48:07:1e:b7:c2:
c4:75:a6:fb:58:9a:45:cf:91:e8:ea:db:94:fb:f5:
a3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:49:42:71:8D:3E:13:E4:2E:1F:0E:0E:1B:9B:74:CD:BA:3D:E1:6C
X509v3 Authority Key Identifier:
keyid:0E:36:AA:D7:33:5F:34:E4:CD:82:94:23:BE:B0:89:C4:E0:A4:E8:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Djaq1zNfNOTNgpQjvrCJxOCk6HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9ba504-02af-4972-b0b9-822de9308e01/1/DklCcY0-E-QuHw4OG5t0zbo94Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9ba504-02af-4972-b0b9-822de9308e01/1/Djaq1zNfNOTNgpQjvrCJxOCk6HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.84.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:79:ab:09:e7:ec:ca:b9:01:83:8a:f2:70:92:8b:ff:d8:58:
3b:41:94:af:cb:86:8b:bd:25:2b:8c:fd:78:2f:b7:fe:52:ee:
39:72:6c:33:54:10:0d:5f:18:66:4d:49:0a:1e:3c:99:74:0c:
08:62:a0:62:6c:2e:7a:07:c8:d4:11:13:42:02:a2:45:0a:17:
46:43:0b:b1:d1:b1:bb:d1:25:58:42:f6:ad:55:c6:e5:68:8b:
9d:61:cf:e9:27:02:1e:50:22:1c:02:56:c0:90:92:7a:1e:17:
4b:81:5f:05:81:76:a8:8c:ef:76:52:ba:f7:80:32:fa:66:3c:
0f:1a:36:40:94:81:b8:47:90:5d:6f:aa:60:03:2a:2b:b9:d2:
23:fb:d4:71:69:23:2f:41:3f:79:9d:26:20:31:88:c8:8a:93:
5c:22:58:11:ba:58:84:5f:44:b3:78:e3:05:5e:82:81:e1:32:
8d:cf:bb:b7:12:62:8a:5a:9f:11:93:a5:df:a2:bb:7a:68:de:
8b:2f:c6:7b:e7:24:02:58:87:1e:e0:c4:91:ac:04:12:87:1c:
0a:9a:e1:17:8b:10:ff:1f:4a:2c:77:83:cc:c5:84:a2:e8:7a:
31:f3:26:f3:40:e7:92:3f:8f:9b:27:e8:2f:54:19:5e:b9:04:
3e:01:eb:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECAOztzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTM2YWFkNzMzNWYzNGU0Y2Q4Mjk0MjNiZWIwODljNGUwYTRlODc0MB4XDTIyMDEw
MTEwMDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU0OTQyNzE4ZDNl
MTNlNDJlMWYwZTBlMWI5Yjc0Y2RiYTNkZTE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMCjHtmxKZ60Bl3EB1xDTbcUa0yksyQ3z9yPS4u4xwhIrYE
vdW+8YlJ18YaLYFWBpMFWi8TY4gWdHobl4bZWeGvahqyfk4Ya5kh2C1GUZWhZjqR
oZsALTNzADkUpgM53jJ2auNLE66ZqgGAcanzwIxjVev2p/3Zd7yN5pRmNjUTWg/1
H3YweYzkzYv/v3+q1XokTWk/tYynY2mOa+Z8Yuo/qxOefFDvSaNfoirPyPuOCiwx
aAGkFXfwNCmpq/RD3OLytvSWyYOXhoDM4U3EknaQrNDQ+yPhCvlRoAJN/4O2v5DH
cgQXX8kPykgHHrfCxHWm+1iaRc+R6OrblPv1o98CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQOSUJxjT4T5C4fDg4bm3TNuj3hbDAfBgNVHSMEGDAWgBQONqrXM1805M2C
lCO+sInE4KTodDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RqYXExek5mTk9UTmdwUWp2ckNKeE9DazZIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvOWJhNTA0LTAyYWYtNDk3Mi1iMGI5LTgyMmRlOTMwOGUwMS8x
L0RrbENjWTAtRS1RdUh3NE9HNXQwemJvOTRXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
OWJhNTA0LTAyYWYtNDk3Mi1iMGI5LTgyMmRlOTMwOGUwMS8xL0RqYXExek5mTk9U
TmdwUWp2ckNKeE9DazZIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl8VDANBgkqhkiG9w0BAQsFAAOC
AQEAe3mrCefsyrkBg4rycJKL/9hYO0GUr8uGi70lK4z9eC+3/lLuOXJsM1QQDV8Y
Zk1JCh48mXQMCGKgYmwuegfI1BETQgKiRQoXRkMLsdGxu9ElWEL2rVXG5WiLnWHP
6ScCHlAiHAJWwJCSeh4XS4FfBYF2qIzvdlK694Ay+mY8Dxo2QJSBuEeQXW+qYAMq
K7nSI/vUcWkjL0E/eZ0mIDGIyIqTXCJYEbpYhF9Es3jjBV6CgeEyjc+7txJiilqf
EZOl36K7emjeiy/Ge+ckAliHHuDEkawEEoccCprhF4sQ/x9KLHeDzMWEouh6MfMm
80Dnkj+PmyfoL1QZXrkEPgHr9Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:21 2025 by rpki-client