Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/dCTZGbkpVVu-89ZYZQ0uMCO1gd8.roa
File: dCTZGbkpVVu-89ZYZQ0uMCO1gd8.roa (raw, json)
Hash identifier: 9OBcJ4lek5VWirv/b2XHZsWhoZuU8uiIBNRFOYBXDS4=
Subject key identifier: 74:24:D9:19:B9:29:55:5B:BE:F3:D6:58:65:0D:2E:30:23:B5:81:DF
Certificate issuer: /CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Certificate serial: 01857170A5876E238AB1B8CB896233E42561
Authority key identifier: A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/dCTZGbkpVVu-89ZYZQ0uMCO1gd8.roa
Signing time: Mon 02 Jan 2023 07:44:45 +0000
ROA not before: Mon 02 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39684
IP address blocks: 81.88.80.0/22 maxlen: 22
81.88.84.0/24 maxlen: 24
81.88.85.0/24 maxlen: 24
81.88.87.0/24 maxlen: 24
81.88.88.0/24 maxlen: 24
81.88.86.0/24 maxlen: 24
81.88.95.0/24 maxlen: 24
185.200.140.0/24 maxlen: 24
185.200.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:a5:87:6e:23:8a:b1:b8:cb:89:62:33:e4:25:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Validity
Not Before: Jan 2 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7424d919b929555bbef3d658650d2e3023b581df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c7:d8:ec:4c:f2:35:eb:fa:0e:69:7b:89:82:
c8:0e:a6:c4:a5:e4:c3:8b:51:7a:8f:47:23:9a:08:
38:3a:57:e6:b5:6b:61:5e:7d:ae:42:ca:52:e0:33:
56:7b:cd:aa:ee:de:c7:5b:39:f5:7f:3c:9c:dc:7a:
0f:3d:ff:3c:24:a6:43:b7:0a:3d:dc:31:03:69:03:
9e:fb:b5:5f:a0:e3:54:b7:42:f4:ec:b0:ea:c9:01:
49:7d:31:91:ea:18:86:4f:db:ed:7a:73:d3:55:82:
d6:b2:ba:8a:bd:f6:d1:64:26:5b:b3:17:c7:88:6c:
4d:39:c3:57:ba:02:39:4f:db:a9:58:dd:b5:76:b2:
c6:9e:db:4d:fa:ab:89:ff:0b:b8:f6:84:eb:1e:79:
b0:4d:4d:b9:9a:cb:9a:c8:dc:fd:6c:83:4d:71:8e:
ac:85:a8:2c:65:22:ef:ec:76:a3:31:b8:6f:3e:5d:
25:62:0b:52:ef:f0:14:d3:68:88:f8:52:8c:a6:46:
1e:68:3f:33:21:9c:54:0c:71:58:e3:64:19:b3:7e:
a9:93:ce:37:41:49:79:fa:bc:12:54:72:90:34:e0:
df:60:a1:ca:19:20:4d:b9:01:b4:a8:01:00:74:ec:
aa:ca:72:8f:67:c9:a0:82:9b:0d:a3:56:6b:28:73:
14:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:24:D9:19:B9:29:55:5B:BE:F3:D6:58:65:0D:2E:30:23:B5:81:DF
X509v3 Authority Key Identifier:
keyid:A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/dCTZGbkpVVu-89ZYZQ0uMCO1gd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/qIXNvd_X0TFoRb609zmPPOZPrNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.80.0-81.88.88.255
81.88.95.0/24
185.200.140.0/23
Signature Algorithm: sha256WithRSAEncryption
35:6b:85:bd:64:5f:66:24:f4:3f:25:66:5f:6f:e3:1e:f2:00:
07:05:44:95:a2:cd:e9:51:1d:cf:ae:63:27:a3:63:b3:9b:b3:
77:50:79:f0:a4:76:9e:e2:66:0f:21:e7:5b:35:81:2b:4b:b8:
db:09:52:c7:cc:65:8c:89:c6:f5:be:b7:5b:77:f5:0f:db:31:
37:22:82:b0:d2:2e:33:a8:80:2d:bf:b3:85:18:0f:23:e9:59:
3f:39:20:4a:83:56:27:77:c0:e0:a1:5f:50:72:da:c1:9c:9e:
ea:18:4c:a9:7c:cf:24:37:8a:c0:e6:32:32:2e:c8:aa:57:d1:
a9:9d:01:a1:a9:44:ad:ff:43:f0:cf:f0:be:67:f4:26:3b:1c:
d3:78:e0:13:73:35:cb:69:14:54:66:a2:e8:76:dd:0d:a0:05:
93:b0:60:41:aa:ff:8d:e7:30:dd:04:6a:22:d2:69:84:6e:68:
54:22:5f:9f:71:cf:16:6b:37:55:9a:a1:ba:ed:e3:df:97:01:
a9:30:67:f3:9d:5b:c0:c6:59:af:6a:90:40:fb:38:be:38:d5:
ff:55:85:25:f4:f6:42:df:42:35:62:06:81:94:2c:4a:14:85:
b8:08:40:f5:87:81:94:da:ce:8e:12:4b:74:94:07:83:f1:1f:
36:0e:8f:95
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxcKWHbiOKsbjLiWIz5CVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODVjZGJkZGZkN2QxMzE2ODQ1YmViNGY3Mzk4ZjNjZTY0
ZmFjZDAwHhcNMjMwMTAyMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDI0ZDkxOWI5Mjk1NTViYmVmM2Q2NTg2NTBkMmUzMDIzYjU4MWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8fY7EzyNev6Dml7iYLIDqbEpeTD
i1F6j0cjmgg4OlfmtWthXn2uQspS4DNWe82q7t7HWzn1fzyc3HoPPf88JKZDtwo9
3DEDaQOe+7VfoONUt0L07LDqyQFJfTGR6hiGT9vtenPTVYLWsrqKvfbRZCZbsxfH
iGxNOcNXugI5T9upWN21drLGnttN+quJ/wu49oTrHnmwTU25msuayNz9bINNcY6s
hagsZSLv7HajMbhvPl0lYgtS7/AU02iI+FKMpkYeaD8zIZxUDHFY42QZs36pk843
QUl5+rwSVHKQNODfYKHKGSBNuQG0qAEAdOyqynKPZ8mggpsNo1ZrKHMUZQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHQk2Rm5KVVbvvPWWGUNLjAjtYHfMB8GA1UdIwQY
MBaAFKiFzb3f19ExaEW+tPc5jzzmT6zQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEt
ZjQ4Mjc4MDBiMGM4LzEvZENUWkdia3BWVnUtODlaWVpRMHVNQ08xZ2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEtZjQ4Mjc4MDBiMGM4
LzEvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARRWFAD
BABRWFgDBABRWF8DBAG5yIwwDQYJKoZIhvcNAQELBQADggEBADVrhb1kX2Yk9D8l
Zl9v4x7yAAcFRJWizelRHc+uYyejY7Obs3dQefCkdp7iZg8h51s1gStLuNsJUsfM
ZYyJxvW+t1t39Q/bMTcigrDSLjOogC2/s4UYDyPpWT85IEqDVid3wOChX1By2sGc
nuoYTKl8zyQ3isDmMjIuyKpX0amdAaGpRK3/Q/DP8L5n9CY7HNN44BNzNctpFFRm
ouh23Q2gBZOwYEGq/43nMN0EaiLSaYRuaFQiX59xzxZrN1Waobrt49+XAakwZ/Od
W8DGWa9qkED7OL441f9VhSX09kLfQjViBoGULEoUhbgIQPWHgZTazo4SS3SUB4Px
HzYOj5U=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:01 2025 by rpki-client