Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/DEDJj9pjSMxAAKkVd-fu2cHxUeU.roa
File: DEDJj9pjSMxAAKkVd-fu2cHxUeU.roa (raw, json)
Hash identifier: KXOwyiJQv70ghZWleLwRX0NBbJ8JrCszp/l6ZsyzXtM=
Subject key identifier: 0C:40:C9:8F:DA:63:48:CC:40:00:A9:15:77:E7:EE:D9:C1:F1:51:E5
Certificate issuer: /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Certificate serial: 018570FBDD7CE5AB61C6FF71F97C639A7A10
Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/DEDJj9pjSMxAAKkVd-fu2cHxUeU.roa
Signing time: Mon 02 Jan 2023 05:37:12 +0000
ROA not before: Mon 02 Jan 2023 05:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29695
IP address blocks: 188.228.0.0/17 maxlen: 17
45.13.240.0/22 maxlen: 22
37.97.0.0/18 maxlen: 18
2a00:fd00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:dd:7c:e5:ab:61:c6:ff:71:f9:7c:63:9a:7a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Validity
Not Before: Jan 2 05:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c40c98fda6348cc4000a91577e7eed9c1f151e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:52:0d:2a:ab:c6:00:56:0a:14:58:28:6f:6c:
0a:5a:7c:2b:74:48:83:f9:c4:8d:78:21:f7:63:0d:
cd:9a:b6:ff:a6:6b:9e:7b:c7:0f:35:2d:fe:76:a1:
db:e1:ad:c7:eb:ee:ff:24:8b:c0:f1:a9:eb:74:8e:
6e:6b:91:90:de:34:78:12:8e:59:16:68:b2:13:c2:
a8:00:d1:00:05:3b:10:80:5a:8e:4b:8e:ac:89:98:
a6:75:de:61:b4:d6:12:55:87:3c:0c:fd:fc:76:18:
8a:be:e5:e3:7f:c3:f6:c0:02:04:23:be:34:84:81:
af:1d:4f:1c:aa:cb:1e:71:96:94:40:bb:cd:b4:d9:
8c:7d:6c:96:e9:f9:66:86:f0:30:99:a1:52:73:59:
43:53:6e:85:a0:c8:0d:d3:ae:52:51:a4:34:9c:9b:
65:69:1c:78:a9:77:fa:34:7f:60:96:7f:d4:55:68:
d9:48:99:11:1c:6b:2e:99:5e:37:30:da:aa:96:9d:
a2:92:30:65:5b:00:35:c0:53:a8:c2:ea:7a:f4:bc:
6a:c7:35:7e:d4:d1:19:ee:36:95:01:2f:f5:e2:14:
fe:ee:dc:04:96:3e:26:72:68:66:50:e4:1c:16:11:
72:4b:ab:11:d7:19:b5:d8:5b:cd:da:44:4a:24:0c:
b8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:40:C9:8F:DA:63:48:CC:40:00:A9:15:77:E7:EE:D9:C1:F1:51:E5
X509v3 Authority Key Identifier:
keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/DEDJj9pjSMxAAKkVd-fu2cHxUeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.0.0/18
45.13.240.0/22
188.228.0.0/17
IPv6:
2a00:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
19:c5:51:b3:eb:c6:12:a3:a3:5c:97:22:05:24:bc:95:2f:1c:
31:9e:15:65:5d:ec:91:f5:3e:a7:38:f5:1b:01:75:50:ed:4b:
43:13:c1:fb:e4:cc:fc:28:9d:b2:c6:dd:3b:18:db:86:ec:a9:
ba:00:54:b2:9e:3f:9a:fe:fb:ce:2d:19:db:be:25:38:5b:3e:
39:de:70:a9:af:12:54:d9:41:d9:37:a6:a9:c4:1c:ab:29:24:
7c:93:4c:38:41:a3:3b:ca:53:6a:99:1e:48:49:f6:a6:10:f7:
39:ee:df:7e:87:ac:4e:cc:1c:97:39:dc:50:be:92:b8:b0:84:
84:a0:66:8e:94:7b:8b:1d:fa:aa:ef:5b:7f:cf:cb:7e:3c:2a:
76:dd:b9:d2:79:b8:82:23:8c:c0:9a:6e:0e:70:38:26:49:aa:
1f:27:60:5d:74:b2:63:d1:61:37:10:3b:76:20:80:31:93:f7:
b4:14:a3:04:b2:04:38:8e:99:a6:61:48:b2:ac:58:8e:2f:92:
40:24:df:d0:c7:62:6f:9f:91:c8:87:c9:89:f7:1d:40:11:21:
1e:3d:5f:bb:53:22:ef:e5:be:5f:98:af:34:90:1f:a0:f2:f1:
65:d6:43:e4:c9:33:d9:a8:c9:0a:eb:78:a6:7a:40:4e:a2:29:
86:26:1a:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVw+9185athxv9x+XxjmnoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTI5YjA0NjBjZjllZTA1MDBlZTg4MGEyY2ZhMWE1MjRl
NGRmMDAwHhcNMjMwMTAyMDUzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQwYzk4ZmRhNjM0OGNjNDAwMGE5MTU3N2U3ZWVkOWMxZjE1MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1INKqvGAFYKFFgob2wKWnwrdEiD
+cSNeCH3Yw3Nmrb/pmuee8cPNS3+dqHb4a3H6+7/JIvA8anrdI5ua5GQ3jR4Eo5Z
FmiyE8KoANEABTsQgFqOS46siZimdd5htNYSVYc8DP38dhiKvuXjf8P2wAIEI740
hIGvHU8cqssecZaUQLvNtNmMfWyW6flmhvAwmaFSc1lDU26FoMgN065SUaQ0nJtl
aRx4qXf6NH9gln/UVWjZSJkRHGsumV43MNqqlp2ikjBlWwA1wFOowup69LxqxzV+
1NEZ7jaVAS/14hT+7twElj4mcmhmUOQcFhFyS6sR1xm12FvN2kRKJAy4HQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAxAyY/aY0jMQACpFXfn7tnB8VHlMB8GA1UdIwQY
MBaAFF0SmwRgz57gUA7ogKLPoaUk5N8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEt
YTg3N2RkNTFiYzQ5LzEvREVESmo5cGpTTXhBQUtrVmQtZnUyY0h4VWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEtYTg3N2RkNTFiYzQ5
LzEvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGJWEAAwQC
LQ3wAwQHvOQAMA0EAgACMAcDBQAqAP0AMA0GCSqGSIb3DQEBCwUAA4IBAQAZxVGz
68YSo6NclyIFJLyVLxwxnhVlXeyR9T6nOPUbAXVQ7UtDE8H75Mz8KJ2yxt07GNuG
7Km6AFSynj+a/vvOLRnbviU4Wz453nCprxJU2UHZN6apxByrKSR8k0w4QaM7ylNq
mR5ISfamEPc57t9+h6xOzByXOdxQvpK4sISEoGaOlHuLHfqq71t/z8t+PCp23bnS
ebiCI4zAmm4OcDgmSaofJ2BddLJj0WE3EDt2IIAxk/e0FKMEsgQ4jpmmYUiyrFiO
L5JAJN/Qx2Jvn5HIh8mJ9x1AESEePV+7UyLv5b5fmK80kB+g8vFl1kPkyTPZqMkK
63imekBOoimGJhoW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:04 2025 by rpki-client