Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/dbcrdwT_htztifjIDKm7L6hmj64.roa
File: dbcrdwT_htztifjIDKm7L6hmj64.roa (raw, json)
Hash identifier: WAe8e57Iat7epUwUxODo363uq5vymhZ8Yl6vQxCePhc=
Subject key identifier: 75:B7:2B:77:04:FF:86:DC:ED:89:F8:C8:0C:A9:BB:2F:A8:66:8F:AE
Certificate issuer: /CN=83375b43ae8a53d48c888671e67fc17bf27f2b7e
Certificate serial: 01857246C9844D9412EC6FD7E2D7701C0DE9
Authority key identifier: 83:37:5B:43:AE:8A:53:D4:8C:88:86:71:E6:7F:C1:7B:F2:7F:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzdbQ66KU9SMiIZx5n_Be_J_K34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/dbcrdwT_htztifjIDKm7L6hmj64.roa
Signing time: Mon 02 Jan 2023 11:38:39 +0000
ROA not before: Mon 02 Jan 2023 11:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8395
IP address blocks: 195.170.32.0/19 maxlen: 19
2a04:dbc0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c9:84:4d:94:12:ec:6f:d7:e2:d7:70:1c:0d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83375b43ae8a53d48c888671e67fc17bf27f2b7e
Validity
Not Before: Jan 2 11:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75b72b7704ff86dced89f8c80ca9bb2fa8668fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0f:f8:bd:ab:01:d4:fd:52:13:ae:56:00:0d:
56:5e:dd:d7:e4:03:95:49:08:54:c0:e3:35:35:d7:
c0:4e:f3:b7:7d:43:31:d6:ea:d3:83:47:41:07:1d:
82:ed:9e:be:9e:b9:40:75:ad:58:11:f6:a4:98:10:
25:ac:d5:8a:4b:73:89:c9:4d:d2:80:c7:ba:13:12:
61:3b:43:6d:35:39:cd:ee:d7:40:38:68:5f:14:38:
91:27:21:3b:3d:5a:b1:3d:20:5c:92:b2:95:5e:b6:
fb:04:97:2b:4b:57:dd:24:83:84:b2:65:a5:f8:82:
2c:5d:97:27:bc:35:52:11:86:9e:d3:45:8e:d3:4c:
b9:7e:f8:1f:38:a3:34:ff:9e:4c:fa:28:2c:b0:5b:
cb:83:4d:bf:d0:7d:1f:81:99:58:6f:60:4b:5d:dd:
1c:7b:ce:9c:af:91:a7:a8:7a:6c:3d:ba:59:4d:97:
07:1c:c4:fc:2b:b9:c4:a4:00:2a:1d:65:8e:f6:3e:
8b:d0:09:41:93:8c:8c:dd:82:7c:fe:00:e6:41:47:
d2:10:34:b1:cf:f1:df:b1:11:5a:19:b9:da:b9:c9:
2c:ff:eb:77:0f:0a:0f:20:b1:93:18:38:4c:15:6a:
10:eb:f7:4f:31:a4:2a:cd:52:7d:c9:78:e2:95:71:
15:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B7:2B:77:04:FF:86:DC:ED:89:F8:C8:0C:A9:BB:2F:A8:66:8F:AE
X509v3 Authority Key Identifier:
keyid:83:37:5B:43:AE:8A:53:D4:8C:88:86:71:E6:7F:C1:7B:F2:7F:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzdbQ66KU9SMiIZx5n_Be_J_K34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/dbcrdwT_htztifjIDKm7L6hmj64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/gzdbQ66KU9SMiIZx5n_Be_J_K34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.32.0/19
IPv6:
2a04:dbc0::/30
Signature Algorithm: sha256WithRSAEncryption
27:c7:c5:28:b2:1b:19:78:40:58:8d:19:90:f2:3c:a9:24:6a:
ff:2e:a1:6f:9e:67:cb:36:a7:6e:dd:d8:c3:1a:ed:c9:94:b2:
91:40:de:9e:9f:80:d6:e7:ac:88:28:48:8f:8d:ba:15:76:8b:
12:64:0f:44:a4:f3:47:b2:b0:35:a6:eb:6c:e2:fe:bd:35:b8:
dc:b9:6f:e3:28:1e:28:5f:47:1e:ec:72:72:44:6c:ea:c1:1d:
ed:24:97:d1:20:55:16:49:13:6c:b8:78:92:27:f9:bd:3a:29:
35:c8:1b:6e:b5:db:a0:03:f9:0e:99:da:3f:1a:17:28:d7:37:
ed:21:f0:9c:1d:17:6a:10:d8:a6:b0:b1:89:8f:65:34:d6:6d:
62:93:0c:3e:8e:9c:67:77:77:f9:d1:fc:4c:ee:5d:fd:99:b2:
99:0f:25:c5:6d:3f:53:20:2b:c9:05:21:ca:6f:b5:98:bb:2a:
70:c7:e1:c4:a9:a0:11:ec:d0:f7:20:f2:9d:b3:3b:b4:2d:b3:
cc:9a:0b:cc:8f:16:09:be:43:3f:c1:dd:ff:32:4c:e0:a1:7e:
de:69:07:8d:79:c4:bb:2e:cd:44:85:ac:8c:98:f6:51:dc:6e:
a1:84:31:d1:5f:c2:7b:81:70:96:d5:83:34:a3:93:4b:b4:35:
52:50:5a:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyRsmETZQS7G/X4tdwHA3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzc1YjQzYWU4YTUzZDQ4Yzg4ODY3MWU2N2ZjMTdiZjI3
ZjJiN2UwHhcNMjMwMTAyMTEzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI3MmI3NzA0ZmY4NmRjZWQ4OWY4YzgwY2E5YmIyZmE4NjY4ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q/4vasB1P1SE65WAA1WXt3X5AOV
SQhUwOM1NdfATvO3fUMx1urTg0dBBx2C7Z6+nrlAda1YEfakmBAlrNWKS3OJyU3S
gMe6ExJhO0NtNTnN7tdAOGhfFDiRJyE7PVqxPSBckrKVXrb7BJcrS1fdJIOEsmWl
+IIsXZcnvDVSEYae00WO00y5fvgfOKM0/55M+igssFvLg02/0H0fgZlYb2BLXd0c
e86cr5GnqHpsPbpZTZcHHMT8K7nEpAAqHWWO9j6L0AlBk4yM3YJ8/gDmQUfSEDSx
z/HfsRFaGbnaucks/+t3DwoPILGTGDhMFWoQ6/dPMaQqzVJ9yXjilXEVhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHW3K3cE/4bc7Yn4yAypuy+oZo+uMB8GA1UdIwQY
MBaAFIM3W0OuilPUjIiGceZ/wXvyfyt+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pkYlE2NktVOVNNaUlaeDVuX0JlX0pfSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xOTJiYmEtMWE3NC00YmE0LTkwZDYt
NzJjNGM0YjgwNGE3LzEvZGJjcmR3VF9odHp0aWZqSURLbTdMNmhtajY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xOTJiYmEtMWE3NC00YmE0LTkwZDYtNzJjNGM0YjgwNGE3
LzEvZ3pkYlE2NktVOVNNaUlaeDVuX0JlX0pfSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFw6ogMA0E
AgACMAcDBQIqBNvAMA0GCSqGSIb3DQEBCwUAA4IBAQAnx8UoshsZeEBYjRmQ8jyp
JGr/LqFvnmfLNqdu3djDGu3JlLKRQN6en4DW56yIKEiPjboVdosSZA9EpPNHsrA1
puts4v69NbjcuW/jKB4oX0ce7HJyRGzqwR3tJJfRIFUWSRNsuHiSJ/m9Oik1yBtu
tdugA/kOmdo/Ghco1zftIfCcHRdqENimsLGJj2U01m1ikww+jpxnd3f50fxM7l39
mbKZDyXFbT9TICvJBSHKb7WYuypwx+HEqaAR7ND3IPKdszu0LbPMmgvMjxYJvkM/
wd3/MkzgoX7eaQeNecS7Ls1EhayMmPZR3G6hhDHRX8J7gXCW1YM0o5NLtDVSUFr6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:55 2025 by rpki-client