Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/rt0DueytzSEY6Bu-aPFZCOk1ZH0.roa
File: rt0DueytzSEY6Bu-aPFZCOk1ZH0.roa (raw, json)
Hash identifier: iPl4RPrKTVM/zX5XbinlVzyGCIAj+mUuKocU9l4WXKo=
Subject key identifier: AE:DD:03:B9:EC:AD:CD:21:18:E8:1B:BE:68:F1:59:08:E9:35:64:7D
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 01847CB3B868010A271C62DD0CB08B9999E7
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/rt0DueytzSEY6Bu-aPFZCOk1ZH0.roa
Signing time: Tue 15 Nov 2022 19:11:03 +0000
ROA not before: Tue 15 Nov 2022 19:11:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203936
IP address blocks: 185.240.88.0/23 maxlen: 23
185.240.90.0/23 maxlen: 23
89.34.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:b3:b8:68:01:0a:27:1c:62:dd:0c:b0:8b:99:99:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Nov 15 19:11:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aedd03b9ecadcd2118e81bbe68f15908e935647d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6d:56:3e:0d:82:75:dc:86:b3:75:18:b4:f4:
28:2f:3c:36:d2:a5:c0:1f:42:ee:0b:10:96:0e:6b:
4a:4a:e8:f2:a9:69:89:6c:c0:3e:ce:36:73:28:97:
d8:8e:cf:34:dc:40:0e:31:c6:98:92:81:e8:e2:c2:
f3:df:44:b8:0e:9c:66:0d:1f:bf:a7:7f:3c:2d:64:
7a:c4:62:b6:58:30:02:97:f3:5a:6b:e8:8a:fe:8c:
94:1d:89:17:8a:46:f4:f1:b7:6f:be:ae:c6:7b:15:
ad:58:9a:aa:55:f3:a2:35:03:4e:94:10:c3:2e:48:
64:ce:73:b0:8b:7d:f6:97:5d:a6:2f:49:e6:2f:e5:
51:f5:2f:cd:ab:d3:fb:f1:86:c7:55:29:de:9e:20:
fa:c3:5e:11:bd:d6:8e:31:66:f3:ff:bd:31:1e:f7:
40:b8:89:f7:8a:20:41:12:31:15:c8:5f:42:1b:48:
c4:fe:cb:34:95:38:32:74:be:53:f0:e5:43:d0:df:
83:cd:13:dc:a8:95:38:14:d3:3b:a5:08:74:49:78:
11:a5:ae:19:8c:95:ce:e8:74:db:eb:9c:d1:ba:e0:
a2:7d:64:d0:ac:4a:51:ea:64:c7:b5:1b:76:29:73:
f5:b1:c7:20:88:71:af:ef:e2:13:bc:6b:6c:e8:95:
f9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DD:03:B9:EC:AD:CD:21:18:E8:1B:BE:68:F1:59:08:E9:35:64:7D
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/rt0DueytzSEY6Bu-aPFZCOk1ZH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.76.0/24
185.240.88.0/22
Signature Algorithm: sha256WithRSAEncryption
56:ae:12:53:17:5e:89:01:69:c8:60:7d:2c:22:be:cb:2c:5b:
65:75:d7:86:85:49:94:50:b0:e2:7a:54:f6:b4:b7:49:dd:d3:
b7:66:6f:23:0e:f1:18:7f:8e:4c:86:2f:4d:30:74:75:f3:8b:
06:28:be:02:6b:3f:01:6b:01:0f:06:c8:01:e9:e8:ac:c4:b3:
a8:9e:f9:92:3e:22:2e:ea:9a:de:bf:65:14:6c:a0:40:3b:95:
1a:18:b0:ad:9f:2e:e2:28:ba:81:9b:1b:c9:70:f8:7f:1f:0c:
5b:dd:56:5e:7b:9a:a6:fb:6e:74:f7:70:f4:d6:45:d3:06:e5:
02:25:8e:c6:f9:80:76:c0:da:c4:9d:63:fc:b0:34:9a:a2:f7:
2b:cd:2d:83:6b:9b:d5:d9:72:36:56:ef:7c:ea:4a:75:e2:ec:
2c:f0:d4:71:8b:08:00:bf:3b:22:99:ac:eb:ed:69:4e:4d:d2:
09:8c:c4:30:2b:ea:9b:26:30:36:54:88:91:0d:43:b5:dc:bd:
98:f5:b7:a0:31:5e:65:5a:a7:15:9e:5e:ee:2b:91:3f:dd:96:
bd:6d:c8:2e:c6:22:1a:3c:14:53:62:c9:65:f8:f6:0a:34:58:
e9:06:05:12:6b:9d:03:9f:1e:68:ef:95:1e:25:96:a0:38:f5:
f6:a1:57:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR8s7hoAQonHGLdDLCLmZnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjIxMTE1MTkxMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWRkMDNiOWVjYWRjZDIxMThlODFiYmU2OGYxNTkwOGU5MzU2NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W1WPg2CddyGs3UYtPQoLzw20qXA
H0LuCxCWDmtKSujyqWmJbMA+zjZzKJfYjs803EAOMcaYkoHo4sLz30S4DpxmDR+/
p388LWR6xGK2WDACl/Naa+iK/oyUHYkXikb08bdvvq7GexWtWJqqVfOiNQNOlBDD
LkhkznOwi332l12mL0nmL+VR9S/Nq9P78YbHVSneniD6w14RvdaOMWbz/70xHvdA
uIn3iiBBEjEVyF9CG0jE/ss0lTgydL5T8OVD0N+DzRPcqJU4FNM7pQh0SXgRpa4Z
jJXO6HTb65zRuuCifWTQrEpR6mTHtRt2KXP1sccgiHGv7+ITvGts6JX5BQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK7dA7nsrc0hGOgbvmjxWQjpNWR9MB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvcnQwRHVleXR6U0VZNkJ1LWFQRlpDT2sxWkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSJMAwQC
ufBYMA0GCSqGSIb3DQEBCwUAA4IBAQBWrhJTF16JAWnIYH0sIr7LLFtlddeGhUmU
ULDielT2tLdJ3dO3Zm8jDvEYf45Mhi9NMHR184sGKL4Caz8BawEPBsgB6eisxLOo
nvmSPiIu6prev2UUbKBAO5UaGLCtny7iKLqBmxvJcPh/Hwxb3VZee5qm+25093D0
1kXTBuUCJY7G+YB2wNrEnWP8sDSaovcrzS2Da5vV2XI2Vu986kp14uws8NRxiwgA
vzsimazr7WlOTdIJjMQwK+qbJjA2VIiRDUO13L2Y9begMV5lWqcVnl7uK5E/3Za9
bcguxiIaPBRTYsll+PYKNFjpBgUSa50Dnx5o75UeJZagOPX2oVe+
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:02:30 2025 by rpki-client