Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/dthV7q9fi5_R0YkDFm4myg2pgyk.roa
File: dthV7q9fi5_R0YkDFm4myg2pgyk.roa (raw, json)
Hash identifier: 4t6PzQKKyT+dg7rQuDzDr7ReGg0+EOakDCzlEMD5WIQ=
Subject key identifier: 76:D8:55:EE:AF:5F:8B:9F:D1:D1:89:03:16:6E:26:CA:0D:A9:83:29
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F023F80FCE81F07F9580E1BA2015AEC
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/dthV7q9fi5_R0YkDFm4myg2pgyk.roa
Signing time: Sun 01 Jan 2023 20:24:56 +0000
ROA not before: Sun 01 Jan 2023 20:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25144
IP address blocks: 31.223.128.0/19 maxlen: 19
31.223.128.0/21 maxlen: 21
31.223.136.0/21 maxlen: 21
31.223.144.0/21 maxlen: 21
217.24.128.0/20 maxlen: 20
94.250.64.0/18 maxlen: 18
46.239.0.0/18 maxlen: 18
31.223.152.0/21 maxlen: 21
185.35.156.0/22 maxlen: 22
81.93.66.0/24 maxlen: 24
81.93.67.0/24 maxlen: 24
81.93.69.0/24 maxlen: 24
81.93.73.0/24 maxlen: 24
81.93.84.0/24 maxlen: 24
89.111.225.0/24 maxlen: 24
89.111.224.0/19 maxlen: 19
89.111.226.0/24 maxlen: 24
81.93.86.0/24 maxlen: 24
81.93.91.0/24 maxlen: 24
89.111.227.0/24 maxlen: 24
94.250.0.0/18 maxlen: 18
89.111.231.0/24 maxlen: 24
81.93.92.0/24 maxlen: 24
89.111.235.0/24 maxlen: 24
89.111.236.0/24 maxlen: 24
89.111.240.0/24 maxlen: 24
89.111.244.0/22 maxlen: 22
89.111.248.0/22 maxlen: 22
109.165.128.0/17 maxlen: 17
62.101.144.0/20 maxlen: 20
89.111.192.0/24 maxlen: 24
89.111.192.0/19 maxlen: 19
81.93.64.0/19 maxlen: 19
89.111.192.0/18 maxlen: 18
2a00:cb00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:3f:80:fc:e8:1f:07:f9:58:0e:1b:a2:01:5a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76d855eeaf5f8b9fd1d18903166e26ca0da98329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:af:1a:b2:a1:29:8e:42:6c:6d:03:a0:e0:12:
9c:f7:c0:46:0a:4d:16:12:d2:b8:8c:c7:73:ee:73:
3b:f2:49:a6:81:3d:4f:f7:14:76:89:85:9f:91:c8:
09:23:39:a6:f7:c9:fb:66:f9:7a:49:2c:3f:6d:ec:
00:82:27:1c:a0:7a:d8:a5:8d:fe:67:8e:3c:5e:2d:
32:bc:4f:ab:d2:ca:89:47:df:80:b0:de:0f:5b:4d:
3e:3d:4a:c7:8b:c4:62:1b:a3:9f:d5:08:21:88:91:
1c:85:e2:12:a3:f3:d8:c4:f7:e4:af:6e:4e:c0:2e:
27:20:b8:82:21:e6:c7:b8:84:fc:27:89:51:39:95:
d8:7f:98:d7:1d:46:cc:6c:0d:6a:1c:d0:e6:04:58:
9b:43:e1:92:38:e9:75:08:2c:ec:38:81:6c:db:85:
c4:c3:dc:53:69:cc:87:e5:8a:31:ca:ce:be:ac:6b:
a3:c5:11:e6:5a:74:c0:63:52:a3:9c:f4:80:a9:08:
db:d1:a6:e8:84:72:59:62:68:c1:66:ff:75:d7:c1:
81:b9:b1:21:5f:b7:4b:8a:0f:96:c2:d6:e0:c2:66:
03:f2:76:cb:bb:02:94:8a:05:2e:94:b3:16:ed:a9:
a8:93:95:83:a8:8d:b2:8f:1f:be:1c:da:c6:97:6c:
6a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D8:55:EE:AF:5F:8B:9F:D1:D1:89:03:16:6E:26:CA:0D:A9:83:29
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/dthV7q9fi5_R0YkDFm4myg2pgyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.128.0/19
46.239.0.0/18
62.101.144.0/20
81.93.64.0/19
89.111.192.0/18
94.250.0.0/17
109.165.128.0/17
185.35.156.0/22
217.24.128.0/20
IPv6:
2a00:cb00::/32
Signature Algorithm: sha256WithRSAEncryption
57:b3:a3:38:97:6a:09:68:75:78:36:c3:fe:10:52:e3:ef:d9:
d0:32:08:d0:79:8a:33:56:de:2c:31:08:a1:29:77:3b:bd:c4:
93:85:68:97:05:11:d1:28:2f:88:f1:e7:c4:4d:9f:1e:41:a3:
3c:ef:cb:1c:33:2a:c8:be:68:97:d1:b3:1e:b5:66:d6:b8:34:
13:10:ac:05:c3:0d:0f:19:30:e1:08:7e:9a:0f:08:eb:89:7c:
91:95:29:0c:43:53:45:2a:c1:9e:3e:ff:16:92:5e:bd:e4:0c:
50:19:34:9b:7b:01:d6:d7:93:e9:c6:60:c8:35:d3:2a:6f:a9:
1c:bf:bc:5f:43:3e:05:46:09:ca:65:56:8c:29:00:a8:db:d6:
eb:fa:96:29:0b:52:75:00:63:18:b5:c6:42:80:cf:99:3c:ed:
4b:a4:8c:25:23:01:17:b5:6a:f1:37:ca:60:f0:5c:67:bc:89:
10:b4:48:93:ba:26:2e:68:09:cd:34:9b:ce:de:d1:d2:ad:59:
8f:cc:c8:90:03:59:41:37:ca:3f:a3:d1:cc:a0:b8:54:a1:9f:
5d:ec:1e:33:2e:c7:f0:18:d4:f6:e8:fa:26:c6:0c:3d:f7:9e:
37:81:81:55:6a:6a:fd:b4:b7:3c:92:b8:25:95:ca:08:fa:5e:
23:d5:6c:7a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVvAj+A/OgfB/lYDhuiAVrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ4NTVlZWFmNWY4YjlmZDFkMTg5MDMxNjZlMjZjYTBkYTk4MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq8asqEpjkJsbQOg4BKc98BGCk0W
EtK4jMdz7nM78kmmgT1P9xR2iYWfkcgJIzmm98n7Zvl6SSw/bewAgiccoHrYpY3+
Z448Xi0yvE+r0sqJR9+AsN4PW00+PUrHi8RiG6Of1QghiJEcheISo/PYxPfkr25O
wC4nILiCIebHuIT8J4lROZXYf5jXHUbMbA1qHNDmBFibQ+GSOOl1CCzsOIFs24XE
w9xTacyH5Yoxys6+rGujxRHmWnTAY1KjnPSAqQjb0abohHJZYmjBZv9118GBubEh
X7dLig+WwtbgwmYD8nbLuwKUigUulLMW7amok5WDqI2yjx++HNrGl2xq3QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHbYVe6vX4uf0dGJAxZuJsoNqYMpMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvZHRoVjdxOWZpNV9SMFlrREZtNG15ZzJwZ3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFH9+AAwQG
Lu8AAwQEPmWQAwQFUV1AAwQGWW/AAwQHXvoAAwQHbaWAAwQCuSOcAwQE2RiAMA0E
AgACMAcDBQAqAMsAMA0GCSqGSIb3DQEBCwUAA4IBAQBXs6M4l2oJaHV4NsP+EFLj
79nQMgjQeYozVt4sMQihKXc7vcSThWiXBRHRKC+I8efETZ8eQaM878scMyrIvmiX
0bMetWbWuDQTEKwFww0PGTDhCH6aDwjriXyRlSkMQ1NFKsGePv8Wkl695AxQGTSb
ewHW15PpxmDINdMqb6kcv7xfQz4FRgnKZVaMKQCo29br+pYpC1J1AGMYtcZCgM+Z
PO1LpIwlIwEXtWrxN8pg8FxnvIkQtEiTuiYuaAnNNJvO3tHSrVmPzMiQA1lBN8o/
o9HMoLhUoZ9d7B4zLsfwGNT26Pomxgw99543gYFVamr9tLc8krgllcoI+l4j1Wx6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:45 2025 by rpki-client