Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa
File: dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa (raw, json)
Hash identifier: FJHLKUgLhw1LeTdR/nyKhRERzqBOrZfMABcQLiaWImQ=
Subject key identifier: 74:B3:6C:01:FC:6E:EC:E8:3A:7D:3C:F3:EC:1A:32:AF:95:7C:4E:92
Certificate issuer: /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial: 0CA6A782
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa
Signing time: Sat 01 Jan 2022 05:53:10 +0000
ROA not before: Sat 01 Jan 2022 05:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34683
IP address blocks: 195.137.228.0/23 maxlen: 23
212.24.192.0/19 maxlen: 19
212.24.193.0/24 maxlen: 24
185.69.216.0/22 maxlen: 22
87.254.96.0/19 maxlen: 19
2001:1698::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212248450 (0xca6a782)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
Validity
Not Before: Jan 1 05:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74b36c01fc6eece83a7d3cf3ec1a32af957c4e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:a5:d2:17:5f:f2:8b:ca:d6:a8:7d:36:e5:
3c:1c:2b:10:f0:e4:69:de:1a:de:5c:cf:7f:a4:82:
ad:20:e1:30:37:9c:94:87:e4:89:45:a9:89:55:44:
0a:7a:7b:cd:70:67:8e:47:8f:ac:f2:d6:7e:8f:fe:
7c:6c:eb:fa:ed:f0:79:6c:e5:6f:54:28:33:64:e0:
02:3a:a0:39:46:dd:35:35:ad:30:53:23:57:82:7e:
e6:a9:a1:26:0c:07:66:be:28:46:c1:3a:9a:13:57:
6a:b2:ba:cb:45:e5:8f:85:0c:cb:9f:af:c8:39:b9:
0d:e8:68:5c:47:f8:53:9c:d3:27:b3:68:b5:c8:7d:
b8:be:e4:36:d4:e1:f0:bd:b7:e5:1a:12:28:c6:2e:
e0:67:db:2a:63:a8:b9:7c:2e:f5:6b:83:24:93:ed:
9c:10:57:20:71:ae:3c:0f:f7:a8:5d:11:92:fe:fa:
0d:1b:3e:54:c5:b9:7c:05:b0:45:54:c2:43:d0:68:
e8:70:12:4a:d5:7d:ca:aa:86:83:0f:37:b1:36:2e:
da:40:e0:e7:32:ab:65:bc:ba:42:97:00:9b:eb:82:
9a:6d:5c:29:10:68:ef:4d:bf:03:63:a2:3f:e4:29:
ad:16:40:9a:00:c7:0c:26:8b:0a:b1:e6:7c:3f:fc:
f8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B3:6C:01:FC:6E:EC:E8:3A:7D:3C:F3:EC:1A:32:AF:95:7C:4E:92
X509v3 Authority Key Identifier:
keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.96.0/19
185.69.216.0/22
195.137.228.0/23
212.24.192.0/19
IPv6:
2001:1698::/32
Signature Algorithm: sha256WithRSAEncryption
2a:a9:9c:a4:42:ed:83:a7:ba:e6:0f:7e:61:ee:46:7f:27:0b:
77:86:ef:b0:1a:76:21:cf:e6:cb:94:27:ed:22:67:ac:68:9e:
40:0a:87:18:63:56:83:0a:66:12:bf:62:6c:88:4f:59:9b:79:
2c:73:fe:ea:99:8c:91:c5:b3:1f:3a:79:45:fb:89:75:26:c0:
21:f7:b3:ab:60:43:08:44:7f:42:b9:12:b1:be:1b:ed:5e:cd:
f1:11:c6:ac:42:c9:d7:61:1a:93:54:d5:cc:ce:ff:a7:08:be:
e1:f5:4b:b3:71:cb:20:c0:2d:8d:75:3a:02:b4:3b:db:95:55:
a7:50:dc:40:01:35:2c:54:da:19:4d:f5:38:b4:13:2b:d8:45:
25:d0:b7:bc:7b:d9:a0:34:21:3f:d7:b5:99:e2:5f:e1:33:e9:
3d:e0:80:62:a7:9b:72:c8:8d:55:5d:82:8d:81:9f:9a:6e:f3:
c8:39:78:6c:1a:d6:14:73:47:9d:cc:7e:a7:42:30:9b:d0:6b:
99:d0:c0:65:8c:ed:a4:95:bd:90:73:63:51:5c:90:50:86:82:
01:ca:50:4e:c0:96:a1:4a:d9:15:5c:86:59:32:30:f0:6a:23:
2c:2b:b5:8b:e9:da:b1:f7:c1:e9:5f:4f:60:69:d8:b6:5c:4f:
79:af:29:48
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDKangjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTM3ODQzZjA3NTIyMjQ0NTllNjAzNDU2OWEyMTdjOGI2MTE1NjRiMB4XDTIyMDEw
MTA1NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRiMzZjMDFmYzZl
ZWNlODNhN2QzY2YzZWMxYTMyYWY5NTdjNGU5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7jpdIXX/KLytaofTblPBwrEPDkad4a3lzPf6SCrSDhMDec
lIfkiUWpiVVECnp7zXBnjkePrPLWfo/+fGzr+u3weWzlb1QoM2TgAjqgOUbdNTWt
MFMjV4J+5qmhJgwHZr4oRsE6mhNXarK6y0Xlj4UMy5+vyDm5DehoXEf4U5zTJ7No
tch9uL7kNtTh8L235RoSKMYu4GfbKmOouXwu9WuDJJPtnBBXIHGuPA/3qF0Rkv76
DRs+VMW5fAWwRVTCQ9Bo6HASStV9yqqGgw83sTYu2kDg5zKrZby6QpcAm+uCmm1c
KRBo702/A2OiP+QprRZAmgDHDCaLCrHmfD/8+L8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBR0s2wB/G7s6Dp9PPPsGjKvlXxOkjAfBgNVHSMEGDAWgBTKN4Q/B1IiRFnm
A0VpohfIthFWSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lqZUVQd2RTSWtSWjVnTkZhYUlYeUxZUlZrcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvZDcxNmNkLWQ3OWYtNDQ4NC05Njg1LThmZTc4NGUzMWU1ZC8x
L2RMTnNBZnh1N09nNmZUeno3Qm95cjVWOFRwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ZDcxNmNkLWQ3OWYtNDQ4NC05Njg1LThmZTc4NGUzMWU1ZC8xL3lqZUVQd2RTSWtS
WjVnTkZhYUlYeUxZUlZrcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVf+YAMEArlF2AMEAcOJ5AMEBdQY
wDANBAIAAjAHAwUAIAEWmDANBgkqhkiG9w0BAQsFAAOCAQEAKqmcpELtg6e65g9+
Ye5GfycLd4bvsBp2Ic/my5Qn7SJnrGieQAqHGGNWgwpmEr9ibIhPWZt5LHP+6pmM
kcWzHzp5RfuJdSbAIfezq2BDCER/QrkSsb4b7V7N8RHGrELJ12Eak1TVzM7/pwi+
4fVLs3HLIMAtjXU6ArQ725VVp1DcQAE1LFTaGU31OLQTK9hFJdC3vHvZoDQhP9e1
meJf4TPpPeCAYqebcsiNVV2CjYGfmm7zyDl4bBrWFHNHncx+p0Iwm9BrmdDAZYzt
pJW9kHNjUVyQUIaCAcpQTsCWoUrZFVyGWTIw8GojLCu1i+nasffB6V9PYGnYtlxP
ea8pSA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:08 2025 by rpki-client