Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/DKHJWPCbfquBrr0tvjbVGwj4fLQ.roa
File: DKHJWPCbfquBrr0tvjbVGwj4fLQ.roa (raw, json)
Hash identifier: A498bF0Jgopqp/bO46rq54t3GMtOWXzE4cHNyBQkU9A=
Subject key identifier: 0C:A1:C9:58:F0:9B:7E:AB:81:AE:BD:2D:BE:36:D5:1B:08:F8:7C:B4
Certificate issuer: /CN=9b868a76f5b4748e1e4bba834701a68577c63462
Certificate serial: 0D44B3D4
Authority key identifier: 9B:86:8A:76:F5:B4:74:8E:1E:4B:BA:83:47:01:A6:85:77:C6:34:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4aKdvW0dI4eS7qDRwGmhXfGNGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/DKHJWPCbfquBrr0tvjbVGwj4fLQ.roa
Signing time: Sat 01 Jan 2022 11:03:50 +0000
ROA not before: Sat 01 Jan 2022 11:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51234
IP address blocks: 176.117.0.0/21 maxlen: 21
176.117.2.0/24 maxlen: 24
195.191.78.0/24 maxlen: 24
195.191.78.0/23 maxlen: 23
195.191.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222606292 (0xd44b3d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b868a76f5b4748e1e4bba834701a68577c63462
Validity
Not Before: Jan 1 11:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ca1c958f09b7eab81aebd2dbe36d51b08f87cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:06:0a:c1:95:28:a3:e6:70:c2:38:94:a8:fd:
15:f8:d1:11:e5:f3:52:20:92:d9:0e:8d:89:d1:0d:
60:87:ca:c2:8d:99:ac:43:79:1d:01:1e:8e:d0:54:
62:41:41:cc:5f:15:e4:b6:9b:a8:0b:3d:ce:bc:2a:
a1:f0:fd:3a:fc:12:e3:c2:d6:9f:13:f1:c4:9c:01:
e9:01:5c:8a:fc:7c:cc:f1:98:58:dc:df:ee:b2:29:
11:45:43:49:a7:b0:9e:44:c1:4b:c6:3f:02:2b:01:
58:73:05:5f:db:9d:59:bf:b5:b8:2a:ac:de:33:72:
8a:c7:61:e9:3c:bd:4e:0f:91:cc:fb:3c:3e:78:51:
39:97:73:ab:51:8c:7d:76:22:bd:35:dd:48:02:5d:
57:70:bc:05:e8:92:56:20:a5:3a:64:6b:6a:e6:ff:
53:e4:a0:22:c4:3b:4f:b0:10:29:40:1b:a1:89:58:
f4:f5:fa:cc:99:bf:2f:f9:39:e1:7e:f0:fe:ad:8c:
d9:46:1f:f4:f7:76:1b:42:35:4e:df:7a:0a:89:11:
50:3c:14:45:f5:d2:f9:37:a8:e8:76:e0:28:19:42:
24:a6:ef:90:f5:bd:1e:a4:34:af:b5:90:a0:b8:34:
ee:4a:20:7e:69:ed:72:68:92:b5:af:5f:c1:b7:c7:
30:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A1:C9:58:F0:9B:7E:AB:81:AE:BD:2D:BE:36:D5:1B:08:F8:7C:B4
X509v3 Authority Key Identifier:
keyid:9B:86:8A:76:F5:B4:74:8E:1E:4B:BA:83:47:01:A6:85:77:C6:34:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4aKdvW0dI4eS7qDRwGmhXfGNGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/DKHJWPCbfquBrr0tvjbVGwj4fLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/m4aKdvW0dI4eS7qDRwGmhXfGNGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.0.0/21
195.191.78.0/23
Signature Algorithm: sha256WithRSAEncryption
01:9e:c1:2e:a0:38:85:ac:bd:d2:c8:09:2d:5d:08:82:1c:a2:
c1:5a:03:03:39:0a:12:4c:92:a9:72:f2:20:6e:28:17:7a:5b:
90:66:6b:c2:48:7c:80:35:ca:59:8d:7a:c6:00:c4:52:3a:07:
2b:28:98:21:7d:40:89:bb:c3:c2:f6:cb:ea:b6:ee:6d:8f:90:
d5:8c:fd:7b:24:ac:1e:03:4e:10:2a:d2:86:28:99:ea:4a:ec:
ff:bc:82:58:9e:3e:1b:63:03:6d:6a:de:1d:44:d4:e6:94:c5:
d6:02:b2:60:54:ec:86:01:e1:e8:b3:31:84:42:59:5d:8e:de:
81:36:65:88:59:05:ac:0e:c1:e7:8f:a4:a7:2f:5e:36:04:44:
61:28:94:52:e0:58:6a:98:73:23:0a:88:1f:b8:f2:db:01:06:
db:91:45:8a:c5:e5:04:1a:aa:86:ba:62:d2:43:2d:bc:47:f2:
19:d9:6a:91:73:31:6b:12:85:49:02:68:83:b0:34:37:98:46:
79:b4:b8:da:cf:78:07:62:51:6e:23:0f:2b:76:bb:99:dc:55:
e3:a3:e7:e2:6c:fc:61:32:45:6e:4d:10:b2:ef:62:57:39:a3:
89:67:7e:92:ed:ca:fe:87:42:c1:61:cd:7f:91:3f:09:6f:bf:
08:50:08:1e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDUSz1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Yjg2OGE3NmY1YjQ3NDhlMWU0YmJhODM0NzAxYTY4NTc3YzYzNDYyMB4XDTIyMDEw
MTExMDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNhMWM5NThmMDli
N2VhYjgxYWViZDJkYmUzNmQ1MWIwOGY4N2NiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0GCsGVKKPmcMI4lKj9FfjREeXzUiCS2Q6NidENYIfKwo2Z
rEN5HQEejtBUYkFBzF8V5LabqAs9zrwqofD9OvwS48LWnxPxxJwB6QFcivx8zPGY
WNzf7rIpEUVDSaewnkTBS8Y/AisBWHMFX9udWb+1uCqs3jNyisdh6Ty9Tg+RzPs8
PnhROZdzq1GMfXYivTXdSAJdV3C8BeiSViClOmRraub/U+SgIsQ7T7AQKUAboYlY
9PX6zJm/L/k54X7w/q2M2UYf9Pd2G0I1Tt96CokRUDwURfXS+Teo6HbgKBlCJKbv
kPW9HqQ0r7WQoLg07kogfmntcmiSta9fwbfHMOMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQMoclY8Jt+q4GuvS2+NtUbCPh8tDAfBgNVHSMEGDAWgBSbhop29bR0jh5L
uoNHAaaFd8Y0YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L200YUtkdlcwZEk0ZVM3cURSd0dtaFhmR05HSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMGIwZDgyLWZhNjAtNDRjYi1iODNmLTZhMzRlNDZhYWE1Ni8x
L0RLSEpXUENiZnF1QnJyMHR2amJWR3dqNGZMUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MGIwZDgyLWZhNjAtNDRjYi1iODNmLTZhMzRlNDZhYWE1Ni8xL200YUtkdlcwZEk0
ZVM3cURSd0dtaFhmR05HSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA7B1AAMEAcO/TjANBgkqhkiG9w0B
AQsFAAOCAQEAAZ7BLqA4hay90sgJLV0IghyiwVoDAzkKEkySqXLyIG4oF3pbkGZr
wkh8gDXKWY16xgDEUjoHKyiYIX1AibvDwvbL6rbubY+Q1Yz9eySsHgNOECrShiiZ
6krs/7yCWJ4+G2MDbWreHUTU5pTF1gKyYFTshgHh6LMxhEJZXY7egTZliFkFrA7B
54+kpy9eNgREYSiUUuBYaphzIwqIH7jy2wEG25FFisXlBBqqhrpi0kMtvEfyGdlq
kXMxaxKFSQJog7A0N5hGebS42s94B2JRbiMPK3a7mdxV46Pn4mz8YTJFbk0Qsu9i
VzmjiWd+ku3K/odCwWHNf5E/CW+/CFAIHg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:52:47 2025 by rpki-client