Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/DS0nuzdnpB5sN9OYtrqTglO9na0.roa
File: DS0nuzdnpB5sN9OYtrqTglO9na0.roa (raw, json)
Hash identifier: lfm+YDyswfVHeiNHo0N5p4Wf13zNc57ttK9ChOlQ03I=
Subject key identifier: 0D:2D:27:BB:37:67:A4:1E:6C:37:D3:98:B6:BA:93:82:53:BD:9D:AD
Certificate issuer: /CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Certificate serial: 01856CC141D5C9D880A66EE97588BF229B80
Authority key identifier: 2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/DS0nuzdnpB5sN9OYtrqTglO9na0.roa
Signing time: Sun 01 Jan 2023 09:54:42 +0000
ROA not before: Sun 01 Jan 2023 09:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58096
IP address blocks: 185.216.192.0/23 maxlen: 32
45.93.4.0/22 maxlen: 32
193.160.204.0/23 maxlen: 32
94.141.124.0/22 maxlen: 24
91.220.69.0/24 maxlen: 24
193.105.114.0/24 maxlen: 32
185.154.72.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:41:d5:c9:d8:80:a6:6e:e9:75:88:bf:22:9b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Validity
Not Before: Jan 1 09:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d2d27bb3767a41e6c37d398b6ba938253bd9dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:97:48:87:c5:7f:f7:38:32:6b:57:0a:41:78:
56:5d:25:47:38:68:9d:a3:19:c6:72:7c:52:dc:58:
14:a4:6f:d5:59:99:9a:b3:b3:1d:3d:74:25:a0:b9:
4c:bb:34:82:93:de:3d:56:4e:b6:07:1a:2f:34:b1:
c7:2e:57:a1:d3:6d:87:08:ac:90:72:6f:f7:43:43:
39:39:86:94:01:80:2f:12:b4:f4:6d:9f:e4:1a:2a:
1c:2f:ff:5f:c8:17:49:2a:4f:e7:e2:29:50:34:84:
68:fc:88:0b:50:58:8a:2a:76:8e:83:78:e0:4d:7d:
dd:3a:6c:99:92:f7:99:82:0f:8c:1b:02:7e:65:e3:
a5:ec:97:ee:53:6e:3c:4d:b3:04:b3:4b:13:ad:bf:
74:86:a1:bd:fc:df:72:ee:cb:de:65:00:e4:1b:e0:
8f:82:03:68:bd:05:5f:33:a0:3d:7f:7c:78:3f:dc:
d0:73:7c:5d:c8:be:f9:f9:2a:c1:81:5c:54:6d:a6:
01:69:cc:bf:b3:07:d2:21:c2:40:98:06:b0:72:ca:
19:7e:7e:32:db:28:4f:cc:83:84:90:34:5e:8f:ae:
00:bc:6c:5e:3c:bb:56:30:c2:f6:35:b6:5f:e2:57:
83:58:a9:93:31:69:4e:fe:13:27:9c:a1:25:71:9d:
da:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2D:27:BB:37:67:A4:1E:6C:37:D3:98:B6:BA:93:82:53:BD:9D:AD
X509v3 Authority Key Identifier:
keyid:2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/DS0nuzdnpB5sN9OYtrqTglO9na0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/LIjbgf377M7nX0qfaYo8GzqEYm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.4.0/22
91.220.69.0/24
94.141.124.0/22
185.154.72.0/22
185.216.192.0/23
193.105.114.0/24
193.160.204.0/23
Signature Algorithm: sha256WithRSAEncryption
34:bc:f2:bf:89:90:6b:52:f2:19:54:0f:1e:99:5d:e3:c4:c4:
d6:ff:e4:fb:1c:23:4b:df:16:50:e1:2b:45:e3:3c:43:22:bf:
03:87:1b:f4:5b:9c:30:28:b0:e2:17:aa:86:42:57:40:84:b4:
7b:81:cd:96:12:d1:0d:58:5f:26:4a:4e:b7:f5:25:fb:8d:7c:
47:60:b4:3b:a2:52:b0:e8:70:dc:2f:c1:22:d8:0e:db:17:c7:
ea:d6:01:f2:0c:b7:a3:99:93:ab:e5:33:b1:dd:17:5b:44:39:
18:d7:b5:53:de:55:69:66:85:b2:a9:13:91:ee:e8:90:c9:12:
5e:aa:04:c4:77:bc:5c:39:d6:32:4d:49:32:e6:cf:31:eb:22:
3b:08:c5:ec:63:c7:5b:49:90:b0:65:69:ca:fa:ef:93:1b:90:
ed:87:ed:9c:4e:60:d1:1d:2f:06:3f:17:bd:ce:c1:2b:cd:ff:
80:d6:6f:bf:06:ec:45:9d:07:5a:be:87:97:34:b0:3b:74:94:
72:35:c7:0b:51:8b:d6:68:bd:3c:9f:88:39:bb:28:6d:1c:c5:
ea:8f:e6:0e:b2:d4:4b:97:75:81:7b:fa:67:83:a1:43:63:c5:
6d:69:06:52:da:1c:37:f4:45:c3:0d:c4:a5:cf:b6:e6:9f:7b:
57:c3:ae:af
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVswUHVydiApm7pdYi/IpuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODhkYjgxZmRmYmVjY2VlNzVmNGE5ZjY5OGEzYzFiM2E4
NDYyNmUwHhcNMjMwMTAxMDk1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJkMjdiYjM3NjdhNDFlNmMzN2QzOThiNmJhOTM4MjUzYmQ5ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZdIh8V/9zgya1cKQXhWXSVHOGid
oxnGcnxS3FgUpG/VWZmas7MdPXQloLlMuzSCk949Vk62BxovNLHHLleh022HCKyQ
cm/3Q0M5OYaUAYAvErT0bZ/kGiocL/9fyBdJKk/n4ilQNIRo/IgLUFiKKnaOg3jg
TX3dOmyZkveZgg+MGwJ+ZeOl7JfuU248TbMEs0sTrb90hqG9/N9y7sveZQDkG+CP
ggNovQVfM6A9f3x4P9zQc3xdyL75+SrBgVxUbaYBacy/swfSIcJAmAawcsoZfn4y
2yhPzIOEkDRej64AvGxePLtWMML2NbZf4leDWKmTMWlO/hMnnKElcZ3aXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA0tJ7s3Z6QebDfTmLa6k4JTvZ2tMB8GA1UdIwQY
MBaAFCyI24H9++zO519Kn2mKPBs6hGJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYt
ZjQ1N2Q0MDRhZTJmLzEvRFMwbnV6ZG5wQjVzTjlPWXRycVRnbE85bmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYtZjQ1N2Q0MDRhZTJm
LzEvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLV0EAwQA
W9xFAwQCXo18AwQCuZpIAwQBudjAAwQAwWlyAwQBwaDMMA0GCSqGSIb3DQEBCwUA
A4IBAQA0vPK/iZBrUvIZVA8emV3jxMTW/+T7HCNL3xZQ4StF4zxDIr8Dhxv0W5ww
KLDiF6qGQldAhLR7gc2WEtENWF8mSk639SX7jXxHYLQ7olKw6HDcL8Ei2A7bF8fq
1gHyDLejmZOr5TOx3RdbRDkY17VT3lVpZoWyqROR7uiQyRJeqgTEd7xcOdYyTUky
5s8x6yI7CMXsY8dbSZCwZWnK+u+TG5Dth+2cTmDRHS8GPxe9zsErzf+A1m+/BuxF
nQdavoeXNLA7dJRyNccLUYvWaL08n4g5uyhtHMXqj+YOstRLl3WBe/png6FDY8Vt
aQZS2hw39EXDDcSlz7bmn3tXw66v
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:14:24 2025 by rpki-client