Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/DAkqTD8LuFwdL2DIXDnfzqPqlpQ.roa
File: DAkqTD8LuFwdL2DIXDnfzqPqlpQ.roa (raw, json)
Hash identifier: RRKMnYSzQIGcg+2NaD1CIwxl9uZzazHF33ZuQTmU8ew=
Subject key identifier: 0C:09:2A:4C:3F:0B:B8:5C:1D:2F:60:C8:5C:39:DF:CE:A3:EA:96:94
Certificate issuer: /CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Certificate serial: 01856E8B07D448E88098E04B2B274EE3A387
Authority key identifier: 2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/DAkqTD8LuFwdL2DIXDnfzqPqlpQ.roa
Signing time: Sun 01 Jan 2023 18:14:43 +0000
ROA not before: Sun 01 Jan 2023 18:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50326
IP address blocks: 45.158.176.0/22 maxlen: 22
195.191.28.0/23 maxlen: 24
185.101.240.0/22 maxlen: 22
185.227.220.0/22 maxlen: 22
2a0c:ce00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:07:d4:48:e8:80:98:e0:4b:2b:27:4e:e3:a3:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Validity
Not Before: Jan 1 18:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c092a4c3f0bb85c1d2f60c85c39dfcea3ea9694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:89:b5:88:bc:03:29:70:85:c0:02:6d:ed:
66:c4:06:80:40:4a:1c:80:1e:26:b7:09:66:2b:38:
a5:8a:dc:d0:1e:bb:92:e9:ce:1e:d3:a7:01:05:3e:
6a:5e:f6:c1:f4:9c:cc:ff:e3:2d:50:36:de:3d:ef:
17:7e:df:e8:bd:b4:b1:dd:b3:16:d9:82:51:61:af:
dd:29:13:64:6c:49:7c:e6:59:8d:e9:6d:26:6e:c1:
13:fd:5c:11:71:09:7f:18:36:cb:0c:f4:de:cf:b2:
47:cf:b6:c9:2f:fa:9e:3a:4a:b8:2c:95:4a:b6:1e:
89:1e:ca:63:fe:0e:2a:5b:82:5e:f5:1a:42:08:4a:
f3:bf:bf:a2:0a:89:c6:f4:fb:ae:00:55:93:be:d3:
a1:5d:0e:a5:1c:ce:27:47:ad:4b:cf:bb:80:4d:d9:
ee:a9:2d:ac:21:f2:80:2a:a5:2d:9b:41:81:30:fa:
10:9d:a4:6d:03:08:c3:86:3a:0e:b7:9e:4f:63:b8:
65:f3:1e:99:af:7b:22:44:d1:d0:c5:08:8c:94:f1:
4e:d3:00:53:b3:a3:b2:df:c4:aa:e0:38:ba:a0:73:
e5:3e:3b:91:68:66:d3:d0:8b:cc:55:1d:13:e2:1a:
34:73:97:d1:4e:b7:82:87:32:8c:79:c3:79:3b:6e:
aa:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:09:2A:4C:3F:0B:B8:5C:1D:2F:60:C8:5C:39:DF:CE:A3:EA:96:94
X509v3 Authority Key Identifier:
keyid:2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/DAkqTD8LuFwdL2DIXDnfzqPqlpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.176.0/22
185.101.240.0/22
185.227.220.0/22
195.191.28.0/23
IPv6:
2a0c:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
b5:b1:ac:aa:ce:20:e1:6e:f1:28:42:f7:e0:8c:ed:00:c3:06:
f0:0e:d6:c9:96:04:24:60:f1:ab:81:7c:90:3c:18:ff:85:3e:
e3:8f:97:fa:dd:95:87:92:a9:96:bf:94:d6:c9:98:23:14:3d:
9c:0e:19:3e:51:a4:4b:65:f2:20:3a:0a:f2:20:1d:47:6a:db:
23:b1:75:b4:80:23:93:b8:4c:e5:ac:67:1f:f7:f8:6f:59:95:
a8:15:b9:45:7c:c6:2f:bd:1d:42:b8:4c:09:2e:73:eb:96:58:
9f:bf:dd:ab:5e:85:e4:75:f1:cb:6f:ba:5f:32:25:68:d2:19:
48:da:15:4a:83:85:20:1b:56:fc:58:bc:ca:70:b6:f8:7c:f9:
34:fb:eb:07:43:78:fc:7c:8d:b7:a2:77:46:a6:8a:c4:aa:c0:
54:79:b6:43:ee:71:bb:d0:25:79:e7:51:1c:59:3e:b2:72:93:
66:63:88:8b:7d:af:b9:b2:05:b0:75:e8:3e:c3:d5:72:fc:21:
5b:50:e1:c9:19:b5:5e:72:4a:f4:e0:5b:d5:71:d3:79:63:ac:
ec:ab:c2:3a:32:82:d9:e0:0f:bd:0e:9b:c8:ae:52:24:4c:7f:
bb:25:b0:50:2f:47:4b:ec:c7:14:49:1b:c4:42:89:f0:39:74:
de:c9:43:19
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuiwfUSOiAmOBLKydO46OHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNmQ2NjEyNDM2Mjg4MGY1ZTRjNTQ4NTJmODM3NmQyYjlk
MTM3ZjQwHhcNMjMwMTAxMTgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA5MmE0YzNmMGJiODVjMWQyZjYwYzg1YzM5ZGZjZWEzZWE5Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhaJtYi8AylwhcACbe1mxAaAQEoc
gB4mtwlmKzilitzQHruS6c4e06cBBT5qXvbB9JzM/+MtUDbePe8Xft/ovbSx3bMW
2YJRYa/dKRNkbEl85lmN6W0mbsET/VwRcQl/GDbLDPTez7JHz7bJL/qeOkq4LJVK
th6JHspj/g4qW4Je9RpCCErzv7+iConG9PuuAFWTvtOhXQ6lHM4nR61Lz7uATdnu
qS2sIfKAKqUtm0GBMPoQnaRtAwjDhjoOt55PY7hl8x6Zr3siRNHQxQiMlPFO0wBT
s6Oy38Sq4Di6oHPlPjuRaGbT0IvMVR0T4ho0c5fRTreChzKMecN5O26q5QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAwJKkw/C7hcHS9gyFw5386j6paUMB8GA1UdIwQY
MBaAFCxtZhJDYogPXkxUhS+DdtK50Tf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMt
ZTQwMzBmYTFiMDRhLzEvREFrcVREOEx1RndkTDJESVhEbmZ6cVBxbHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMtZTQwMzBmYTFiMDRh
LzEvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZ6wAwQC
uWXwAwQCuePcAwQBw78cMA0EAgACMAcDBQMqDM4AMA0GCSqGSIb3DQEBCwUAA4IB
AQC1sayqziDhbvEoQvfgjO0AwwbwDtbJlgQkYPGrgXyQPBj/hT7jj5f63ZWHkqmW
v5TWyZgjFD2cDhk+UaRLZfIgOgryIB1HatsjsXW0gCOTuEzlrGcf9/hvWZWoFblF
fMYvvR1CuEwJLnPrllifv92rXoXkdfHLb7pfMiVo0hlI2hVKg4UgG1b8WLzKcLb4
fPk0++sHQ3j8fI23ondGporEqsBUebZD7nG70CV551EcWT6ycpNmY4iLfa+5sgWw
deg+w9Vy/CFbUOHJGbVeckr04FvVcdN5Y6zsq8I6MoLZ4A+9DpvIrlIkTH+7JbBQ
L0dL7McUSRvEQonwOXTeyUMZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:40 2025 by rpki-client