Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/DtgXPfaOtzSV6VJRNN2bssURYZA.roa
File: DtgXPfaOtzSV6VJRNN2bssURYZA.roa (raw, json)
Hash identifier: dnyr5VOju23F/5zlWFEy1r9m+i7N5ue/vIecY8UU4U8=
Subject key identifier: 0E:D8:17:3D:F6:8E:B7:34:95:E9:52:51:34:DD:9B:B2:C5:11:61:90
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 01856F02097513FA5EB2CE3D063F58574C7E
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/DtgXPfaOtzSV6VJRNN2bssURYZA.roa
Signing time: Sun 01 Jan 2023 20:24:42 +0000
ROA not before: Sun 01 Jan 2023 20:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41152
IP address blocks: 91.228.22.0/23 maxlen: 23
193.148.64.0/22 maxlen: 22
91.227.246.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:09:75:13:fa:5e:b2:ce:3d:06:3f:58:57:4c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Jan 1 20:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ed8173df68eb73495e9525134dd9bb2c5116190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f1:53:41:c4:89:8e:c9:f4:76:a7:f3:9e:d0:
aa:c5:c1:32:ff:7a:be:ed:9c:22:49:14:bc:ea:20:
7c:b4:e8:79:87:e8:96:65:ee:79:08:5a:75:99:b6:
24:19:c1:9e:6a:f6:31:93:34:a9:a1:9a:7f:b2:e1:
3a:b5:83:bf:46:58:d3:5b:9b:95:40:8b:a1:8a:35:
34:0f:ae:9e:74:f4:46:84:0c:57:db:31:e4:7f:d3:
92:5a:b7:79:29:9b:d3:b4:93:78:ca:ff:ad:a9:b1:
f8:6c:87:c7:e5:34:ae:10:d3:bb:68:06:3c:2e:3e:
5c:12:6b:37:c7:c3:c5:5a:bc:8d:39:e2:3b:34:bf:
c3:cb:1b:c7:a3:9d:eb:a7:85:91:a6:f0:97:9f:98:
d3:18:67:60:a9:a2:d1:87:70:d3:8d:73:72:d3:e5:
4d:90:65:88:00:0d:f6:93:0f:2e:43:dd:1d:7f:eb:
c4:43:84:8f:f0:41:3f:f4:23:8e:51:5d:a4:8c:a2:
2b:1a:92:cb:2a:98:c7:6a:57:4e:19:89:d6:2e:02:
a1:7a:82:56:45:8b:1d:d5:e4:36:d0:bc:80:96:85:
59:88:1c:f7:ec:e3:6a:89:55:bb:e3:9b:cf:35:9c:
7d:b9:1f:4a:58:7c:9b:00:d5:56:01:34:98:0f:c4:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D8:17:3D:F6:8E:B7:34:95:E9:52:51:34:DD:9B:B2:C5:11:61:90
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/DtgXPfaOtzSV6VJRNN2bssURYZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.246.0/23
91.228.22.0/23
193.148.64.0/22
Signature Algorithm: sha256WithRSAEncryption
26:1d:85:c9:e1:3c:e5:63:e4:8b:82:18:24:15:dd:87:7f:57:
17:07:82:73:93:74:60:99:31:cd:da:61:0d:30:03:d6:96:ce:
e3:f7:ad:1a:d1:91:dc:3f:f8:c5:b6:89:87:01:25:5c:4d:98:
6b:a2:42:81:4f:4c:44:a2:bc:0c:28:1d:33:00:3f:53:ee:11:
6d:ad:30:4e:7d:05:eb:e5:e3:4d:47:c7:b2:87:b2:23:8b:cf:
b4:76:78:d2:32:77:dd:dc:57:54:f2:24:16:54:07:e6:11:80:
a0:44:34:5c:6a:8d:cd:d7:50:b3:51:6c:7d:fd:10:c6:fa:d6:
5a:e2:6d:9e:6f:4c:9a:7a:2c:17:89:32:a4:ab:d1:8c:fe:c2:
d7:a8:73:51:c6:6b:55:3a:7c:8e:c3:73:2a:4d:98:63:3e:4a:
02:f5:fb:65:77:30:7d:7c:9d:b5:67:62:9b:86:d6:7c:bd:15:
35:f4:ca:fa:1e:20:e0:a9:01:57:c5:1b:af:e4:1e:14:d2:18:
fb:7a:67:7a:7d:bc:b6:57:48:f7:ad:0d:47:11:0f:8f:13:b6:
b8:28:a6:05:3e:1c:67:69:95:b2:58:8e:15:fa:58:ed:d9:5e:
71:95:9f:42:ea:f1:1e:d1:61:18:f0:e0:88:6a:2c:86:56:f6:
ac:dc:43:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvAgl1E/pess49Bj9YV0x+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjMwMTAxMjAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ4MTczZGY2OGViNzM0OTVlOTUyNTEzNGRkOWJiMmM1MTE2MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfFTQcSJjsn0dqfzntCqxcEy/3q+
7ZwiSRS86iB8tOh5h+iWZe55CFp1mbYkGcGeavYxkzSpoZp/suE6tYO/RljTW5uV
QIuhijU0D66edPRGhAxX2zHkf9OSWrd5KZvTtJN4yv+tqbH4bIfH5TSuENO7aAY8
Lj5cEms3x8PFWryNOeI7NL/DyxvHo53rp4WRpvCXn5jTGGdgqaLRh3DTjXNy0+VN
kGWIAA32kw8uQ90df+vEQ4SP8EE/9COOUV2kjKIrGpLLKpjHaldOGYnWLgKheoJW
RYsd1eQ20LyAloVZiBz37ONqiVW745vPNZx9uR9KWHybANVWATSYD8SlkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA7YFz32jrc0lelSUTTdm7LFEWGQMB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvRHRnWFBmYU90elNWNlZKUk5OMmJzc1VSWVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+P2AwQB
W+QWAwQCwZRAMA0GCSqGSIb3DQEBCwUAA4IBAQAmHYXJ4TzlY+SLghgkFd2Hf1cX
B4Jzk3RgmTHN2mENMAPWls7j960a0ZHcP/jFtomHASVcTZhrokKBT0xEorwMKB0z
AD9T7hFtrTBOfQXr5eNNR8eyh7Iji8+0dnjSMnfd3FdU8iQWVAfmEYCgRDRcao3N
11CzUWx9/RDG+tZa4m2eb0yaeiwXiTKkq9GM/sLXqHNRxmtVOnyOw3MqTZhjPkoC
9ftldzB9fJ21Z2KbhtZ8vRU19Mr6HiDgqQFXxRuv5B4U0hj7emd6fby2V0j3rQ1H
EQ+PE7a4KKYFPhxnaZWyWI4V+ljt2V5xlZ9C6vEe0WEY8OCIaiyGVvas3EMR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:14:18 2025 by rpki-client