Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/dkPefKFo9gp9Ii-mt0Y0suNwa_c.roa
File: dkPefKFo9gp9Ii-mt0Y0suNwa_c.roa (raw, json)
Hash identifier: aaiZtJn9PhcPoiJRdGQG822As0r87SsuJhPudvCPCPM=
Subject key identifier: 76:43:DE:7C:A1:68:F6:0A:7D:22:2F:A6:B7:46:34:B2:E3:70:6B:F7
Certificate issuer: /CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Certificate serial: 018AFFBE6BAB0FBA8F5B8B83B54C8C88CA97
Authority key identifier: 18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/dkPefKFo9gp9Ii-mt0Y0suNwa_c.roa
Signing time: Thu 05 Oct 2023 12:09:44 +0000
ROA not before: Thu 05 Oct 2023 12:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34993
IP address blocks: 193.25.122.0/23 maxlen: 23
185.57.148.0/22 maxlen: 22
37.148.252.0/22 maxlen: 22
141.98.220.0/22 maxlen: 22
193.25.168.0/23 maxlen: 23
89.248.208.0/24 maxlen: 24
89.248.210.0/23 maxlen: 23
185.151.188.0/22 maxlen: 22
2a0a:1580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:be:6b:ab:0f:ba:8f:5b:8b:83:b5:4c:8c:88:ca:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Validity
Not Before: Oct 5 12:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7643de7ca168f60a7d222fa6b74634b2e3706bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:c5:53:12:5e:55:60:a6:b1:dc:4d:59:85:
c7:d1:69:78:a6:11:fc:a6:0c:f1:1d:4f:a5:9c:d1:
0e:57:6d:35:f0:1f:df:29:53:1e:f7:70:29:98:eb:
fd:70:05:5d:54:24:8a:bc:4d:89:1a:4e:9f:12:8c:
4d:8f:2a:ac:a6:36:6c:84:e3:17:69:60:c0:06:34:
03:23:fa:e5:26:d2:e6:dd:01:34:4c:db:e9:26:4b:
62:85:a8:e6:f0:37:f1:aa:2c:68:5a:4b:e9:d9:41:
f6:3c:ab:8f:31:2a:dd:3f:a9:10:14:ea:f9:19:46:
95:1c:44:26:d2:67:d4:a0:57:3a:81:03:23:9c:f9:
3c:45:fd:b4:05:31:85:81:d5:f5:fd:c8:96:ab:af:
70:18:e3:c7:17:4e:05:6c:e8:1f:78:09:1a:51:40:
b4:e3:d1:0a:bc:74:66:15:8d:29:ea:81:74:95:18:
24:28:69:d2:0a:4b:cd:a2:af:aa:fe:1f:9c:23:d2:
21:5e:4c:96:a3:1d:d4:71:7b:e5:0b:16:7b:7c:a1:
c1:c5:80:c2:76:9e:cc:49:2d:67:e6:f4:fd:d3:f2:
62:27:15:35:74:17:cc:4c:ea:8c:75:61:84:32:1b:
b4:67:2e:d0:18:cd:d8:f1:44:3f:0b:48:1a:4f:e6:
d8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:43:DE:7C:A1:68:F6:0A:7D:22:2F:A6:B7:46:34:B2:E3:70:6B:F7
X509v3 Authority Key Identifier:
keyid:18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/dkPefKFo9gp9Ii-mt0Y0suNwa_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.252.0/22
89.248.208.0/24
89.248.210.0/23
141.98.220.0/22
185.57.148.0/22
185.151.188.0/22
193.25.122.0/23
193.25.168.0/23
IPv6:
2a0a:1580::/29
Signature Algorithm: sha256WithRSAEncryption
da:55:72:2c:21:da:39:14:fe:30:49:08:0c:6f:21:fa:33:98:
7f:2e:ff:65:de:c0:47:de:66:e8:b5:fa:4d:d4:b5:38:26:c5:
bc:23:00:82:2a:78:cb:77:0a:a7:25:3a:2c:57:d9:40:1e:da:
a9:7e:55:d2:f0:b7:f5:d8:cc:4d:e8:78:1c:11:88:b9:11:2b:
9d:98:4d:f6:fc:f9:e2:0e:5a:97:dc:3d:5b:63:33:aa:19:39:
60:21:57:e7:b7:9c:09:10:5d:d7:5c:de:60:b4:44:a4:f7:ba:
b2:0b:b3:e1:36:98:17:49:1c:e6:bf:30:b6:26:73:12:f8:22:
6c:8f:16:71:56:a3:55:bc:de:4b:a0:0a:63:6c:91:25:31:3a:
e7:aa:3a:f0:08:85:fe:e5:02:83:ee:9d:2b:8f:53:ff:08:cb:
76:69:c5:a8:02:76:85:ae:30:95:0c:4a:b3:45:70:8e:e3:84:
2a:5f:79:bd:b1:bf:3d:e0:b1:95:da:c7:9a:8d:78:5a:6f:f1:
e9:36:f1:ac:50:0a:4a:f9:c5:12:19:74:a8:d3:a9:16:86:b9:
f4:7f:b5:93:33:fa:d1:a9:22:9b:13:01:d6:13:17:9f:b8:9a:
1f:f4:af:f3:9f:3e:e1:26:6d:fd:4a:62:69:72:ae:6b:4d:ff:
a0:4a:94:58
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYr/vmurD7qPW4uDtUyMiMqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTBlOWEzZDIwY2ZhYzZjYmUzY2NmNzRhYjU3ODRhNzc2
ODI5MzMwHhcNMjMxMDA1MTIwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQzZGU3Y2ExNjhmNjBhN2QyMjJmYTZiNzQ2MzRiMmUzNzA2YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVvFUxJeVWCmsdxNWYXH0Wl4phH8
pgzxHU+lnNEOV2018B/fKVMe93ApmOv9cAVdVCSKvE2JGk6fEoxNjyqspjZshOMX
aWDABjQDI/rlJtLm3QE0TNvpJktihajm8DfxqixoWkvp2UH2PKuPMSrdP6kQFOr5
GUaVHEQm0mfUoFc6gQMjnPk8Rf20BTGFgdX1/ciWq69wGOPHF04FbOgfeAkaUUC0
49EKvHRmFY0p6oF0lRgkKGnSCkvNoq+q/h+cI9IhXkyWox3UcXvlCxZ7fKHBxYDC
dp7MSS1n5vT90/JiJxU1dBfMTOqMdWGEMhu0Zy7QGM3Y8UQ/C0gaT+bYUQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHZD3nyhaPYKfSIvprdGNLLjcGv3MB8GA1UdIwQY
MBaAFBjg6aPSDPrGy+PM90q1eEp3aCkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMt
OTVhYjgxYjc3NjkxLzEvZGtQZWZLRm85Z3A5SWktbXQwWTBzdU53YV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMtOTVhYjgxYjc3Njkx
LzEvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCJZT8AwQA
WfjQAwQBWfjSAwQCjWLcAwQCuTmUAwQCuZe8AwQBwRl6AwQBwRmoMA0EAgACMAcD
BQMqChWAMA0GCSqGSIb3DQEBCwUAA4IBAQDaVXIsIdo5FP4wSQgMbyH6M5h/Lv9l
3sBH3mbotfpN1LU4JsW8IwCCKnjLdwqnJTosV9lAHtqpflXS8Lf12MxN6HgcEYi5
ESudmE32/PniDlqX3D1bYzOqGTlgIVfnt5wJEF3XXN5gtESk97qyC7PhNpgXSRzm
vzC2JnMS+CJsjxZxVqNVvN5LoApjbJElMTrnqjrwCIX+5QKD7p0rj1P/CMt2acWo
AnaFrjCVDEqzRXCO44QqX3m9sb894LGV2seajXhab/HpNvGsUApK+cUSGXSo06kW
hrn0f7WTM/rRqSKbEwHWExefuJof9K/znz7hJm39SmJpcq5rTf+gSpRY
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:03:14 2025 by rpki-client