Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/dKh9-UukB4Oabz7jI1o5HZYMA1c.roa
File: dKh9-UukB4Oabz7jI1o5HZYMA1c.roa (raw, json)
Hash identifier: kcUz0FSs3Phx3hD6SsT7O/QJRQMnZwBnjNVG+cHslOk=
Subject key identifier: 74:A8:7D:F9:4B:A4:07:83:9A:6F:3E:E3:23:5A:39:1D:96:0C:03:57
Certificate issuer: /CN=dc5d2cfbdb9d58d5740ff375a315b382544a94ae
Certificate serial: 01849B5A4EA3180995E8D5F71C2A2AB2ABFB
Authority key identifier: DC:5D:2C:FB:DB:9D:58:D5:74:0F:F3:75:A3:15:B3:82:54:4A:94:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3F0s-9udWNV0D_N1oxWzglRKlK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/dKh9-UukB4Oabz7jI1o5HZYMA1c.roa
Signing time: Mon 21 Nov 2022 18:01:37 +0000
ROA not before: Mon 21 Nov 2022 18:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57866
IP address blocks: 45.149.8.0/22 maxlen: 22
185.242.64.0/22 maxlen: 22
185.21.48.0/24 maxlen: 24
2a0c:c080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:5a:4e:a3:18:09:95:e8:d5:f7:1c:2a:2a:b2:ab:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc5d2cfbdb9d58d5740ff375a315b382544a94ae
Validity
Not Before: Nov 21 18:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74a87df94ba407839a6f3ee3235a391d960c0357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:10:88:7f:8b:c6:27:56:b8:3f:8d:25:ea:e4:
a4:66:21:c5:60:5d:41:7f:55:98:9f:c9:67:53:64:
ce:93:39:f6:5a:93:f7:e9:22:9c:a8:06:89:ec:2e:
90:44:2c:b5:de:f8:21:51:7e:19:7e:38:83:91:bc:
f8:ef:28:af:a1:c3:66:07:9e:9e:8c:bc:58:25:01:
8c:bc:13:96:05:6c:a3:dc:29:2a:3b:b6:fe:77:93:
72:70:6b:c1:7f:da:aa:7e:5c:04:96:04:eb:9f:a0:
ea:19:40:ee:7c:fe:76:e8:d6:b0:30:2e:d4:31:35:
19:71:30:fd:d2:dc:bf:a6:74:a1:f4:55:d8:9d:3d:
6e:c0:2c:8b:57:93:c3:1c:b2:e6:f8:39:26:be:27:
23:dd:61:80:94:5f:3a:af:8f:7c:f3:00:2f:78:47:
ed:4b:93:a4:8a:53:b6:af:64:50:0e:41:db:44:10:
f3:da:44:ac:c4:4e:09:3c:e7:86:3b:73:a5:2c:d4:
94:3d:99:24:d8:47:00:4e:4b:57:94:e9:87:65:7e:
95:e9:31:67:aa:18:4f:02:47:a7:35:69:5f:74:19:
f3:06:f5:15:05:8e:8c:9f:ae:b9:83:be:e5:1b:23:
04:2e:c7:45:fc:a0:25:40:1e:e9:7a:4c:7d:e9:b0:
c0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A8:7D:F9:4B:A4:07:83:9A:6F:3E:E3:23:5A:39:1D:96:0C:03:57
X509v3 Authority Key Identifier:
keyid:DC:5D:2C:FB:DB:9D:58:D5:74:0F:F3:75:A3:15:B3:82:54:4A:94:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3F0s-9udWNV0D_N1oxWzglRKlK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/dKh9-UukB4Oabz7jI1o5HZYMA1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/3F0s-9udWNV0D_N1oxWzglRKlK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.8.0/22
185.21.48.0/24
185.242.64.0/22
IPv6:
2a0c:c080::/29
Signature Algorithm: sha256WithRSAEncryption
08:7c:75:13:52:fb:f8:1a:2c:6b:7d:5e:5d:ec:a0:f1:b0:06:
a6:eb:61:c7:2f:fd:40:3e:3f:26:6f:f5:c4:b9:72:6c:7f:4d:
c5:ea:66:c8:9d:81:fe:01:c2:9c:43:b9:c3:c9:46:a9:4f:07:
7e:f4:9d:9b:9f:9c:72:d1:92:9f:95:63:72:85:e5:9d:cd:b3:
c8:d9:d2:06:38:ca:57:4b:b3:38:c7:6d:52:41:27:6d:8a:72:
a5:13:62:ad:4d:98:6b:98:cc:97:0e:78:ec:53:d5:fa:59:5d:
84:51:8d:da:a7:a5:db:01:55:fc:41:d8:66:17:da:7a:68:83:
d2:94:27:18:d3:ad:6c:60:bb:04:55:b8:cc:33:46:72:84:6c:
67:cf:db:71:0e:b4:db:a7:b1:83:88:74:71:8f:5f:22:b1:6a:
90:16:af:4b:6e:0f:77:1a:4a:3c:fe:93:86:03:d3:3b:39:1d:
d8:0d:00:dc:67:76:87:f6:23:67:c2:b1:cb:d5:ba:5b:4b:44:
04:b3:00:db:fa:47:8e:18:42:b8:aa:d6:85:4f:d9:a2:fe:f6:
d9:85:54:e0:4d:7b:4f:6f:09:b2:81:24:c3:90:8f:5e:4d:fb:
bc:1c:e9:c9:fd:b3:1e:06:d8:4e:cd:e1:24:7c:71:59:cc:91:
88:17:7a:55
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSbWk6jGAmV6NX3HCoqsqv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNWQyY2ZiZGI5ZDU4ZDU3NDBmZjM3NWEzMTViMzgyNTQ0
YTk0YWUwHhcNMjIxMTIxMTgwMTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGE4N2RmOTRiYTQwNzgzOWE2ZjNlZTMyMzVhMzkxZDk2MGMwMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBCIf4vGJ1a4P40l6uSkZiHFYF1B
f1WYn8lnU2TOkzn2WpP36SKcqAaJ7C6QRCy13vghUX4ZfjiDkbz47yivocNmB56e
jLxYJQGMvBOWBWyj3CkqO7b+d5NycGvBf9qqflwElgTrn6DqGUDufP526NawMC7U
MTUZcTD90ty/pnSh9FXYnT1uwCyLV5PDHLLm+Dkmvicj3WGAlF86r4988wAveEft
S5OkilO2r2RQDkHbRBDz2kSsxE4JPOeGO3OlLNSUPZkk2EcATktXlOmHZX6V6TFn
qhhPAkenNWlfdBnzBvUVBY6Mn665g77lGyMELsdF/KAlQB7pekx96bDAgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHSofflLpAeDmm8+4yNaOR2WDANXMB8GA1UdIwQY
MBaAFNxdLPvbnVjVdA/zdaMVs4JUSpSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Ywcy05dWRXTlYwRF9OMW94V3pnbFJLbEs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wYjk5ZDktNWFlOS00YWE2LWEyZmMt
MTg0MjM0OGY1YzZjLzEvZEtoOS1VdWtCNE9hYno3akkxbzVIWllNQTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wYjk5ZDktNWFlOS00YWE2LWEyZmMtMTg0MjM0OGY1YzZj
LzEvM0Ywcy05dWRXTlYwRF9OMW94V3pnbFJLbEs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZUIAwQA
uRUwAwQCufJAMA0EAgACMAcDBQMqDMCAMA0GCSqGSIb3DQEBCwUAA4IBAQAIfHUT
Uvv4GixrfV5d7KDxsAam62HHL/1APj8mb/XEuXJsf03F6mbInYH+AcKcQ7nDyUap
Twd+9J2bn5xy0ZKflWNyheWdzbPI2dIGOMpXS7M4x21SQSdtinKlE2KtTZhrmMyX
DnjsU9X6WV2EUY3ap6XbAVX8QdhmF9p6aIPSlCcY061sYLsEVbjMM0ZyhGxnz9tx
DrTbp7GDiHRxj18isWqQFq9Lbg93Gko8/pOGA9M7OR3YDQDcZ3aH9iNnwrHL1bpb
S0QEswDb+keOGEK4qtaFT9mi/vbZhVTgTXtPbwmygSTDkI9eTfu8HOnJ/bMeBthO
zeEkfHFZzJGIF3pV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:39 2025 by rpki-client