Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/DPbppzBcK_LVDsKT2kHM3-ZhtZ8.roa
File: DPbppzBcK_LVDsKT2kHM3-ZhtZ8.roa (raw, json)
Hash identifier: e1F6ZlDoRJ+ntamDX5Nilx7AEQcfUdI2GyJ0pTsJF0c=
Subject key identifier: 0C:F6:E9:A7:30:5C:2B:F2:D5:0E:C2:93:DA:41:CC:DF:E6:61:B5:9F
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018BD36D99FD6F6ABD19D6FD1BCD069BABE0
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/DPbppzBcK_LVDsKT2kHM3-ZhtZ8.roa
Signing time: Wed 15 Nov 2023 14:40:57 +0000
ROA not before: Wed 15 Nov 2023 14:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 193.3.169.0/24 maxlen: 24
146.19.67.0/24 maxlen: 24
212.52.29.0/24 maxlen: 24
94.154.116.0/24 maxlen: 24
194.62.104.0/24 maxlen: 24
5.172.180.0/24 maxlen: 24
194.104.135.0/24 maxlen: 24
185.149.148.0/24 maxlen: 24
185.235.227.0/24 maxlen: 24
185.83.231.0/24 maxlen: 24
212.23.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:6d:99:fd:6f:6a:bd:19:d6:fd:1b:cd:06:9b:ab:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Nov 15 14:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cf6e9a7305c2bf2d50ec293da41ccdfe661b59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c1:59:57:b9:24:30:66:a6:e4:6c:0d:da:d6:
01:a5:d0:c9:07:f2:3f:bb:fb:28:a8:5f:df:68:c3:
aa:25:50:3c:3f:eb:9d:9a:68:d3:cf:79:d8:8a:3a:
a9:d3:67:2c:75:df:ed:92:10:45:c3:3a:14:f9:0f:
b1:2d:e4:5f:37:f6:61:ff:c7:1b:8c:a9:a4:4d:dd:
1e:a9:3d:47:ea:67:d0:5a:00:1d:90:40:20:dd:b3:
7d:18:82:59:1f:c8:37:ce:dd:99:72:17:1b:4e:48:
61:16:d8:32:bc:44:e9:a8:88:0f:9a:c8:77:81:5d:
c8:db:1c:1f:69:f2:77:ad:7c:72:39:0c:49:13:24:
97:11:0b:d4:ef:df:b8:64:c8:42:5e:21:f1:ad:6b:
02:e6:74:0d:f4:f1:c9:a4:e8:90:f6:dc:42:d4:48:
11:c8:b7:73:e9:98:7b:05:55:5b:eb:6d:90:03:7c:
b2:bf:10:ae:9b:73:df:cc:2a:0b:ce:18:19:ce:21:
0a:5b:c7:a0:d1:e2:6a:f5:ca:78:0f:fd:02:51:f4:
66:0e:f7:f9:66:f3:09:d8:00:a6:89:f9:62:13:80:
ea:42:1c:c8:c6:75:e2:ab:e8:55:ec:d2:5a:e4:54:
82:c0:d5:26:0e:00:3c:42:09:1d:1f:9b:5a:eb:82:
53:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F6:E9:A7:30:5C:2B:F2:D5:0E:C2:93:DA:41:CC:DF:E6:61:B5:9F
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/DPbppzBcK_LVDsKT2kHM3-ZhtZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.180.0/24
94.154.116.0/24
146.19.67.0/24
185.83.231.0/24
185.149.148.0/24
185.235.227.0/24
193.3.169.0/24
194.62.104.0/24
194.104.135.0/24
212.23.195.0/24
212.52.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:44:7c:1f:d0:cc:7f:05:0c:49:3a:e1:56:be:ce:71:b4:05:
fc:1d:37:f2:b2:03:69:cb:cd:67:49:9c:32:83:1f:98:87:ef:
2c:68:80:68:ab:be:c9:19:92:0a:32:39:9b:3e:1e:5c:64:c9:
ec:33:df:31:08:3e:e8:d8:6e:ad:11:e5:94:dd:d0:64:0e:e7:
8e:b2:5a:1b:9b:61:71:5a:dd:f6:87:c2:df:5a:dd:7c:fb:76:
82:86:42:0e:f0:6d:0b:24:1a:0d:c7:e0:67:cf:9f:91:86:d4:
07:a2:70:3f:52:28:19:5b:9a:16:9c:8c:ec:5b:ac:a7:ec:90:
bb:5c:8d:55:69:65:31:fe:e9:94:79:4f:04:a3:97:1b:5b:5e:
f3:39:60:15:81:a6:51:d8:af:53:66:63:a4:24:06:03:18:f8:
42:35:95:ea:62:8a:7f:5b:f2:43:96:ac:5b:55:3f:ff:1b:75:
89:19:4c:19:79:5b:62:87:12:6d:cb:ee:4a:b2:24:71:56:e5:
73:a1:7f:f4:bd:71:20:80:36:a5:a8:62:bf:39:c4:25:9f:8f:
eb:10:84:2f:be:55:9c:d0:0d:48:d4:90:47:f6:87:6b:e6:37:
d1:c0:f0:6c:1c:c1:7d:49:65:15:78:d3:ce:33:ae:ee:96:b5:
cf:60:a8:fd
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYvTbZn9b2q9Gdb9G80Gm6vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMxMTE1MTQ0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Y2ZTlhNzMwNWMyYmYyZDUwZWMyOTNkYTQxY2NkZmU2NjFiNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8FZV7kkMGam5GwN2tYBpdDJB/I/
u/soqF/faMOqJVA8P+udmmjTz3nYijqp02csdd/tkhBFwzoU+Q+xLeRfN/Zh/8cb
jKmkTd0eqT1H6mfQWgAdkEAg3bN9GIJZH8g3zt2ZchcbTkhhFtgyvETpqIgPmsh3
gV3I2xwfafJ3rXxyOQxJEySXEQvU79+4ZMhCXiHxrWsC5nQN9PHJpOiQ9txC1EgR
yLdz6Zh7BVVb622QA3yyvxCum3PfzCoLzhgZziEKW8eg0eJq9cp4D/0CUfRmDvf5
ZvMJ2ACmifliE4DqQhzIxnXiq+hV7NJa5FSCwNUmDgA8QgkdH5ta64JTQQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAz26acwXCvy1Q7Ck9pBzN/mYbWfMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvRFBicHB6QmNLX0xWRHNLVDJrSE0zLVpodFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABay0AwQA
Xpp0AwQAkhNDAwQAuVPnAwQAuZWUAwQAuevjAwQAwQOpAwQAwj5oAwQAwmiHAwQA
1BfDAwQA1DQdMA0GCSqGSIb3DQEBCwUAA4IBAQBcRHwf0Mx/BQxJOuFWvs5xtAX8
HTfysgNpy81nSZwygx+Yh+8saIBoq77JGZIKMjmbPh5cZMnsM98xCD7o2G6tEeWU
3dBkDueOslobm2FxWt32h8LfWt18+3aChkIO8G0LJBoNx+Bnz5+RhtQHonA/UigZ
W5oWnIzsW6yn7JC7XI1VaWUx/umUeU8Eo5cbW17zOWAVgaZR2K9TZmOkJAYDGPhC
NZXqYop/W/JDlqxbVT//G3WJGUwZeVtihxJty+5KsiRxVuVzoX/0vXEggDalqGK/
OcQln4/rEIQvvlWc0A1I1JBH9odr5jfRwPBsHMF9SWUVeNPOM67ulrXPYKj9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:27 2025 by rpki-client