Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/ddL1UjTx4H9tUIoOQA8o5heirwg.roa
File: ddL1UjTx4H9tUIoOQA8o5heirwg.roa (raw, json)
Hash identifier: 8H4/yLERi2ElkgbPor15pw8OoMjsGAPRQ6UQTQat+N4=
Subject key identifier: 75:D2:F5:52:34:F1:E0:7F:6D:50:8A:0E:40:0F:28:E6:17:A2:AF:08
Certificate issuer: /CN=be547ebb5c056f70296e408621261f3c4e2d4239
Certificate serial: 01856D0ACA119DF012F95FB8BDF03077EA11
Authority key identifier: BE:54:7E:BB:5C:05:6F:70:29:6E:40:86:21:26:1F:3C:4E:2D:42:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlR-u1wFb3ApbkCGISYfPE4tQjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/ddL1UjTx4H9tUIoOQA8o5heirwg.roa
Signing time: Sun 01 Jan 2023 11:15:01 +0000
ROA not before: Sun 01 Jan 2023 11:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39538
IP address blocks: 195.244.0.0/23 maxlen: 23
194.31.221.0/24 maxlen: 24
194.15.191.0/24 maxlen: 24
2001:67c:2308::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:ca:11:9d:f0:12:f9:5f:b8:bd:f0:30:77:ea:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be547ebb5c056f70296e408621261f3c4e2d4239
Validity
Not Before: Jan 1 11:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75d2f55234f1e07f6d508a0e400f28e617a2af08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a9:7b:1c:e4:27:e2:e4:d7:81:91:6c:e0:3a:
bc:55:eb:3c:50:2a:b3:4c:36:60:4b:63:ed:4b:8b:
1b:22:fc:2e:f5:e0:00:f0:39:e7:8a:b9:18:9c:4b:
5b:96:c0:b3:d9:01:5f:84:4e:29:3a:a4:8e:af:19:
13:e7:28:eb:bb:50:68:c8:b2:89:f2:37:7c:dc:53:
de:e9:b9:59:0a:cc:37:46:1e:80:2b:8a:44:c3:79:
09:71:69:4d:db:7d:ef:09:ca:c6:b9:65:8c:50:02:
9d:62:6e:a2:d3:59:1f:67:f5:07:dd:db:af:3f:81:
03:f4:9f:3a:71:cc:95:fb:15:37:2d:9d:a7:f8:72:
8a:f8:56:df:4b:e4:9a:f7:62:cb:ad:0b:73:f2:12:
bc:f3:4f:4f:a0:61:62:2e:7b:f0:2b:8e:70:9f:9e:
bd:f0:d3:03:86:ab:20:0f:94:f5:68:43:be:7f:b9:
71:ed:e2:16:94:e3:a8:18:20:4d:24:57:5f:70:23:
ae:95:e7:ba:5d:e0:92:a1:f2:f4:07:f5:54:0f:8b:
7f:c7:00:a3:97:b3:db:8f:a6:78:cd:c5:59:01:a7:
ac:d4:4c:a5:92:49:62:2e:5f:61:37:e3:60:36:09:
85:14:a1:35:3a:64:2a:07:c1:9e:47:d2:c0:00:78:
47:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D2:F5:52:34:F1:E0:7F:6D:50:8A:0E:40:0F:28:E6:17:A2:AF:08
X509v3 Authority Key Identifier:
keyid:BE:54:7E:BB:5C:05:6F:70:29:6E:40:86:21:26:1F:3C:4E:2D:42:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlR-u1wFb3ApbkCGISYfPE4tQjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/ddL1UjTx4H9tUIoOQA8o5heirwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/vlR-u1wFb3ApbkCGISYfPE4tQjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.191.0/24
194.31.221.0/24
195.244.0.0/23
IPv6:
2001:67c:2308::/48
Signature Algorithm: sha256WithRSAEncryption
78:6f:ca:9a:4d:d7:0f:46:9d:43:77:14:e6:50:f0:9b:dd:02:
47:5e:52:b8:5a:9c:c8:a3:cc:0b:3e:4a:3d:86:47:1b:28:b1:
2a:19:49:d2:8d:be:2a:e1:1f:da:32:f2:3f:84:f1:d7:f9:52:
e7:cc:bb:6c:0d:09:72:82:38:d4:f8:36:c0:e3:93:00:cc:f2:
0d:3c:6b:70:82:84:f5:85:f9:98:1c:8d:55:93:5b:e8:c4:b2:
16:ac:c7:6e:2e:9f:86:5a:95:9f:e1:bb:70:75:39:c1:c2:e1:
d3:67:80:fc:7c:36:bf:94:81:c5:5f:53:57:04:6c:a9:5f:f8:
9c:f3:6f:a7:e6:11:4a:1b:a7:83:98:09:9f:2d:db:6b:3d:69:
28:ca:17:2f:56:e8:f0:4c:7b:d4:8e:fb:00:70:7d:93:2a:15:
1f:65:4a:3e:52:24:06:55:99:ff:0e:b6:0c:c3:16:1c:67:b8:
8f:4b:d1:71:bb:05:60:5d:98:69:a4:a9:8c:ee:8f:4b:60:87:
63:8a:4c:a9:b2:f3:02:46:e5:7f:79:46:71:e6:a4:0e:b9:88:
d0:d5:2e:82:99:41:5e:07:ac:f3:66:e1:dc:56:85:49:df:16:
27:29:1f:3f:27:41:93:bd:07:a5:8f:ff:e7:89:c1:e1:8e:a2:
7f:9c:99:19
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtCsoRnfAS+V+4vfAwd+oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTQ3ZWJiNWMwNTZmNzAyOTZlNDA4NjIxMjYxZjNjNGUy
ZDQyMzkwHhcNMjMwMTAxMTExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQyZjU1MjM0ZjFlMDdmNmQ1MDhhMGU0MDBmMjhlNjE3YTJhZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6l7HOQn4uTXgZFs4Dq8Ves8UCqz
TDZgS2PtS4sbIvwu9eAA8DnnirkYnEtblsCz2QFfhE4pOqSOrxkT5yjru1BoyLKJ
8jd83FPe6blZCsw3Rh6AK4pEw3kJcWlN233vCcrGuWWMUAKdYm6i01kfZ/UH3duv
P4ED9J86ccyV+xU3LZ2n+HKK+FbfS+Sa92LLrQtz8hK8809PoGFiLnvwK45wn569
8NMDhqsgD5T1aEO+f7lx7eIWlOOoGCBNJFdfcCOulee6XeCSofL0B/VUD4t/xwCj
l7Pbj6Z4zcVZAaes1EylkkliLl9hN+NgNgmFFKE1OmQqB8GeR9LAAHhH7wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHXS9VI08eB/bVCKDkAPKOYXoq8IMB8GA1UdIwQY
MBaAFL5UfrtcBW9wKW5AhiEmHzxOLUI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxSLXUxd0ZiM0FwYmtDR0lTWWZQRTR0UWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NTkyODgtMTBkZS00OTE2LWI0ZDkt
ZDBiOWRjM2FjYTIzLzEvZGRMMVVqVHg0SDl0VUlvT1FBOG81aGVpcndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NTkyODgtMTBkZS00OTE2LWI0ZDktZDBiOWRjM2FjYTIz
LzEvdmxSLXUxd0ZiM0FwYmtDR0lTWWZQRTR0UWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwg+/AwQA
wh/dAwQBw/QAMA8EAgACMAkDBwAgAQZ8IwgwDQYJKoZIhvcNAQELBQADggEBAHhv
yppN1w9GnUN3FOZQ8JvdAkdeUrhanMijzAs+Sj2GRxsosSoZSdKNvirhH9oy8j+E
8df5UufMu2wNCXKCONT4NsDjkwDM8g08a3CChPWF+ZgcjVWTW+jEshasx24un4Za
lZ/hu3B1OcHC4dNngPx8Nr+UgcVfU1cEbKlf+Jzzb6fmEUobp4OYCZ8t22s9aSjK
Fy9W6PBMe9SO+wBwfZMqFR9lSj5SJAZVmf8OtgzDFhxnuI9L0XG7BWBdmGmkqYzu
j0tgh2OKTKmy8wJG5X95RnHmpA65iNDVLoKZQV4HrPNm4dxWhUnfFicpHz8nQZO9
B6WP/+eJweGOon+cmRk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:57 2025 by rpki-client