Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/duvrepRs2kiDLmY0zc3twDXGPes.roa
File: duvrepRs2kiDLmY0zc3twDXGPes.roa (raw, json)
Hash identifier: 5MbwRws3u6p+zDMa139RDAcnx1UEG9UTyeUG9zOEL2U=
Subject key identifier: 76:EB:EB:7A:94:6C:DA:48:83:2E:66:34:CD:CD:ED:C0:35:C6:3D:EB
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 03EAE888
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/duvrepRs2kiDLmY0zc3twDXGPes.roa
Signing time: Sat 01 Jan 2022 07:54:45 +0000
ROA not before: Sat 01 Jan 2022 07:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211768
IP address blocks: 185.86.188.0/22 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65726600 (0x3eae888)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Jan 1 07:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76ebeb7a946cda48832e6634cdcdedc035c63deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8f:a9:f6:98:fc:7a:71:d9:8a:2b:53:e6:3f:
88:1f:5c:33:43:3f:03:15:e9:c7:49:09:e4:9c:1d:
ed:10:9b:15:c8:f8:1a:ce:a7:e7:e0:67:ae:cf:4a:
c7:d7:49:4b:ab:87:ea:59:5f:0f:8d:ea:50:55:a6:
22:db:46:25:cf:e2:6a:62:4f:c9:43:31:cf:45:a1:
cb:66:f4:69:37:d9:49:4b:91:d8:c8:f1:31:7b:23:
0f:1f:17:cd:b0:77:48:9a:6b:a5:05:03:55:c7:c7:
d3:05:44:6c:59:e3:62:88:58:2e:db:66:92:a3:06:
c5:f1:c7:ea:70:ca:b3:d8:c6:1e:aa:fc:c0:78:5f:
54:6c:d8:77:52:8a:7c:f6:40:5e:c5:91:ea:3d:76:
9c:f4:be:74:ca:6a:0f:8d:bd:a2:09:fa:f2:29:ff:
81:2d:58:5c:1d:99:c1:d3:12:82:cd:70:ee:0e:22:
4f:0d:94:9a:31:97:ec:7f:6e:3a:d9:d0:9b:5f:d9:
10:0f:bb:dc:52:37:c6:08:65:a1:74:2e:ea:ab:ab:
74:4a:9a:ae:a9:6a:e5:2c:e6:9f:9e:1d:08:18:12:
36:83:ca:3c:b8:06:9f:d8:14:7a:f6:e2:2c:f9:0a:
19:73:d5:1a:c9:06:37:e4:da:70:07:d2:d8:85:34:
3d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EB:EB:7A:94:6C:DA:48:83:2E:66:34:CD:CD:ED:C0:35:C6:3D:EB
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/duvrepRs2kiDLmY0zc3twDXGPes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
IPv6:
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
9b:bb:83:38:13:9e:a8:a1:66:c0:35:14:7f:fd:c5:1b:15:c3:
3e:37:5a:b2:15:a6:9f:b3:39:7d:48:e7:0c:ba:b2:c2:68:04:
dd:9b:4f:55:2e:42:90:f5:a9:32:6a:3f:b8:66:71:2c:66:c5:
02:96:ec:aa:2e:c2:fb:fe:42:b9:69:89:90:55:27:59:1a:04:
14:e5:d4:d1:3c:9a:a0:15:de:3a:31:ce:16:78:f2:87:bb:c1:
a0:62:36:7d:36:10:a5:d8:0b:a3:99:79:2d:a2:1d:c2:69:36:
7c:43:d7:3c:76:b1:7d:a1:cb:83:a4:96:1f:a2:fb:e7:09:83:
01:b3:25:75:8a:c2:13:b1:67:43:5e:73:a8:24:84:54:1d:c9:
22:04:40:79:bd:c4:11:bb:31:e7:47:90:d6:87:46:67:44:ff:
11:fb:81:10:7a:5f:c9:f6:25:ff:02:3f:b3:69:2c:d8:f7:31:
a0:76:2b:a6:37:ed:1f:12:d4:15:3c:8b:18:15:0e:03:89:aa:
73:c6:54:4d:57:a1:dc:94:66:4c:05:b6:1d:cb:6c:8b:b2:40:
e2:bf:64:7a:37:3e:c5:f8:b8:cb:14:3b:40:05:4f:87:e7:9d:
f6:18:b9:d4:7a:cf:d8:3e:db:0a:d6:f2:03:31:e2:67:3d:42:
c1:c5:cf:e8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEA+roiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjY2MGIyM2ZlM2I4NjQyZDZiZjQ3NWY4ZWI3ZmNhZDlkMTNjNDEzMB4XDTIyMDEw
MTA3NTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZlYmViN2E5NDZj
ZGE0ODgzMmU2NjM0Y2RjZGVkYzAzNWM2M2RlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKPqfaY/Hpx2YorU+Y/iB9cM0M/AxXpx0kJ5Jwd7RCbFcj4
Gs6n5+Bnrs9Kx9dJS6uH6llfD43qUFWmIttGJc/iamJPyUMxz0Why2b0aTfZSUuR
2MjxMXsjDx8XzbB3SJprpQUDVcfH0wVEbFnjYohYLttmkqMGxfHH6nDKs9jGHqr8
wHhfVGzYd1KKfPZAXsWR6j12nPS+dMpqD429ogn68in/gS1YXB2ZwdMSgs1w7g4i
Tw2UmjGX7H9uOtnQm1/ZEA+73FI3xghloXQu6qurdEqarqlq5Szmn54dCBgSNoPK
PLgGn9gUevbiLPkKGXPVGskGN+TacAfS2IU0PasCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR26+t6lGzaSIMuZjTNze3ANcY96zAfBgNVHSMEGDAWgBSSZgsj/juGQta/
R1+Ot/ytnRPEEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ttWUxJXzQ3aGtMV3YwZGZqcmY4clowVHhCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNjNC8x
L2R1dnJlcFJzMmtpRExtWTB6YzN0d0RYR1Blcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNjNC8xL2ttWUxJXzQ3aGtM
V3YwZGZqcmY4clowVHhCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArlWvAMEArl8wAMEAsETgDANBAIA
AjAHAwUDKga1ADANBgkqhkiG9w0BAQsFAAOCAQEAm7uDOBOeqKFmwDUUf/3FGxXD
PjdashWmn7M5fUjnDLqywmgE3ZtPVS5CkPWpMmo/uGZxLGbFApbsqi7C+/5CuWmJ
kFUnWRoEFOXU0TyaoBXeOjHOFnjyh7vBoGI2fTYQpdgLo5l5LaIdwmk2fEPXPHax
faHLg6SWH6L75wmDAbMldYrCE7FnQ15zqCSEVB3JIgRAeb3EEbsx50eQ1odGZ0T/
EfuBEHpfyfYl/wI/s2ks2PcxoHYrpjftHxLUFTyLGBUOA4mqc8ZUTVeh3JRmTAW2
Hctsi7JA4r9kejc+xfi4yxQ7QAVPh+ed9hi51HrP2D7bCtbyAzHiZz1CwcXP6A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:35 2025 by rpki-client