Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/DE-wB2_m9tOFNiCrqSLhKbBBvZs.roa
File: DE-wB2_m9tOFNiCrqSLhKbBBvZs.roa (raw, json)
Hash identifier: biwXwV8QRzs2WlXSxdUNnyOmM13Zb5WTSZouFtOvxEY=
Subject key identifier: 0C:4F:B0:07:6F:E6:F6:D3:85:36:20:AB:A9:22:E1:29:B0:41:BD:9B
Certificate issuer: /CN=b2db2bfcf59d99ca70833708fd30032f23fef485
Certificate serial: 0185724C9477EE695CFD4FB0AFF8920B98B9
Authority key identifier: B2:DB:2B:FC:F5:9D:99:CA:70:83:37:08:FD:30:03:2F:23:FE:F4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/DE-wB2_m9tOFNiCrqSLhKbBBvZs.roa
Signing time: Mon 02 Jan 2023 11:44:59 +0000
ROA not before: Mon 02 Jan 2023 11:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201910
IP address blocks: 79.170.144.0/23 maxlen: 23
79.170.146.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:94:77:ee:69:5c:fd:4f:b0:af:f8:92:0b:98:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2db2bfcf59d99ca70833708fd30032f23fef485
Validity
Not Before: Jan 2 11:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c4fb0076fe6f6d3853620aba922e129b041bd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2e:28:bd:8b:56:99:ca:e9:b7:9e:18:98:ba:
df:19:67:f3:07:d0:2f:6d:b1:3a:1c:7b:f1:71:a8:
44:30:33:b2:cf:30:d2:20:9b:57:b8:7b:01:46:2e:
61:6a:38:9b:f7:81:7e:a6:1a:cf:81:22:21:17:fb:
39:f2:f6:72:1b:96:08:c6:e9:82:83:f3:90:40:7e:
60:92:60:47:fc:b4:c3:49:46:08:3d:2f:6a:08:b4:
5e:f2:8b:0e:eb:a1:a8:cc:08:08:3f:6b:15:72:6a:
99:05:8a:ef:5e:c7:73:3b:7b:a7:54:4d:35:2a:b5:
9a:ae:02:04:27:e8:a7:51:8a:65:21:6e:64:33:2e:
28:fe:fa:d3:88:9f:9d:58:b0:d8:ea:97:23:30:6c:
93:48:0a:10:a1:c0:7a:d7:bf:67:9b:5d:22:aa:d5:
d4:e5:2d:32:3c:77:e4:5a:ee:4b:a6:2a:c6:d9:38:
d7:a9:66:6e:5e:d3:de:c7:00:d5:27:21:75:a6:2a:
25:2c:bd:e7:b7:a8:92:9a:f5:b4:5b:a4:f9:f1:22:
15:9a:83:8d:04:7c:dd:88:ba:4e:0b:0a:9a:d8:fe:
cf:b9:6e:ac:fa:6e:33:43:49:14:86:d1:f2:64:06:
e7:7f:97:6b:5a:19:22:e5:62:cb:dd:ee:2c:82:ec:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4F:B0:07:6F:E6:F6:D3:85:36:20:AB:A9:22:E1:29:B0:41:BD:9B
X509v3 Authority Key Identifier:
keyid:B2:DB:2B:FC:F5:9D:99:CA:70:83:37:08:FD:30:03:2F:23:FE:F4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/DE-wB2_m9tOFNiCrqSLhKbBBvZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:76:cc:e6:da:a5:28:02:24:ca:82:a2:35:4d:0e:34:f5:42:
45:32:bc:7c:d2:c6:cd:f9:64:a3:97:fe:20:28:f9:04:f3:92:
fb:14:23:74:ee:8f:bb:12:41:dd:94:ce:37:ac:89:41:67:b0:
a6:6f:27:dd:cc:db:0d:1c:91:16:b4:cb:7a:03:1f:dc:3f:bd:
44:91:ed:7c:d2:6f:b2:9a:01:da:40:b9:43:f4:26:c3:df:36:
12:ae:55:d8:21:99:a2:04:d9:8d:e3:b5:37:69:cd:d4:f8:81:
25:bc:5c:a2:f4:bd:6b:8d:0e:4d:96:ac:3a:9c:c0:ce:85:c3:
43:f4:36:c3:56:39:ac:4f:b8:cd:4b:01:ff:74:84:2a:92:86:
01:ba:f7:c1:da:5a:06:35:5e:0b:e2:6d:01:72:60:da:70:7f:
a7:45:f4:75:1d:86:dc:fa:1e:11:98:bb:2a:73:31:85:52:51:
3d:fd:5a:c1:b2:fe:5a:e4:d9:50:52:3f:0e:2d:d4:c8:0a:a6:
f7:5f:c7:99:7d:45:28:a4:9b:f2:32:74:31:1d:ab:05:79:78:
13:c7:5d:82:f8:43:7f:ed:5e:23:28:93:84:d7:e5:65:f9:c5:
9a:2e:28:2c:e1:fa:81:a0:ec:35:28:95:85:aa:e0:a0:20:d6:
00:d7:e8:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTJR37mlc/U+wr/iSC5i5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGIyYmZjZjU5ZDk5Y2E3MDgzMzcwOGZkMzAwMzJmMjNm
ZWY0ODUwHhcNMjMwMTAyMTE0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzRmYjAwNzZmZTZmNmQzODUzNjIwYWJhOTIyZTEyOWIwNDFiZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC4ovYtWmcrpt54YmLrfGWfzB9Av
bbE6HHvxcahEMDOyzzDSIJtXuHsBRi5hajib94F+phrPgSIhF/s58vZyG5YIxumC
g/OQQH5gkmBH/LTDSUYIPS9qCLRe8osO66GozAgIP2sVcmqZBYrvXsdzO3unVE01
KrWargIEJ+inUYplIW5kMy4o/vrTiJ+dWLDY6pcjMGyTSAoQocB6179nm10iqtXU
5S0yPHfkWu5LpirG2TjXqWZuXtPexwDVJyF1piolLL3nt6iSmvW0W6T58SIVmoON
BHzdiLpOCwqa2P7PuW6s+m4zQ0kUhtHyZAbnf5drWhki5WLL3e4sguyq/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxPsAdv5vbThTYgq6ki4SmwQb2bMB8GA1UdIwQY
MBaAFLLbK/z1nZnKcIM3CP0wAy8j/vSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zOWRiNmMtZjIzYi00YzliLTlmNzkt
NzM0OTk0YzUyYzFmLzEvREUtd0IyX205dE9GTmlDcnFTTGhLYkJCdlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zOWRiNmMtZjIzYi00YzliLTlmNzktNzM0OTk0YzUyYzFm
LzEvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT6qQMA0G
CSqGSIb3DQEBCwUAA4IBAQBudszm2qUoAiTKgqI1TQ409UJFMrx80sbN+WSjl/4g
KPkE85L7FCN07o+7EkHdlM43rIlBZ7CmbyfdzNsNHJEWtMt6Ax/cP71Eke180m+y
mgHaQLlD9CbD3zYSrlXYIZmiBNmN47U3ac3U+IElvFyi9L1rjQ5Nlqw6nMDOhcND
9DbDVjmsT7jNSwH/dIQqkoYBuvfB2loGNV4L4m0BcmDacH+nRfR1HYbc+h4RmLsq
czGFUlE9/VrBsv5a5NlQUj8OLdTICqb3X8eZfUUopJvyMnQxHasFeXgTx12C+EN/
7V4jKJOE1+Vl+cWaLigs4fqBoOw1KJWFquCgINYA1+hq
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:18:02 2025 by rpki-client