Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/b88e0c-24cf-4fec-b118-9a6df39592c7/1/9DgRTpIxjLN6P4gIrEP8rmkEemI.roa
File: 9DgRTpIxjLN6P4gIrEP8rmkEemI.roa (raw, json)
Hash identifier: Zk8vtzr2hZpqL+e30xzTPau4LMRfyZAVlbSuI4EiyxM=
Subject key identifier: F4:38:11:4E:92:31:8C:B3:7A:3F:88:08:AC:43:FC:AE:69:04:7A:62
Certificate issuer: /CN=83076f3ab3efaa6328f0a38fcf4a7f963004b777
Certificate serial: 0185711E52BB452DC9850836375FE0087769
Authority key identifier: 83:07:6F:3A:B3:EF:AA:63:28:F0:A3:8F:CF:4A:7F:96:30:04:B7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwdvOrPvqmMo8KOPz0p_ljAEt3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/b88e0c-24cf-4fec-b118-9a6df39592c7/1/9DgRTpIxjLN6P4gIrEP8rmkEemI.roa
Signing time: Mon 02 Jan 2023 06:14:50 +0000
ROA not before: Mon 02 Jan 2023 06:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203673
IP address blocks: 185.127.168.0/22 maxlen: 22
84.38.8.0/21 maxlen: 21
2a03:97e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:52:bb:45:2d:c9:85:08:36:37:5f:e0:08:77:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83076f3ab3efaa6328f0a38fcf4a7f963004b777
Validity
Not Before: Jan 2 06:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f438114e92318cb37a3f8808ac43fcae69047a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c2:8a:51:6d:91:a6:8e:9c:4b:ab:f7:c6:80:
62:ec:83:cf:a8:ff:5d:55:01:ec:57:9c:7c:3c:1b:
32:d5:de:51:72:a4:ec:7f:34:29:e9:20:24:07:41:
2f:4f:83:cc:44:37:ff:fe:53:79:72:ff:73:8c:9c:
8e:0d:d0:73:4b:61:9e:e8:da:0d:72:71:34:4e:25:
11:91:5a:6a:93:0e:c7:dd:e2:d4:5e:ba:81:c1:91:
3c:27:59:99:57:60:64:14:9c:17:75:a2:8b:64:9f:
65:72:01:ce:25:aa:47:61:2d:66:74:e3:11:62:84:
6d:ad:c4:4a:87:69:d6:2e:4b:c8:07:ed:90:3d:55:
a6:ef:56:aa:c1:5c:11:82:b2:b8:f7:86:6a:83:fc:
e2:15:5e:ac:3f:02:9e:79:69:b7:f2:d6:a5:6c:99:
20:ef:5b:fe:ff:2d:49:c4:f4:46:d1:11:fd:ff:ae:
18:67:fd:3b:b9:d9:f5:28:e9:fb:47:01:b5:7c:7d:
bb:9d:21:4c:fc:ba:5e:cf:dc:b9:a7:28:f9:5c:9d:
01:b3:d4:d1:6a:89:a5:b6:bb:d1:0a:03:b6:21:36:
94:3d:d3:06:8c:eb:23:ca:8f:f2:a0:b9:bf:19:be:
db:d4:4e:e5:00:6e:e1:67:15:eb:91:8a:e5:ff:d8:
e4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:38:11:4E:92:31:8C:B3:7A:3F:88:08:AC:43:FC:AE:69:04:7A:62
X509v3 Authority Key Identifier:
keyid:83:07:6F:3A:B3:EF:AA:63:28:F0:A3:8F:CF:4A:7F:96:30:04:B7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwdvOrPvqmMo8KOPz0p_ljAEt3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b88e0c-24cf-4fec-b118-9a6df39592c7/1/9DgRTpIxjLN6P4gIrEP8rmkEemI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b88e0c-24cf-4fec-b118-9a6df39592c7/1/gwdvOrPvqmMo8KOPz0p_ljAEt3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.8.0/21
185.127.168.0/22
IPv6:
2a03:97e0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:5e:29:56:64:5d:32:cf:2b:b1:a2:9c:aa:ae:81:23:89:1b:
95:1a:ec:e6:39:8b:3e:fd:af:cb:90:3b:f2:bc:4c:71:40:b8:
19:d3:c8:e8:47:c9:da:bf:c8:0d:4b:a4:b9:e5:96:e5:db:a1:
d5:e8:18:66:b4:0c:66:a0:4c:99:3d:c7:8f:65:ee:21:15:37:
03:48:aa:ca:51:f3:d1:6e:7d:bc:dc:22:ad:c7:5d:9f:02:ad:
38:9c:48:29:7c:4f:68:1c:79:6b:b9:a8:6b:dc:17:c3:6c:af:
eb:fd:92:06:c6:6e:c4:5a:55:d5:8c:7e:4f:4a:17:a2:66:82:
e4:99:c5:31:41:9c:3c:88:71:41:7e:bb:e8:97:05:cd:6b:b7:
e4:d4:5c:6e:31:6b:86:f3:c7:38:31:4c:85:65:72:c4:ee:b3:
fa:88:6b:28:e6:5b:fb:1c:02:9a:d9:ab:c6:e3:ae:54:40:a1:
12:3f:17:66:a4:cf:0b:ec:d9:e8:ce:38:15:b6:44:45:03:4f:
1a:8e:50:79:50:18:91:4b:76:56:22:cf:a8:04:40:da:22:26:
54:8a:c2:3e:26:02:43:6d:99:fc:39:35:b7:80:47:f6:16:37:
4b:8a:ec:0a:7a:74:37:5a:c5:f4:f7:44:05:d6:6f:64:5f:a3:
28:98:75:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxHlK7RS3JhQg2N1/gCHdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDc2ZjNhYjNlZmFhNjMyOGYwYTM4ZmNmNGE3Zjk2MzAw
NGI3NzcwHhcNMjMwMTAyMDYxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM4MTE0ZTkyMzE4Y2IzN2EzZjg4MDhhYzQzZmNhZTY5MDQ3YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMKKUW2Rpo6cS6v3xoBi7IPPqP9d
VQHsV5x8PBsy1d5RcqTsfzQp6SAkB0EvT4PMRDf//lN5cv9zjJyODdBzS2Ge6NoN
cnE0TiURkVpqkw7H3eLUXrqBwZE8J1mZV2BkFJwXdaKLZJ9lcgHOJapHYS1mdOMR
YoRtrcRKh2nWLkvIB+2QPVWm71aqwVwRgrK494Zqg/ziFV6sPwKeeWm38talbJkg
71v+/y1JxPRG0RH9/64YZ/07udn1KOn7RwG1fH27nSFM/Lpez9y5pyj5XJ0Bs9TR
aomltrvRCgO2ITaUPdMGjOsjyo/yoLm/Gb7b1E7lAG7hZxXrkYrl/9jkKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPQ4EU6SMYyzej+ICKxD/K5pBHpiMB8GA1UdIwQY
MBaAFIMHbzqz76pjKPCjj89Kf5YwBLd3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dkdk9yUHZxbU1vOEtPUHowcF9sakFFdDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iODhlMGMtMjRjZi00ZmVjLWIxMTgt
OWE2ZGYzOTU5MmM3LzEvOURnUlRwSXhqTE42UDRnSXJFUDhybWtFZW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iODhlMGMtMjRjZi00ZmVjLWIxMTgtOWE2ZGYzOTU5MmM3
LzEvZ3dkdk9yUHZxbU1vOEtPUHowcF9sakFFdDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVCYIAwQC
uX+oMA0EAgACMAcDBQAqA5fgMA0GCSqGSIb3DQEBCwUAA4IBAQCLXilWZF0yzyux
opyqroEjiRuVGuzmOYs+/a/LkDvyvExxQLgZ08joR8nav8gNS6S55Zbl26HV6Bhm
tAxmoEyZPcePZe4hFTcDSKrKUfPRbn283CKtx12fAq04nEgpfE9oHHlruahr3BfD
bK/r/ZIGxm7EWlXVjH5PSheiZoLkmcUxQZw8iHFBfrvolwXNa7fk1FxuMWuG88c4
MUyFZXLE7rP6iGso5lv7HAKa2avG465UQKESPxdmpM8L7NnozjgVtkRFA08ajlB5
UBiRS3ZWIs+oBEDaIiZUisI+JgJDbZn8OTW3gEf2FjdLiuwKenQ3WsX090QF1m9k
X6MomHXA
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:21:30 2025 by rpki-client