Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/dXOXrt7dpLlFUY0R3hdPVU7B-pQ.roa
File: dXOXrt7dpLlFUY0R3hdPVU7B-pQ.roa (raw, json)
Hash identifier: misWUqO0wkMnCfzL1LLvgN6vTTNCKMpx9YVyWtiUklc=
Subject key identifier: 75:73:97:AE:DE:DD:A4:B9:45:51:8D:11:DE:17:4F:55:4E:C1:FA:94
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 33E05E93
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/dXOXrt7dpLlFUY0R3hdPVU7B-pQ.roa
Signing time: Sat 01 Jan 2022 04:55:33 +0000
ROA not before: Sat 01 Jan 2022 04:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31689
IP address blocks: 194.27.77.0/24 maxlen: 24
194.27.76.0/22 maxlen: 22
194.27.76.0/24 maxlen: 24
194.27.73.0/24 maxlen: 24
194.27.78.0/24 maxlen: 24
194.27.79.0/24 maxlen: 24
193.140.43.0/24 maxlen: 24
193.140.44.0/24 maxlen: 24
193.140.41.0/24 maxlen: 24
193.140.42.0/24 maxlen: 24
193.140.40.0/24 maxlen: 24
193.140.40.0/21 maxlen: 21
193.140.47.0/24 maxlen: 24
193.140.45.0/24 maxlen: 24
193.140.46.0/24 maxlen: 24
193.140.172.0/24 maxlen: 24
193.140.172.0/22 maxlen: 22
193.140.175.0/24 maxlen: 24
193.140.173.0/24 maxlen: 24
193.140.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870342291 (0x33e05e93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=757397aededda4b945518d11de174f554ec1fa94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:a5:58:61:ac:fb:f7:f1:bf:58:cc:ad:dc:
96:3d:fa:9f:11:e4:33:fa:d1:4f:9e:e1:9b:4c:3e:
d0:49:cf:5a:92:5a:aa:77:26:d2:f4:18:b6:79:7e:
5b:09:7d:bd:fb:72:d5:bd:f8:c8:64:0c:ae:a2:72:
42:59:80:6d:d4:9f:c5:32:6e:77:39:28:7d:e5:88:
6c:01:0e:19:c3:23:b9:59:71:c8:2c:b7:20:d7:16:
05:8b:38:b3:f9:20:32:81:b0:c6:82:b1:df:db:ac:
f1:5a:da:53:46:cc:04:a1:73:99:d6:a4:d9:77:50:
66:7f:c6:43:dd:e0:2e:e4:47:e1:78:00:4f:f6:02:
fb:2b:d4:3c:ef:33:f6:f1:a2:2d:01:c7:8e:e1:ff:
24:3b:21:43:7c:7d:26:e1:ca:bf:28:70:37:40:bd:
40:96:43:4a:b4:8a:d0:eb:73:53:5f:29:3a:10:6e:
e6:53:df:6f:a9:3e:d8:8f:15:26:12:86:f5:34:f4:
7a:22:a1:8a:62:b3:95:f2:58:fb:27:9c:d2:40:52:
25:79:b4:64:86:4a:27:e2:ab:fa:0e:8d:34:d1:b8:
15:34:f6:83:94:5b:05:e1:fe:7c:29:4f:96:76:7b:
79:06:0c:6e:65:5a:9f:34:e1:0b:35:05:34:12:cf:
8c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:73:97:AE:DE:DD:A4:B9:45:51:8D:11:DE:17:4F:55:4E:C1:FA:94
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/dXOXrt7dpLlFUY0R3hdPVU7B-pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.40.0/21
193.140.172.0/22
194.27.73.0/24
194.27.76.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:86:14:63:92:cd:09:95:83:a9:71:49:8f:8a:74:3b:7b:c6:
d1:1e:a1:30:77:fe:52:0b:08:3e:71:f0:0e:30:e7:a3:68:26:
0e:5f:fd:ac:70:cd:99:09:24:b1:29:98:1c:03:3c:1f:94:07:
8b:5b:44:91:95:52:c4:ea:0d:60:a3:18:30:a8:13:6f:3c:c9:
76:71:b9:b4:98:c0:1c:93:2e:8a:fa:73:f2:e8:b3:41:d7:98:
60:45:bf:0a:99:59:2f:a3:e6:18:b4:d9:a9:c2:fb:71:96:bc:
83:2c:8b:ee:45:1d:b0:51:2d:f6:9e:3a:7a:3c:e1:8a:d1:86:
b6:eb:6f:b0:10:2f:18:d7:1d:5c:3a:26:9d:c6:52:66:37:ba:
00:3f:7e:7c:1e:68:08:67:37:03:39:d2:21:3a:db:6d:f0:a3:
9e:dd:8c:3a:44:72:df:45:7a:19:59:e1:46:e1:f3:17:a3:0a:
bc:58:f2:f7:d7:8b:01:bf:a8:28:ee:63:e7:dc:33:52:d3:e7:
ae:2a:60:33:41:4d:e0:ee:e4:6d:a2:90:8e:a2:16:9d:84:68:
4f:52:1b:63:ff:c2:53:54:75:dc:67:e8:99:ca:7e:d1:ad:8a:
7a:57:4a:34:35:f0:d8:57:26:d9:5f:06:68:7f:d8:b3:00:6c:
6d:6b:9e:d7
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEM+BekzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzUxOGQxODA5MjNhN2YzYzAwNjUzZWMxMmJjNzAyYjk1YWFiOTA3MB4XDTIyMDEw
MTA0NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU3Mzk3YWVkZWRk
YTRiOTQ1NTE4ZDExZGUxNzRmNTU0ZWMxZmE5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpGpVhhrPv38b9YzK3clj36nxHkM/rRT57hm0w+0EnPWpJa
qncm0vQYtnl+Wwl9vfty1b34yGQMrqJyQlmAbdSfxTJudzkofeWIbAEOGcMjuVlx
yCy3INcWBYs4s/kgMoGwxoKx39us8VraU0bMBKFzmdak2XdQZn/GQ93gLuRH4XgA
T/YC+yvUPO8z9vGiLQHHjuH/JDshQ3x9JuHKvyhwN0C9QJZDSrSK0OtzU18pOhBu
5lPfb6k+2I8VJhKG9TT0eiKhimKzlfJY+yec0kBSJXm0ZIZKJ+Kr+g6NNNG4FTT2
g5RbBeH+fClPlnZ7eQYMbmVanzThCzUFNBLPjGMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR1c5eu3t2kuUVRjRHeF09VTsH6lDAfBgNVHSMEGDAWgBQ3UY0YCSOn88AG
U+wSvHArlaq5BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04xR05HQWtqcF9QQUJsUHNFcnh3SzVXcXVRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8x
L2RYT1hydDdkcExsRlVZMFIzaGRQVlU3Qi1wUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8xL04xR05HQWtqcF9Q
QUJsUHNFcnh3SzVXcXVRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEA8GMKAMEAsGMrAMEAMIbSQMEAsIb
TDANBgkqhkiG9w0BAQsFAAOCAQEAe4YUY5LNCZWDqXFJj4p0O3vG0R6hMHf+UgsI
PnHwDjDno2gmDl/9rHDNmQkksSmYHAM8H5QHi1tEkZVSxOoNYKMYMKgTbzzJdnG5
tJjAHJMuivpz8uizQdeYYEW/CplZL6PmGLTZqcL7cZa8gyyL7kUdsFEt9p46ejzh
itGGtutvsBAvGNcdXDomncZSZje6AD9+fB5oCGc3AznSITrbbfCjnt2MOkRy30V6
GVnhRuHzF6MKvFjy99eLAb+oKO5j59wzUtPnripgM0FN4O7kbaKQjqIWnYRoT1Ib
Y//CU1R13Gfomcp+0a2KeldKNDXw2Fcm2V8GaH/YswBsbWue1w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:03:51 2025 by rpki-client