Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/dPUYGZWdrvfRp0UO-Tx9nbN6rLc.roa
File: dPUYGZWdrvfRp0UO-Tx9nbN6rLc.roa (raw, json)
Hash identifier: nN6w8jrK/xdzUZ0FJEQu7VmRHubNjf2EUPfDl3Ditmo=
Subject key identifier: 74:F5:18:19:95:9D:AE:F7:D1:A7:45:0E:F9:3C:7D:9D:B3:7A:AC:B7
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 01856BAEB68B0EA14102391E842917BDC53B
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/dPUYGZWdrvfRp0UO-Tx9nbN6rLc.roa
Signing time: Sun 01 Jan 2023 04:54:50 +0000
ROA not before: Sun 01 Jan 2023 04:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204145
IP address blocks: 89.35.179.0/24 maxlen: 24
185.113.64.0/24 maxlen: 24
185.113.65.0/24 maxlen: 24
185.113.66.0/24 maxlen: 24
185.113.67.0/24 maxlen: 24
185.50.73.0/24 maxlen: 24
185.50.74.0/24 maxlen: 24
185.50.75.0/24 maxlen: 24
185.50.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:b6:8b:0e:a1:41:02:39:1e:84:29:17:bd:c5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Jan 1 04:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74f51819959daef7d1a7450ef93c7d9db37aacb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7d:c1:54:9d:d3:ad:a9:72:c9:dc:fc:20:80:
12:f7:6a:19:88:62:d6:f1:df:ae:30:ac:dc:ef:a6:
f0:6a:52:f9:50:34:9d:c3:49:2d:05:4c:a9:ad:0a:
3d:cb:3b:70:4c:13:a1:f2:c9:d7:ae:bd:fc:60:9f:
29:91:1c:f5:72:9f:16:f6:38:18:4e:11:63:27:bb:
fc:0f:d4:87:a5:37:0a:f2:88:42:cb:5e:f7:00:6f:
f0:93:a0:fc:02:7e:74:70:ce:94:eb:7f:d0:e0:4a:
23:2f:ab:a0:58:81:2f:4b:3a:0d:38:21:c7:7f:b1:
54:16:0b:b7:0b:be:69:38:bf:34:04:1b:c1:33:4e:
43:6f:bb:22:ef:d3:41:5e:57:3a:2f:64:7c:8e:6e:
f4:9a:51:7a:2e:31:46:11:a5:aa:a6:7d:f9:f6:1c:
b8:39:6c:aa:bb:d5:3c:c1:84:fe:99:a7:60:d1:99:
dd:56:6c:fe:50:e9:e8:35:07:bf:de:bc:d4:50:e7:
89:5e:0b:81:11:70:df:36:f1:4e:5d:b6:b6:be:cc:
c5:bf:34:19:32:46:bd:b4:3a:66:07:f7:94:3b:f3:
f9:9a:18:97:3b:eb:fb:5d:fe:b6:ef:d2:10:30:be:
cc:87:2c:03:8f:75:31:8d:96:13:3d:9f:43:34:82:
9e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F5:18:19:95:9D:AE:F7:D1:A7:45:0E:F9:3C:7D:9D:B3:7A:AC:B7
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/dPUYGZWdrvfRp0UO-Tx9nbN6rLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.179.0/24
185.50.72.0/22
185.113.64.0/22
Signature Algorithm: sha256WithRSAEncryption
43:bc:c5:e9:61:1c:69:00:ad:f5:1d:87:a2:57:eb:c8:0a:a9:
e4:9e:d5:4f:db:d0:a0:63:66:7f:ee:a0:9c:5c:ae:d0:81:2c:
13:7d:86:42:f9:92:9b:62:d8:ff:e1:f8:f7:90:c2:b1:b2:a2:
49:4b:e7:5c:11:bf:2e:c8:68:83:15:9a:6b:fa:21:1c:58:8a:
c3:9f:30:a5:a3:71:30:43:1c:65:2b:bc:18:50:40:57:d1:05:
e4:43:f9:74:c9:6e:a6:41:1f:b7:b8:91:fa:30:91:5d:6c:d1:
38:ce:ac:0a:25:24:65:d9:09:76:40:5e:53:97:82:fe:6e:03:
4c:30:48:4e:a3:51:b0:44:59:f1:4d:e3:cf:1f:bb:5f:98:08:
4d:d4:48:43:bb:60:94:91:97:ca:41:4d:d8:73:c6:36:8a:f0:
bb:da:03:28:ec:c6:4c:7e:a6:e6:9c:41:34:78:1f:48:da:eb:
61:b9:8d:53:83:7f:11:60:05:79:8a:c3:a6:0a:46:98:96:57:
99:ba:b5:f3:0a:a4:61:40:46:94:37:0b:68:39:58:98:73:8c:
4f:6e:29:79:3f:21:7b:63:68:3b:ef:33:5f:8e:c2:ef:65:fc:
e8:94:b3:b6:be:38:92:9b:01:f2:dd:67:53:71:2e:00:1f:01:
8c:23:51:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrrraLDqFBAjkehCkXvcU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjMwMTAxMDQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY1MTgxOTk1OWRhZWY3ZDFhNzQ1MGVmOTNjN2Q5ZGIzN2FhY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH3BVJ3Tralyydz8IIAS92oZiGLW
8d+uMKzc76bwalL5UDSdw0ktBUyprQo9yztwTBOh8snXrr38YJ8pkRz1cp8W9jgY
ThFjJ7v8D9SHpTcK8ohCy173AG/wk6D8An50cM6U63/Q4EojL6ugWIEvSzoNOCHH
f7FUFgu3C75pOL80BBvBM05Db7si79NBXlc6L2R8jm70mlF6LjFGEaWqpn359hy4
OWyqu9U8wYT+madg0ZndVmz+UOnoNQe/3rzUUOeJXguBEXDfNvFOXba2vszFvzQZ
Mka9tDpmB/eUO/P5mhiXO+v7Xf6279IQML7MhywDj3UxjZYTPZ9DNIKeXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHT1GBmVna730adFDvk8fZ2zeqy3MB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvZFBVWUdaV2RydmZScDBVTy1UeDluYk42ckxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSOzAwQC
uTJIAwQCuXFAMA0GCSqGSIb3DQEBCwUAA4IBAQBDvMXpYRxpAK31HYeiV+vICqnk
ntVP29CgY2Z/7qCcXK7QgSwTfYZC+ZKbYtj/4fj3kMKxsqJJS+dcEb8uyGiDFZpr
+iEcWIrDnzClo3EwQxxlK7wYUEBX0QXkQ/l0yW6mQR+3uJH6MJFdbNE4zqwKJSRl
2Ql2QF5Tl4L+bgNMMEhOo1GwRFnxTePPH7tfmAhN1EhDu2CUkZfKQU3Yc8Y2ivC7
2gMo7MZMfqbmnEE0eB9I2uthuY1Tg38RYAV5isOmCkaYlleZurXzCqRhQEaUNwto
OViYc4xPbil5PyF7Y2g77zNfjsLvZfzolLO2vjiSmwHy3WdTcS4AHwGMI1Hc
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:01 2025 by rpki-client