Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/0ID2DhWFZdlH8taADW772QZBcU8.roa
File: 0ID2DhWFZdlH8taADW772QZBcU8.roa (raw, json)
Hash identifier: Ew4NWBcw8p7vNM1a1CmNXoI8gI5+IF3X2v3lsM0vMWI=
Subject key identifier: D0:80:F6:0E:15:85:65:D9:47:F2:D6:80:0D:6E:FB:D9:06:41:71:4F
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 018AFEABFA5F51413EDFEFF7C146DC7D161F
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/0ID2DhWFZdlH8taADW772QZBcU8.roa
Signing time: Thu 05 Oct 2023 07:09:57 +0000
ROA not before: Thu 05 Oct 2023 07:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
213.244.35.0/24 maxlen: 24
213.244.32.0/24 maxlen: 24
213.244.33.0/24 maxlen: 24
213.244.38.0/24 maxlen: 24
213.244.36.0/24 maxlen: 24
213.244.37.0/24 maxlen: 24
213.244.41.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
213.244.42.0/24 maxlen: 24
213.244.40.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
2a06:d680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:ab:fa:5f:51:41:3e:df:ef:f7:c1:46:dc:7d:16:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Oct 5 07:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d080f60e158565d947f2d6800d6efbd90641714f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c6:90:12:16:d5:a3:5d:12:7c:9a:11:26:c4:
b1:f7:b5:64:64:9d:6b:c6:75:f8:ca:1f:0a:e2:0c:
bc:7b:72:0e:b5:12:32:e0:7e:b4:e1:a7:e8:6c:42:
94:06:be:f2:29:1c:4c:bc:e8:9a:59:c0:a7:5c:13:
bf:6a:c0:c5:4a:f3:b9:6c:df:12:63:e6:c8:10:ae:
1b:d3:97:68:d7:6a:be:ba:d6:90:e5:ed:f6:50:3c:
cf:07:27:61:1e:9e:4f:99:63:99:ee:27:a2:10:4b:
47:ff:e0:3b:3c:ec:89:a8:0d:e9:55:08:71:3c:54:
d7:04:5a:e7:64:eb:17:7e:52:df:52:ec:c5:42:aa:
32:d3:af:da:ae:09:66:ce:e5:19:5e:f3:b5:8f:2d:
c8:2d:c3:ba:51:63:e1:7f:03:cf:5b:54:6f:ac:32:
08:12:35:6d:de:5a:b1:32:19:ed:95:25:6c:da:ef:
d8:6f:11:bc:96:bf:d2:d7:6f:67:74:ea:b5:f5:26:
cb:66:09:dd:68:15:92:b5:69:92:7d:53:86:99:1b:
83:68:64:f7:e0:5d:c9:2b:0b:b9:4c:80:9c:4a:07:
dd:48:5e:2d:8e:7d:7a:45:55:17:b0:be:e6:c0:37:
e7:49:b9:98:a1:05:c8:22:4f:58:f2:49:4b:42:80:
52:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:80:F6:0E:15:85:65:D9:47:F2:D6:80:0D:6E:FB:D9:06:41:71:4F
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/0ID2DhWFZdlH8taADW772QZBcU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.32.0/23
213.244.35.0-213.244.38.255
213.244.40.0-213.244.42.255
IPv6:
2a06:d680::/29
Signature Algorithm: sha256WithRSAEncryption
7a:52:a4:2f:28:db:cc:d9:0f:70:e5:7d:a2:7b:91:90:2f:00:
fd:0e:e4:e5:16:d4:18:27:dc:33:03:5a:1b:8e:09:2a:c4:97:
26:3a:36:b0:4d:26:29:7f:d2:cb:30:11:a3:ec:f1:9a:02:c1:
40:93:03:60:89:78:73:f6:56:8b:5a:78:5e:48:5b:21:34:85:
9e:1b:5e:b5:f8:21:56:d8:41:02:b0:d0:9a:51:87:71:e5:7e:
08:37:a0:65:5b:26:01:bd:4f:50:53:07:2a:9e:b5:ce:0a:c4:
a5:f3:3a:fd:36:05:87:0a:7c:66:b5:e1:e2:df:8e:80:10:66:
83:18:68:48:14:95:b7:29:68:66:fc:5c:11:38:cb:29:41:5a:
d8:46:86:40:47:2b:5f:00:05:29:c6:f3:51:b7:d8:96:e8:7b:
51:64:ad:e1:bd:36:fc:b9:bd:c2:38:12:91:6e:da:b9:84:ee:
7f:a1:5f:24:21:06:91:8a:2c:64:12:d4:18:af:c6:69:12:08:
a3:ac:a9:f0:85:ff:33:89:4e:bf:95:e7:fd:a8:a1:71:18:a7:
ef:42:e7:18:f2:53:5a:1d:e6:ab:5d:c1:fc:ec:cb:32:4b:30:
ee:c4:e4:1e:a8:e9:6e:b2:e6:bf:41:c1:34:8e:6d:69:64:1d:
89:1d:00:6b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYr+q/pfUUE+3+/3wUbcfRYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMxMDA1MDcwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDgwZjYwZTE1ODU2NWQ5NDdmMmQ2ODAwZDZlZmJkOTA2NDE3MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisaQEhbVo10SfJoRJsSx97VkZJ1r
xnX4yh8K4gy8e3IOtRIy4H604afobEKUBr7yKRxMvOiaWcCnXBO/asDFSvO5bN8S
Y+bIEK4b05do12q+utaQ5e32UDzPBydhHp5PmWOZ7ieiEEtH/+A7POyJqA3pVQhx
PFTXBFrnZOsXflLfUuzFQqoy06/arglmzuUZXvO1jy3ILcO6UWPhfwPPW1RvrDII
EjVt3lqxMhntlSVs2u/YbxG8lr/S129ndOq19SbLZgndaBWStWmSfVOGmRuDaGT3
4F3JKwu5TICcSgfdSF4tjn16RVUXsL7mwDfnSbmYoQXIIk9Y8klLQoBSQwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFNCA9g4VhWXZR/LWgA1u+9kGQXFPMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvMElEMkRoV0ZaZGxIOHRhQURXNzcyUVpCY1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQAnWGjAwQC
uYH8AwQBwf7KAwQB1fQgMAwDBADV9CMDBADV9CYwDAMEA9X0KAMEANX0KjANBAIA
AjAHAwUDKgbWgDANBgkqhkiG9w0BAQsFAAOCAQEAelKkLyjbzNkPcOV9onuRkC8A
/Q7k5RbUGCfcMwNaG44JKsSXJjo2sE0mKX/SyzARo+zxmgLBQJMDYIl4c/ZWi1p4
XkhbITSFnhtetfghVthBArDQmlGHceV+CDegZVsmAb1PUFMHKp61zgrEpfM6/TYF
hwp8ZrXh4t+OgBBmgxhoSBSVtyloZvxcETjLKUFa2EaGQEcrXwAFKcbzUbfYluh7
UWSt4b02/Lm9wjgSkW7auYTuf6FfJCEGkYosZBLUGK/GaRIIo6yp8IX/M4lOv5Xn
/aihcRin70LnGPJTWh3mq13B/OzLMksw7sTkHqjpbrLmv0HBNI5taWQdiR0Aaw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:18 2025 by rpki-client