Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/0DN0EahESqxMlh-iA65kVfxp7V4.roa
File: 0DN0EahESqxMlh-iA65kVfxp7V4.roa (raw, json)
Hash identifier: Y/xoz6uktSIKAqy6kPMq1hi/gMPlsXMnbkCwYw6iywQ=
Subject key identifier: D0:33:74:11:A8:44:4A:AC:4C:96:1F:A2:03:AE:64:55:FC:69:ED:5E
Certificate issuer: /CN=be6144b459bce139f2734a44fbdb46c981329b2b
Certificate serial: 0184BD678D43D6402614710373826F897DC7
Authority key identifier: BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/0DN0EahESqxMlh-iA65kVfxp7V4.roa
Signing time: Mon 28 Nov 2022 08:43:10 +0000
ROA not before: Mon 28 Nov 2022 08:43:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29007
IP address blocks: 185.9.124.0/22 maxlen: 22
217.28.144.0/20 maxlen: 20
46.182.96.0/21 maxlen: 21
78.154.64.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:67:8d:43:d6:40:26:14:71:03:73:82:6f:89:7d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be6144b459bce139f2734a44fbdb46c981329b2b
Validity
Not Before: Nov 28 08:43:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0337411a8444aac4c961fa203ae6455fc69ed5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:de:ac:db:d5:6f:92:82:13:2f:5c:3d:b7:7a:
b0:b1:23:e7:a4:e2:04:6f:f6:b2:bd:48:dd:e3:91:
da:bd:d4:35:3b:ba:4e:7e:bc:c6:39:2b:01:a7:98:
52:6a:48:4d:5c:b9:ed:5a:36:e9:c3:71:a8:75:2c:
11:b3:e2:9a:bb:5b:20:6b:ea:04:b8:62:c2:83:83:
8b:34:e7:9d:50:ac:df:e0:ec:04:99:f6:94:f7:bf:
00:ec:b2:58:16:41:12:e7:7b:30:72:61:fb:9b:69:
f3:c6:3b:74:87:7d:f5:24:8e:5b:0d:59:0c:3e:db:
9a:d1:b0:d2:65:1c:92:f5:07:e4:d8:7f:a9:37:9c:
4b:7c:46:fd:6f:05:c7:fb:c6:79:6f:21:76:d0:6a:
a9:1d:c7:e3:56:e1:76:0e:f2:ff:9b:8f:78:c2:b8:
00:0f:a0:f7:91:2f:f3:94:7a:18:4c:a9:98:b8:fb:
fa:60:58:5b:0b:09:91:65:03:01:ef:57:04:4e:46:
e8:98:d3:76:7c:ec:5d:44:bd:f0:b6:76:ca:95:2a:
2c:8b:d7:dc:e2:08:e7:86:8b:be:c0:b6:ea:7a:5b:
28:7f:a1:c6:b3:70:40:94:16:e8:ed:55:ec:47:1a:
c6:4f:1f:9c:52:65:35:ca:a4:4f:cd:c1:c5:b4:50:
74:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:33:74:11:A8:44:4A:AC:4C:96:1F:A2:03:AE:64:55:FC:69:ED:5E
X509v3 Authority Key Identifier:
keyid:BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/0DN0EahESqxMlh-iA65kVfxp7V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.96.0/21
78.154.64.0/19
185.9.124.0/22
217.28.144.0/20
Signature Algorithm: sha256WithRSAEncryption
31:b2:26:c6:c2:aa:90:e7:6b:eb:ec:2c:94:b6:6a:b6:b0:7c:
71:fe:a6:e9:10:c3:d7:1e:31:2e:39:79:73:b9:36:8f:e7:10:
04:5a:20:61:94:aa:6d:b3:1e:3b:9e:d7:44:ca:b5:51:a0:57:
59:4b:07:31:cd:ac:32:b2:d0:42:8a:06:e9:d9:d0:21:a1:17:
19:09:77:d4:24:6f:1c:09:00:8b:98:f6:a1:eb:ee:a8:6e:bb:
6a:f6:1b:4b:2b:76:ae:f9:1d:c0:37:65:b9:53:66:36:9f:55:
3d:7f:94:00:0e:b8:d7:18:7c:3c:8e:5f:a1:15:33:28:e8:b1:
63:e3:38:3c:7c:c1:ec:d0:20:d5:0e:42:92:36:6f:80:25:10:
e4:68:17:c5:97:33:fe:fa:3b:c5:f8:d9:7b:4e:89:bd:c1:c6:
8b:ce:5c:8f:d1:3b:a4:a3:65:f2:56:39:32:28:68:de:17:6f:
bc:b9:73:1f:81:ce:e2:0c:a7:0f:a9:d7:fe:55:28:96:d2:f9:
72:83:95:3e:64:40:bc:47:aa:6f:7a:4e:6d:83:07:76:1e:28:
1d:72:18:93:0d:da:fe:23:0e:b9:4a:d2:2c:ef:ac:74:2b:e3:
e1:93:b4:ae:8b:0e:fb:ee:48:a9:4e:88:11:8e:32:1f:f7:9f:
5f:24:db:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYS9Z41D1kAmFHEDc4JviX3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjE0NGI0NTliY2UxMzlmMjczNGE0NGZiZGI0NmM5ODEz
MjliMmIwHhcNMjIxMTI4MDg0MzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMzNzQxMWE4NDQ0YWFjNGM5NjFmYTIwM2FlNjQ1NWZjNjllZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd6s29VvkoITL1w9t3qwsSPnpOIE
b/ayvUjd45HavdQ1O7pOfrzGOSsBp5hSakhNXLntWjbpw3GodSwRs+Kau1sga+oE
uGLCg4OLNOedUKzf4OwEmfaU978A7LJYFkES53swcmH7m2nzxjt0h331JI5bDVkM
Ptua0bDSZRyS9Qfk2H+pN5xLfEb9bwXH+8Z5byF20GqpHcfjVuF2DvL/m494wrgA
D6D3kS/zlHoYTKmYuPv6YFhbCwmRZQMB71cETkbomNN2fOxdRL3wtnbKlSosi9fc
4gjnhou+wLbqelsof6HGs3BAlBbo7VXsRxrGTx+cUmU1yqRPzcHFtFB0FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNAzdBGoREqsTJYfogOuZFX8ae1eMB8GA1UdIwQY
MBaAFL5hRLRZvOE58nNKRPvbRsmBMpsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2Yt
MTdlZmE1N2IzOWQ3LzEvMEROMEVhaEVTcXhNbGgtaUE2NWtWZnhwN1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2YtMTdlZmE1N2IzOWQ3
LzEvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLrZgAwQF
TppAAwQCuQl8AwQE2RyQMA0GCSqGSIb3DQEBCwUAA4IBAQAxsibGwqqQ52vr7CyU
tmq2sHxx/qbpEMPXHjEuOXlzuTaP5xAEWiBhlKptsx47ntdEyrVRoFdZSwcxzawy
stBCigbp2dAhoRcZCXfUJG8cCQCLmPah6+6obrtq9htLK3au+R3AN2W5U2Y2n1U9
f5QADrjXGHw8jl+hFTMo6LFj4zg8fMHs0CDVDkKSNm+AJRDkaBfFlzP++jvF+Nl7
Tom9wcaLzlyP0Tuko2XyVjkyKGjeF2+8uXMfgc7iDKcPqdf+VSiW0vlyg5U+ZEC8
R6pvek5tgwd2HigdchiTDdr+Iw65StIs76x0K+Phk7Suiw777kipTogRjjIf959f
JNsu
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:34:32 2025 by rpki-client