Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/nQ45rXp2JQzguJDBYHD1iQ-4UeY.roa
File: nQ45rXp2JQzguJDBYHD1iQ-4UeY.roa (raw, json)
Hash identifier: 29SqW37UmKAvXAfbvhn8Sy5I7WVp0C1UrkwpatW47Cc=
Subject key identifier: 9D:0E:39:AD:7A:76:25:0C:E0:B8:90:C1:60:70:F5:89:0F:B8:51:E6
Certificate issuer: /CN=dedb20030901ff2df4ebd1f49e4891cb28fe0730
Certificate serial: 01856DA65079E31386DCC8BBDEA1134B4C8B
Authority key identifier: DE:DB:20:03:09:01:FF:2D:F4:EB:D1:F4:9E:48:91:CB:28:FE:07:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/nQ45rXp2JQzguJDBYHD1iQ-4UeY.roa
Signing time: Sun 01 Jan 2023 14:04:54 +0000
ROA not before: Sun 01 Jan 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60847
IP address blocks: 185.92.12.0/24 maxlen: 24
91.244.227.0/24 maxlen: 24
185.92.15.0/24 maxlen: 24
185.92.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:50:79:e3:13:86:dc:c8:bb:de:a1:13:4b:4c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dedb20030901ff2df4ebd1f49e4891cb28fe0730
Validity
Not Before: Jan 1 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d0e39ad7a76250ce0b890c16070f5890fb851e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3b:5b:19:db:95:ad:a9:98:07:f4:62:37:c5:
ec:97:c9:5e:7c:26:53:20:be:82:c7:4e:3f:eb:63:
90:9d:68:e0:48:2f:40:fd:23:67:71:c4:ac:e6:52:
56:29:f3:34:82:de:0c:de:5e:7c:2e:03:a1:ee:95:
6f:49:c0:5f:68:ae:cf:05:2d:64:1d:72:52:c6:7a:
d4:e0:16:1a:68:b2:cc:9a:b3:00:f9:35:8f:32:e7:
14:e7:65:2a:dc:25:02:ab:e9:e2:2b:5b:00:f3:a7:
fa:74:08:a4:0d:3c:0a:d3:40:12:34:fd:f4:37:58:
be:90:c9:cb:0c:82:5c:f6:89:ad:d4:b8:5d:7c:8e:
74:89:af:9b:34:04:f1:b2:6b:55:5d:ce:c1:08:c7:
ec:4d:5a:be:13:54:75:00:b9:09:4c:68:d3:8a:c6:
12:53:88:e3:3f:7d:30:8f:ea:21:5f:7e:7c:fe:05:
2a:7f:f9:72:c2:93:a7:0f:a0:a4:f4:7c:d8:a6:78:
05:9b:c6:04:fb:a0:b3:30:9b:c4:bc:9d:57:5f:99:
57:66:44:7a:4e:f9:f3:46:3f:cc:03:c1:6c:ef:6d:
3c:1b:6a:e1:1d:eb:f0:be:ed:d5:e2:3a:1e:b9:0b:
0f:17:5b:ac:53:6e:bc:7c:a0:41:13:96:de:94:ac:
93:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:0E:39:AD:7A:76:25:0C:E0:B8:90:C1:60:70:F5:89:0F:B8:51:E6
X509v3 Authority Key Identifier:
keyid:DE:DB:20:03:09:01:FF:2D:F4:EB:D1:F4:9E:48:91:CB:28:FE:07:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/nQ45rXp2JQzguJDBYHD1iQ-4UeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/3tsgAwkB_y3069H0nkiRyyj-BzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.227.0/24
185.92.12.0/24
185.92.14.0/23
Signature Algorithm: sha256WithRSAEncryption
64:78:e0:be:79:c6:a0:77:c1:9d:4f:f2:6c:ee:1f:47:54:4b:
c8:fa:d3:a1:29:89:26:9f:08:58:31:fb:79:36:e3:a2:6e:63:
ac:45:84:99:85:74:69:99:02:14:ca:2d:12:a4:e3:b9:1e:55:
0f:83:2e:10:2d:a9:c6:ed:3b:65:48:c7:78:5a:0c:96:92:00:
2d:e2:c9:9d:fc:13:b7:8c:4c:7f:cc:5f:39:a5:0f:5d:1d:8e:
d2:00:25:1d:58:d2:15:84:9d:25:0e:ba:64:3d:82:84:cb:98:
39:07:56:d0:8a:82:18:55:14:28:f5:6a:2d:1e:de:8a:c7:25:
e0:b6:df:1a:51:52:46:d4:90:80:bd:55:df:36:01:79:5c:76:
df:a8:40:2c:b2:72:3a:f9:f5:ed:cb:89:af:19:ba:cf:2d:2b:
89:8d:c1:e2:10:fc:68:b0:86:a7:f1:ed:d9:3b:9a:f2:52:ca:
06:4f:98:3f:18:82:aa:0c:05:0d:7f:a8:43:c3:d1:e7:ba:af:
47:31:35:a3:80:03:67:1b:96:f1:a1:2f:87:42:04:da:20:24:
ee:5a:79:30:e0:6f:cf:cf:b6:c2:a6:0b:c4:99:83:fb:89:4d:
e7:29:61:77:35:58:24:ff:01:07:40:c4:59:b2:48:bd:dc:72:
31:de:48:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtplB54xOG3Mi73qETS0yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGIyMDAzMDkwMWZmMmRmNGViZDFmNDllNDg5MWNiMjhm
ZTA3MzAwHhcNMjMwMTAxMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDBlMzlhZDdhNzYyNTBjZTBiODkwYzE2MDcwZjU4OTBmYjg1MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjtbGduVramYB/RiN8Xsl8lefCZT
IL6Cx04/62OQnWjgSC9A/SNnccSs5lJWKfM0gt4M3l58LgOh7pVvScBfaK7PBS1k
HXJSxnrU4BYaaLLMmrMA+TWPMucU52Uq3CUCq+niK1sA86f6dAikDTwK00ASNP30
N1i+kMnLDIJc9omt1LhdfI50ia+bNATxsmtVXc7BCMfsTVq+E1R1ALkJTGjTisYS
U4jjP30wj+ohX358/gUqf/lywpOnD6Ck9HzYpngFm8YE+6CzMJvEvJ1XX5lXZkR6
TvnzRj/MA8Fs7208G2rhHevwvu3V4joeuQsPF1usU268fKBBE5belKyTXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ0OOa16diUM4LiQwWBw9YkPuFHmMB8GA1UdIwQY
MBaAFN7bIAMJAf8t9OvR9J5Ikcso/gcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RzZ0F3a0JfeTMwNjlIMG5raVJ5eWotQnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Nzg5NjQtZDgwMi00OGY5LTk2ZjEt
ZTNiZmE3MmQ3ZWY4LzEvblE0NXJYcDJKUXpndUpEQllIRDFpUS00VWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Nzg5NjQtZDgwMi00OGY5LTk2ZjEtZTNiZmE3MmQ3ZWY4
LzEvM3RzZ0F3a0JfeTMwNjlIMG5raVJ5eWotQnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/TjAwQA
uVwMAwQBuVwOMA0GCSqGSIb3DQEBCwUAA4IBAQBkeOC+ecagd8GdT/Js7h9HVEvI
+tOhKYkmnwhYMft5NuOibmOsRYSZhXRpmQIUyi0SpOO5HlUPgy4QLanG7TtlSMd4
WgyWkgAt4smd/BO3jEx/zF85pQ9dHY7SACUdWNIVhJ0lDrpkPYKEy5g5B1bQioIY
VRQo9WotHt6KxyXgtt8aUVJG1JCAvVXfNgF5XHbfqEAssnI6+fXty4mvGbrPLSuJ
jcHiEPxosIan8e3ZO5ryUsoGT5g/GIKqDAUNf6hDw9Hnuq9HMTWjgANnG5bxoS+H
QgTaICTuWnkw4G/Pz7bCpgvEmYP7iU3nKWF3NVgk/wEHQMRZski93HIx3kiD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:54 2025 by rpki-client