Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/DVZ10CNMJnoMVu7gqEtn26JXdjI.roa
File: DVZ10CNMJnoMVu7gqEtn26JXdjI.roa (raw, json)
Hash identifier: ChYBTcX+/z9ERkNtYNjJXQQuZX8rNzL5LYZPVP06szA=
Subject key identifier: 0D:56:75:D0:23:4C:26:7A:0C:56:EE:E0:A8:4B:67:DB:A2:57:76:32
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 018976F6B3D771107B0E9540F449F63CBA49
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/DVZ10CNMJnoMVu7gqEtn26JXdjI.roa
Signing time: Fri 21 Jul 2023 05:40:26 +0000
ROA not before: Fri 21 Jul 2023 05:40:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61272
IP address blocks: 91.216.163.0/24 maxlen: 32
213.252.232.0/23 maxlen: 23
213.252.228.0/22 maxlen: 22
213.252.238.0/23 maxlen: 23
85.206.160.0/20 maxlen: 32
185.64.104.0/22 maxlen: 32
88.119.160.0/20 maxlen: 32
185.25.48.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
2a04:2180::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:76:f6:b3:d7:71:10:7b:0e:95:40:f4:49:f6:3c:ba:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jul 21 05:40:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d5675d0234c267a0c56eee0a84b67dba2577632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:60:bc:61:be:4d:ef:48:f2:7d:b8:76:3e:
b4:97:15:4c:d2:d4:77:bd:62:34:d6:7d:fd:20:60:
ad:e3:28:c2:f8:f5:ad:29:21:ba:47:bf:60:fe:29:
fc:c4:2b:3a:15:7f:fc:b6:c6:1f:11:28:8b:da:34:
68:d8:ac:23:a1:48:9b:b5:0d:28:49:d9:78:44:fb:
30:a0:66:b7:18:d8:fb:18:cf:a1:a9:51:eb:75:a8:
22:bd:06:89:98:b1:4b:41:26:6e:a8:92:e3:01:26:
13:1d:45:8f:86:57:5a:76:58:04:c6:6b:ad:0a:bb:
46:25:ef:89:80:16:5b:70:82:f3:97:3c:0c:02:60:
d4:3c:8c:16:dd:f7:61:e5:f5:42:17:82:3d:bd:f5:
f5:a6:98:d2:90:4a:5f:47:3d:b3:fc:8f:c2:4b:18:
52:3e:f8:ef:77:aa:c4:94:99:3e:9c:0f:ac:c6:40:
56:7d:a6:5f:e2:99:75:f1:88:50:04:72:11:5d:fa:
bb:a8:ab:b1:4d:c1:43:9b:46:f2:c5:ec:7d:aa:0e:
1a:fd:1a:02:b9:c9:08:17:08:09:93:54:fb:60:e7:
57:2d:45:f1:36:1a:7d:c5:fa:9f:d7:34:27:48:fa:
34:48:5f:23:df:21:0b:33:51:cf:97:85:03:64:26:
c9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:56:75:D0:23:4C:26:7A:0C:56:EE:E0:A8:4B:67:DB:A2:57:76:32
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/DVZ10CNMJnoMVu7gqEtn26JXdjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0/20
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
213.252.228.0-213.252.233.255
213.252.238.0/23
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4e:80:e3:2f:91:85:9e:ad:0d:3e:42:23:8d:48:61:14:39:85:
6c:de:42:02:95:9c:72:3c:21:4a:dd:18:6b:be:a6:00:00:89:
ad:83:c0:92:4d:a8:05:72:14:82:bf:b2:e9:98:ca:2b:55:ed:
e7:3e:86:45:d2:e5:6a:16:a9:c9:6c:8a:6d:3c:9b:a9:e9:f6:
b4:a2:a3:00:43:9e:88:20:d8:3e:39:32:c3:c2:32:32:6c:a6:
f2:23:48:40:a3:44:ef:ed:b1:60:ce:c5:1d:1d:61:ca:44:c3:
09:4c:a4:2f:54:a7:10:09:3e:b9:bb:df:f0:d5:4b:ce:fc:11:
c0:76:de:ec:c7:20:45:4b:90:c5:81:cd:c4:c2:d2:f2:b6:7d:
1c:f8:20:a4:68:e5:ea:6a:3a:12:c6:c7:5b:70:d0:2f:1a:9c:
67:bf:4e:d0:03:36:30:d6:fd:b3:fb:05:83:e7:b2:c9:b0:cb:
79:45:79:81:08:c3:5c:3b:aa:c3:49:d1:44:f5:94:03:6e:08:
fb:f9:2f:c1:8e:dc:06:1f:88:a4:2f:0d:f9:0e:41:42:df:0d:
f6:fc:ef:e6:af:e1:24:2f:4a:3a:2e:ed:46:7d:66:5f:2f:6d:
28:50:0b:6c:85:cd:4e:b7:e8:31:76:62:24:ce:81:99:59:f9:
30:ac:14:1f
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYl29rPXcRB7DpVA9En2PLpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjMwNzIxMDU0MDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDU2NzVkMDIzNGMyNjdhMGM1NmVlZTBhODRiNjdkYmEyNTc3NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQNgvGG+Te9I8n24dj60lxVM0tR3
vWI01n39IGCt4yjC+PWtKSG6R79g/in8xCs6FX/8tsYfESiL2jRo2KwjoUibtQ0o
Sdl4RPswoGa3GNj7GM+hqVHrdagivQaJmLFLQSZuqJLjASYTHUWPhldadlgExmut
CrtGJe+JgBZbcILzlzwMAmDUPIwW3fdh5fVCF4I9vfX1ppjSkEpfRz2z/I/CSxhS
Pvjvd6rElJk+nA+sxkBWfaZf4pl18YhQBHIRXfq7qKuxTcFDm0byxex9qg4a/RoC
uckIFwgJk1T7YOdXLUXxNhp9xfqf1zQnSPo0SF8j3yELM1HPl4UDZCbJ7wIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFA1WddAjTCZ6DFbu4KhLZ9uiV3YyMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvRFZaMTBDTk1Kbm9NVnU3Z3FFdG4yNkpYZGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA+BAIAATA4AwQEVc6gAwQC
Vc7wAwQEWHegAwQAW9ijAwQCuRkwAwQCuUBoMAwDBALV/OQDBAHV/OgDBAHV/O4w
IQQCAAIwGwMFACoEIYAwEgMHBCoEIYHAEAMHACoEIYHAEjANBgkqhkiG9w0BAQsF
AAOCAQEAToDjL5GFnq0NPkIjjUhhFDmFbN5CApWccjwhSt0Ya76mAACJrYPAkk2o
BXIUgr+y6ZjKK1Xt5z6GRdLlahapyWyKbTybqen2tKKjAEOeiCDYPjkyw8IyMmym
8iNIQKNE7+2xYM7FHR1hykTDCUykL1SnEAk+ubvf8NVLzvwRwHbe7McgRUuQxYHN
xMLS8rZ9HPggpGjl6mo6EsbHW3DQLxqcZ79O0AM2MNb9s/sFg+eyybDLeUV5gQjD
XDuqw0nRRPWUA24I+/kvwY7cBh+IpC8N+Q5BQt8N9vzv5q/hJC9KOi7tRn1mXy9t
KFALbIXNTrfoMXZiJM6BmVn5MKwUHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:24 2025 by rpki-client