Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DDePuMgIpZ8jwyjlZvbz6VdXZDQ.roa
File: DDePuMgIpZ8jwyjlZvbz6VdXZDQ.roa (raw, json)
Hash identifier: tkMdMO5/QrSBt3zi38dDKWTnob85cchwVBPC5jPQsxQ=
Subject key identifier: 0C:37:8F:B8:C8:08:A5:9F:23:C3:28:E5:66:F6:F3:E9:57:57:64:34
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAF1941576A6558B49A30785F997B5
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DDePuMgIpZ8jwyjlZvbz6VdXZDQ.roa
Signing time: Sun 01 Jan 2023 10:05:17 +0000
ROA not before: Sun 01 Jan 2023 10:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50572
IP address blocks: 193.180.0.0/24 maxlen: 24
193.182.253.0/24 maxlen: 24
193.182.251.0/24 maxlen: 24
193.182.252.0/24 maxlen: 24
194.68.229.0/24 maxlen: 24
194.103.228.0/22 maxlen: 22
192.36.242.0/24 maxlen: 24
194.14.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:f1:94:15:76:a6:55:8b:49:a3:07:85:f9:97:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c378fb8c808a59f23c328e566f6f3e957576434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:ef:e0:52:fd:2c:09:70:1d:03:27:cb:f6:
91:85:7d:14:c5:30:a1:65:0c:f2:78:1b:18:94:55:
02:ef:36:4a:2a:98:a0:02:81:da:81:7c:f5:09:aa:
3b:73:bf:3d:8a:cd:4a:d3:57:c2:8d:4c:1c:a7:23:
d2:29:5d:e9:de:34:20:b8:d3:ef:8a:c6:ea:5a:9a:
35:8f:00:ff:cb:36:75:00:e4:75:95:38:1d:c9:48:
19:0b:49:fd:df:3d:67:8a:a8:ac:ee:64:37:a8:cd:
94:9c:8d:f0:63:d2:85:c7:10:89:66:ad:07:e7:1b:
0e:2f:ef:11:87:a5:c7:1f:2e:65:f6:0f:66:fc:1e:
56:ad:b7:9b:7c:0c:0b:55:2f:25:2c:a6:de:20:ef:
a0:2a:19:47:83:c3:de:d3:b4:87:1c:65:9a:d9:65:
7e:d3:fd:bb:c4:3e:fe:4f:5c:f2:a9:7a:7c:85:0d:
9c:9e:ed:06:88:35:8e:64:01:96:0a:fa:41:38:99:
af:0e:a3:14:8e:01:74:86:74:21:90:d1:c5:a6:bb:
5c:fa:e5:32:d4:47:bc:5e:ff:39:c0:79:67:5c:29:
0c:62:ac:60:bd:b9:da:f7:7a:d3:d3:43:48:ce:0e:
2f:5a:7f:57:54:84:c6:28:ce:79:13:43:8f:75:de:
5e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:37:8F:B8:C8:08:A5:9F:23:C3:28:E5:66:F6:F3:E9:57:57:64:34
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DDePuMgIpZ8jwyjlZvbz6VdXZDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.242.0/24
193.180.0.0/24
193.182.251.0-193.182.253.255
194.14.104.0/24
194.68.229.0/24
194.103.228.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:62:eb:cb:62:27:a6:7e:74:80:b6:10:be:36:87:9c:16:d8:
85:a5:58:8f:9d:71:4f:bd:e6:5f:cf:d3:97:5c:96:c8:78:3c:
5c:42:61:63:8d:b7:c6:ef:fe:ff:8b:a7:2a:10:a0:a2:62:e0:
0e:85:17:6d:46:eb:63:15:f7:42:f3:76:8b:79:1f:f0:54:67:
bb:5c:0a:b2:d4:62:8f:e7:43:ae:5c:80:8c:d6:8b:bf:15:74:
dc:1c:16:39:a1:65:c9:c5:cd:85:5e:16:8d:e5:f5:55:7a:20:
ad:b3:eb:f8:b2:f4:7b:15:04:9a:12:e4:5c:5b:a8:52:63:a6:
f0:ae:0a:ba:2a:83:55:a3:82:18:5c:75:31:70:85:8e:b9:59:
6c:2e:e9:3f:0a:69:06:95:e7:85:f6:ba:ad:17:05:35:3b:d1:
1b:2d:a8:92:e2:f9:d7:23:6a:0a:ad:49:f7:f1:80:a6:fa:41:
5d:13:2c:00:63:c9:d2:08:70:66:78:f1:10:82:58:67:f5:71:
4b:55:d6:26:7e:53:8c:ab:a2:c5:2d:ac:f8:9b:85:e4:6f:6d:
e2:2e:58:db:8f:38:d3:68:50:73:dc:dc:fd:2b:3a:fa:82:1d:
c5:e8:ed:75:00:34:b5:0b:a1:32:04:95:28:a3:89:48:99:0a:
17:2f:3f:0d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVsyvGUFXamVYtJoweF+Ze1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzM3OGZiOGM4MDhhNTlmMjNjMzI4ZTU2NmY2ZjNlOTU3NTc2NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3/v4FL9LAlwHQMny/aRhX0UxTCh
ZQzyeBsYlFUC7zZKKpigAoHagXz1Cao7c789is1K01fCjUwcpyPSKV3p3jQguNPv
isbqWpo1jwD/yzZ1AOR1lTgdyUgZC0n93z1niqis7mQ3qM2UnI3wY9KFxxCJZq0H
5xsOL+8Rh6XHHy5l9g9m/B5WrbebfAwLVS8lLKbeIO+gKhlHg8Pe07SHHGWa2WV+
0/27xD7+T1zyqXp8hQ2cnu0GiDWOZAGWCvpBOJmvDqMUjgF0hnQhkNHFprtc+uUy
1Ee8Xv85wHlnXCkMYqxgvbna93rT00NIzg4vWn9XVITGKM55E0OPdd5eHQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAw3j7jICKWfI8Mo5Wb28+lXV2Q0MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRERlUHVNZ0lwWjhqd3lqbFp2Yno2VmRYWkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAwCTyAwQA
wbQAMAwDBADBtvsDBAHBtvwDBADCDmgDBADCROUDBALCZ+QwDQYJKoZIhvcNAQEL
BQADggEBAKRi68tiJ6Z+dIC2EL42h5wW2IWlWI+dcU+95l/P05dclsh4PFxCYWON
t8bv/v+LpyoQoKJi4A6FF21G62MV90Lzdot5H/BUZ7tcCrLUYo/nQ65cgIzWi78V
dNwcFjmhZcnFzYVeFo3l9VV6IK2z6/iy9HsVBJoS5FxbqFJjpvCuCroqg1Wjghhc
dTFwhY65WWwu6T8KaQaV54X2uq0XBTU70RstqJLi+dcjagqtSffxgKb6QV0TLABj
ydIIcGZ48RCCWGf1cUtV1iZ+U4yrosUtrPibheRvbeIuWNuPONNoUHPc3P0rOvqC
HcXo7XUANLULoTIElSijiUiZChcvPw0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:52 2025 by rpki-client