Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DRNElWMGYqdCq_wKpq4SglfJoVE.roa
File: DRNElWMGYqdCq_wKpq4SglfJoVE.roa (raw, json)
Hash identifier: q4yfOnh+TLgVGAvEqDdl4j1hlPlI8kR5oEBVRqm57pU=
Subject key identifier: 0D:13:44:95:63:06:62:A7:42:AB:FC:0A:A6:AE:12:82:57:C9:A1:51
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018B812DAE536D5978A74B133C0B0D6DF6F9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DRNElWMGYqdCq_wKpq4SglfJoVE.roa
Signing time: Mon 30 Oct 2023 15:22:16 +0000
ROA not before: Mon 30 Oct 2023 15:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 192.36.247.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
192.71.255.0/24 maxlen: 24
192.71.254.0/23 maxlen: 23
193.182.113.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
2a01:280:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:2d:ae:53:6d:59:78:a7:4b:13:3c:0b:0d:6d:f6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 30 15:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d134495630662a742abfc0aa6ae128257c9a151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4c:82:6e:33:a1:ad:d4:dd:73:bd:a0:68:da:
b9:dc:f6:66:b2:8f:7e:56:c7:42:29:fc:6c:c0:5a:
e0:90:16:39:9c:81:44:84:dd:83:23:03:74:89:d1:
ed:cd:9c:df:0d:d5:05:83:c0:a9:86:41:9f:e5:0c:
b6:6f:e6:ed:16:b3:ce:31:cd:50:db:b9:81:81:95:
6e:10:33:17:81:12:ed:ed:7f:65:56:d6:8e:f2:22:
5a:c9:7f:43:5c:9b:30:b5:f2:9c:f5:1c:3d:f2:a5:
69:36:cb:c0:ab:40:af:19:9b:01:da:e0:1a:e8:e7:
0b:5f:da:1b:f8:3b:13:32:62:b4:98:c7:10:56:08:
62:0a:6c:f5:f5:3b:ca:e1:b7:47:06:f3:bd:9b:c1:
da:bf:4a:84:57:f3:71:4f:35:f9:37:b4:54:a8:2a:
aa:81:c6:06:64:03:fa:62:f5:86:ca:b8:d7:d1:e8:
57:87:95:8a:c3:d3:96:9c:89:12:82:bf:da:f4:09:
bc:4c:8d:70:7a:cc:95:ee:3a:71:52:82:72:7a:9d:
18:0c:47:8d:54:ab:01:9f:bd:59:2b:a3:bf:f7:77:
97:18:2c:37:d7:a0:b1:a7:37:e2:f4:e9:a5:a0:c9:
3e:6e:cc:5d:6d:fa:45:80:b0:91:36:c3:a1:90:e4:
d5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:13:44:95:63:06:62:A7:42:AB:FC:0A:A6:AE:12:82:57:C9:A1:51
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DRNElWMGYqdCq_wKpq4SglfJoVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.182.113.0/24
193.234.120.0/22
IPv6:
2a01:280:6::/48
Signature Algorithm: sha256WithRSAEncryption
c7:bf:17:f4:f6:86:f7:49:65:91:7a:7f:2e:45:51:e6:0b:67:
04:e8:cd:a4:61:e0:f2:a1:a7:10:c1:71:b9:b8:b7:e4:16:6d:
d8:32:5e:95:27:d8:d4:30:bd:cb:39:42:59:ae:db:97:6a:e8:
7a:2a:97:6d:40:b6:02:3e:e0:4e:87:2f:44:ef:0b:ca:92:35:
00:00:c5:1d:0c:b6:05:be:5b:c2:ab:cf:c9:99:a6:0a:3f:08:
27:64:07:82:ab:81:c7:7d:6d:5c:c7:34:24:5f:2a:c7:d4:f6:
cf:82:f2:8e:00:22:e2:4f:4d:0b:64:a4:77:f3:67:10:e8:64:
9d:05:c1:26:dc:2d:8f:94:b0:8b:fe:d7:9d:ca:62:0b:87:63:
a8:c3:35:19:d3:80:70:25:da:90:ea:25:67:34:2b:51:26:fe:
76:13:2a:61:6c:c1:9a:ad:77:9b:32:af:42:c1:03:b3:b9:68:
86:0b:3c:df:f5:e5:65:db:32:71:64:49:17:53:06:41:e0:ec:
fc:91:11:54:1c:9e:83:5b:99:bb:58:97:48:62:42:eb:a3:f9:
59:84:53:49:dc:e0:06:bd:9c:d5:fa:f7:51:8e:82:de:0a:33:
04:76:00:fa:8f:09:d8:21:6c:90:ef:d0:1d:af:7e:60:08:9a:
7c:82:f5:c1
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYuBLa5TbVl4p0sTPAsNbfb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMDMwMTUyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEzNDQ5NTYzMDY2MmE3NDJhYmZjMGFhNmFlMTI4MjU3YzlhMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUyCbjOhrdTdc72gaNq53PZmso9+
VsdCKfxswFrgkBY5nIFEhN2DIwN0idHtzZzfDdUFg8CphkGf5Qy2b+btFrPOMc1Q
27mBgZVuEDMXgRLt7X9lVtaO8iJayX9DXJswtfKc9Rw98qVpNsvAq0CvGZsB2uAa
6OcLX9ob+DsTMmK0mMcQVghiCmz19TvK4bdHBvO9m8Hav0qEV/NxTzX5N7RUqCqq
gcYGZAP6YvWGyrjX0ehXh5WKw9OWnIkSgr/a9Am8TI1wesyV7jpxUoJyep0YDEeN
VKsBn71ZK6O/93eXGCw316Cxpzfi9OmloMk+bsxdbfpFgLCRNsOhkOTVJQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFA0TRJVjBmKnQqv8CqauEoJXyaFRMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRFJORWxXTUdZcWRDcV93S3BxNFNnbGZKb1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwbZxAwQCwep4MA8EAgACMAkDBwAqAQKAAAYwDQYJKoZIhvcN
AQELBQADggEBAMe/F/T2hvdJZZF6fy5FUeYLZwTozaRh4PKhpxDBcbm4t+QWbdgy
XpUn2NQwvcs5Qlmu25dq6Hoql21AtgI+4E6HL0TvC8qSNQAAxR0MtgW+W8Krz8mZ
pgo/CCdkB4Krgcd9bVzHNCRfKsfU9s+C8o4AIuJPTQtkpHfzZxDoZJ0FwSbcLY+U
sIv+153KYguHY6jDNRnTgHAl2pDqJWc0K1Em/nYTKmFswZqtd5syr0LBA7O5aIYL
PN/15WXbMnFkSRdTBkHg7PyREVQcnoNbmbtYl0hiQuuj+VmEU0nc4Aa9nNX691GO
gt4KMwR2APqPCdghbJDv0B2vfmAImnyC9cE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:09 2025 by rpki-client