Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/drFtBfV8-pfyeqtW5RPdn-B4WWM.roa
File: drFtBfV8-pfyeqtW5RPdn-B4WWM.roa (raw, json)
Hash identifier: DDSLByoM8A0rcWYLXSwwsMrjUE1lx7EOlPOXtxt5kMA=
Subject key identifier: 76:B1:6D:05:F5:7C:FA:97:F2:7A:AB:56:E5:13:DD:9F:E0:78:59:63
Certificate issuer: /CN=25572e8f93b18a401cfecdf62586783858cc5f14
Certificate serial: 01856DC1D992A5536C15418EC82F446CA3E1
Authority key identifier: 25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/drFtBfV8-pfyeqtW5RPdn-B4WWM.roa
Signing time: Sun 01 Jan 2023 14:34:58 +0000
ROA not before: Sun 01 Jan 2023 14:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197164
IP address blocks: 192.162.230.0/24 maxlen: 24
185.114.124.0/22 maxlen: 24
192.162.228.0/23 maxlen: 24
2001:67c:2274::/48 maxlen: 48
2a06:6f00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:d9:92:a5:53:6c:15:41:8e:c8:2f:44:6c:a3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25572e8f93b18a401cfecdf62586783858cc5f14
Validity
Not Before: Jan 1 14:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b16d05f57cfa97f27aab56e513dd9fe0785963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:36:58:f8:1b:3b:23:c7:61:9e:9c:cf:89:
20:29:cc:34:1d:ac:d7:2d:2e:43:f8:31:de:2a:f7:
85:f8:27:ae:db:9f:22:ba:c7:7f:d8:1e:95:ca:ea:
2b:e6:79:dc:8d:75:eb:d6:0b:b6:a9:69:a9:72:42:
4a:03:0c:2e:28:a2:b3:7b:01:9f:96:e0:6b:14:c2:
9d:90:d3:08:9f:30:0e:7b:ff:0c:12:84:3c:2e:cc:
d3:2b:06:51:64:7c:77:4e:92:63:6f:05:2b:31:b0:
4f:d6:08:66:37:8a:e3:e2:1d:a6:0f:ea:64:ef:6a:
21:ea:b3:84:1c:ec:cf:ef:f8:b5:7a:dc:99:db:52:
13:5f:8d:ff:2a:24:b2:39:68:56:10:f8:47:fd:5b:
fa:e5:f7:9c:88:e7:bb:6c:71:cb:a5:87:17:b5:42:
df:20:61:32:6f:fe:f0:74:c9:cc:3d:78:29:28:76:
d7:3b:cf:c8:7f:7b:04:2e:22:1c:ad:e5:97:a6:26:
f0:4e:54:4a:c7:d7:33:2d:01:23:39:e7:69:2f:a5:
4e:b2:9f:af:b1:7e:dd:ec:a0:1a:14:f6:e4:67:53:
94:01:90:3f:40:e0:e9:8b:04:40:21:b1:ef:0b:c6:
57:60:33:fa:2f:80:27:f7:3e:c1:51:b4:40:1b:b0:
42:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B1:6D:05:F5:7C:FA:97:F2:7A:AB:56:E5:13:DD:9F:E0:78:59:63
X509v3 Authority Key Identifier:
keyid:25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/drFtBfV8-pfyeqtW5RPdn-B4WWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.124.0/22
192.162.228.0-192.162.230.255
IPv6:
2001:67c:2274::/48
2a06:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
16:0a:f6:20:c3:e9:d3:8c:47:74:2e:00:ee:82:18:33:db:d7:
ea:47:8f:63:5d:60:61:e5:40:0e:44:b5:df:0e:16:25:e7:b4:
c6:f0:e5:75:30:2c:34:d3:af:94:ab:36:88:90:83:bb:68:b3:
71:14:62:06:9f:d0:4d:90:e5:33:60:22:17:bd:0f:d2:53:ba:
0d:b4:97:52:78:06:49:99:ff:26:0b:48:dc:00:df:4f:c2:c9:
c7:b8:3f:37:76:ac:c1:52:7a:ae:ae:63:b0:9b:6e:52:d1:5c:
61:ea:1d:db:f8:3a:86:e4:07:02:ba:4d:dc:13:08:c4:5e:45:
b7:10:2e:32:7a:75:d1:a2:30:fa:6d:42:44:37:de:5a:8c:77:
1c:18:3a:fa:85:8c:5f:f9:57:9d:19:24:4d:f5:69:5b:31:ee:
9f:dc:14:64:1c:81:79:53:cb:0f:7f:a0:60:85:c1:f9:56:a0:
bf:0e:f6:fd:ff:86:eb:eb:2b:e6:7d:87:d8:c5:6a:7f:80:37:
ed:17:e5:3c:ef:e1:db:48:5f:5f:8e:99:71:65:30:f6:b6:0c:
5e:ce:8b:88:02:8e:71:49:e7:c7:a0:9e:e1:76:a8:22:6b:22:
d6:02:8a:89:0f:57:d3:62:6d:a9:e9:1a:23:d9:7c:df:92:26:
b2:e7:a0:3b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVtwdmSpVNsFUGOyC9EbKPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTcyZThmOTNiMThhNDAxY2ZlY2RmNjI1ODY3ODM4NThj
YzVmMTQwHhcNMjMwMTAxMTQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIxNmQwNWY1N2NmYTk3ZjI3YWFiNTZlNTEzZGQ5ZmUwNzg1OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVw2WPgbOyPHYZ6cz4kgKcw0HazX
LS5D+DHeKveF+Ceu258iusd/2B6Vyuor5nncjXXr1gu2qWmpckJKAwwuKKKzewGf
luBrFMKdkNMInzAOe/8MEoQ8LszTKwZRZHx3TpJjbwUrMbBP1ghmN4rj4h2mD+pk
72oh6rOEHOzP7/i1etyZ21ITX43/KiSyOWhWEPhH/Vv65feciOe7bHHLpYcXtULf
IGEyb/7wdMnMPXgpKHbXO8/If3sELiIcreWXpibwTlRKx9czLQEjOedpL6VOsp+v
sX7d7KAaFPbkZ1OUAZA/QODpiwRAIbHvC8ZXYDP6L4An9z7BUbRAG7BCNQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHaxbQX1fPqX8nqrVuUT3Z/geFljMB8GA1UdIwQY
MBaAFCVXLo+TsYpAHP7N9iWGeDhYzF8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMt
NjZkMzVlNTI1MDM5LzEvZHJGdEJmVjgtcGZ5ZXF0VzVSUGRuLUI0V1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMtNjZkMzVlNTI1MDM5
LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUAwQCuXJ8MAwD
BALAouQDBADAouYwFgQCAAIwEAMHACABBnwidAMFAyoGbwAwDQYJKoZIhvcNAQEL
BQADggEBABYK9iDD6dOMR3QuAO6CGDPb1+pHj2NdYGHlQA5Etd8OFiXntMbw5XUw
LDTTr5SrNoiQg7tos3EUYgaf0E2Q5TNgIhe9D9JTug20l1J4BkmZ/yYLSNwA30/C
yce4Pzd2rMFSeq6uY7CbblLRXGHqHdv4OobkBwK6TdwTCMReRbcQLjJ6ddGiMPpt
QkQ33lqMdxwYOvqFjF/5V50ZJE31aVsx7p/cFGQcgXlTyw9/oGCFwflWoL8O9v3/
huvrK+Z9h9jFan+AN+0X5Tzv4dtIX1+OmXFlMPa2DF7Oi4gCjnFJ58egnuF2qCJr
ItYCiokPV9NibanpGiPZfN+SJrLnoDs=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:02:33 2025 by rpki-client