Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/dj3PaVvv3Ou6vIcM0V0XkS7s96U.roa
File: dj3PaVvv3Ou6vIcM0V0XkS7s96U.roa (raw, json)
Hash identifier: toteEu5sC7nsPxpZhf+gimHyZPlkseNLTr4ZwGx77VY=
Subject key identifier: 76:3D:CF:69:5B:EF:DC:EB:BA:BC:87:0C:D1:5D:17:91:2E:EC:F7:A5
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 01856D53D54FE5EE739C4142505D61383CE0
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/dj3PaVvv3Ou6vIcM0V0XkS7s96U.roa
Signing time: Sun 01 Jan 2023 12:34:48 +0000
ROA not before: Sun 01 Jan 2023 12:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17916
IP address blocks: 194.169.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d5:4f:e5:ee:73:9c:41:42:50:5d:61:38:3c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Jan 1 12:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=763dcf695befdcebbabc870cd15d17912eecf7a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:57:75:fc:ea:76:d9:8a:f2:85:d6:4f:19:be:
75:93:5e:d6:95:fd:95:ad:32:11:e0:65:0d:dc:e1:
91:a3:40:d8:54:79:f2:50:c3:0e:f2:5a:24:f8:6b:
98:35:a6:84:f2:6b:41:11:c9:b1:b7:f4:d6:2f:e5:
c0:9b:c6:c1:ce:91:99:6c:ba:c0:f9:42:3d:09:b0:
ee:7b:03:e9:f3:24:85:c3:a4:9f:54:3c:2c:07:18:
9e:e9:76:df:f6:b6:34:e6:9d:b0:fa:74:62:89:7b:
f2:99:d2:55:a2:5c:6d:29:49:af:ac:2b:fe:91:1b:
d6:d4:b6:8f:25:cc:5f:71:57:6a:73:b2:6e:79:b2:
b5:4f:59:1b:71:8c:83:c0:0e:0b:a6:05:a8:dd:fd:
d6:08:95:b9:aa:19:98:82:79:36:1c:c1:7d:66:18:
31:d3:ea:5b:6d:22:ea:ce:86:df:28:3e:4f:94:8e:
9f:74:ad:04:53:4c:58:f6:a0:f1:1d:d9:d2:19:41:
07:54:36:99:c4:c0:a0:19:9a:d4:d1:ae:fe:b6:18:
ae:e4:2a:01:01:69:92:a5:b8:36:17:3a:a3:93:72:
f8:ad:41:4d:38:90:22:f0:70:93:c2:c2:9d:06:f9:
7e:fd:f6:1c:f1:e3:77:8c:13:1a:d4:cf:9d:31:21:
82:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3D:CF:69:5B:EF:DC:EB:BA:BC:87:0C:D1:5D:17:91:2E:EC:F7:A5
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/dj3PaVvv3Ou6vIcM0V0XkS7s96U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.22.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:6b:4a:65:dd:3e:31:77:93:3e:b6:a2:80:49:51:79:da:3e:
5c:cd:61:db:35:4d:cf:9f:9e:f3:77:08:82:0b:e0:fd:31:7e:
cf:3b:2c:4c:bc:8b:66:de:21:49:16:da:b5:8e:36:03:61:78:
74:3d:70:71:a4:66:4a:45:f7:7b:df:95:bf:9a:75:93:de:ed:
4a:92:21:51:d4:73:fd:c4:97:16:13:53:db:dd:24:5a:cc:dc:
5c:20:58:13:2c:ed:33:74:26:04:4b:e7:4e:e7:b6:bb:22:6f:
8f:30:5b:f6:e7:7a:92:50:98:68:f5:25:7d:d8:84:b9:7c:9e:
fc:45:60:34:5c:7a:0f:66:a4:d1:ef:e2:d1:48:11:f2:29:34:
42:7e:e1:ff:03:62:60:d1:6f:97:13:5e:00:c8:8d:cd:ad:30:
02:ff:b2:b5:23:0d:9b:44:04:5a:92:07:6b:5c:68:de:f3:97:
39:fb:62:05:95:b1:bd:d6:a3:58:40:66:ec:50:95:a8:9b:20:
9d:12:77:a0:a6:ee:14:f4:39:25:21:b7:72:1d:1a:16:bb:ee:
1d:29:a5:72:1b:6a:60:68:a5:e8:30:b2:81:df:e6:44:9b:1d:
96:92:6f:01:21:bb:a4:39:58:43:74:5c:9e:2a:ab:b8:3a:0c:
47:7b:e8:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9VP5e5znEFCUF1hODzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNkY2Y2OTViZWZkY2ViYmFiYzg3MGNkMTVkMTc5MTJlZWNmN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFd1/Op22YryhdZPGb51k17Wlf2V
rTIR4GUN3OGRo0DYVHnyUMMO8lok+GuYNaaE8mtBEcmxt/TWL+XAm8bBzpGZbLrA
+UI9CbDuewPp8ySFw6SfVDwsBxie6Xbf9rY05p2w+nRiiXvymdJVolxtKUmvrCv+
kRvW1LaPJcxfcVdqc7JuebK1T1kbcYyDwA4LpgWo3f3WCJW5qhmYgnk2HMF9Zhgx
0+pbbSLqzobfKD5PlI6fdK0EU0xY9qDxHdnSGUEHVDaZxMCgGZrU0a7+thiu5CoB
AWmSpbg2Fzqjk3L4rUFNOJAi8HCTwsKdBvl+/fYc8eN3jBMa1M+dMSGCzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY9z2lb79zruryHDNFdF5Eu7PelMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvZGozUGFWdnYzT3U2dkljTTBWMFhrUzdzOTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkWMA0G
CSqGSIb3DQEBCwUAA4IBAQDRa0pl3T4xd5M+tqKASVF52j5czWHbNU3Pn57zdwiC
C+D9MX7POyxMvItm3iFJFtq1jjYDYXh0PXBxpGZKRfd735W/mnWT3u1KkiFR1HP9
xJcWE1Pb3SRazNxcIFgTLO0zdCYES+dO57a7Im+PMFv253qSUJho9SV92IS5fJ78
RWA0XHoPZqTR7+LRSBHyKTRCfuH/A2Jg0W+XE14AyI3NrTAC/7K1Iw2bRARakgdr
XGje85c5+2IFlbG91qNYQGbsUJWomyCdEnegpu4U9DklIbdyHRoWu+4dKaVyG2pg
aKXoMLKB3+ZEmx2Wkm8BIbukOVhDdFyeKqu4OgxHe+gm
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:25:14 2025 by rpki-client