Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/3213d3-cd1a-464d-918d-2d626acb7833/1/dDn252mxSSq5csue1Jh-ue3sPfs.roa
File: dDn252mxSSq5csue1Jh-ue3sPfs.roa (raw, json)
Hash identifier: y8S4iGLbgh3tIObtDCU8zvXa+Wvt9s3vtZDwaAj/5l0=
Subject key identifier: 74:39:F6:E7:69:B1:49:2A:B9:72:CB:9E:D4:98:7E:B9:ED:EC:3D:FB
Certificate issuer: /CN=43d94e06871609cc1f815a56de5c9faf6d57d584
Certificate serial: 01856DC1B9BC2C4F50DA1C0C8864245E3FB0
Authority key identifier: 43:D9:4E:06:87:16:09:CC:1F:81:5A:56:DE:5C:9F:AF:6D:57:D5:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9lOBocWCcwfgVpW3lyfr21X1YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/3213d3-cd1a-464d-918d-2d626acb7833/1/dDn252mxSSq5csue1Jh-ue3sPfs.roa
Signing time: Sun 01 Jan 2023 14:34:50 +0000
ROA not before: Sun 01 Jan 2023 14:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58185
IP address blocks: 185.102.144.0/22 maxlen: 22
5.44.128.0/21 maxlen: 21
5.44.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b9:bc:2c:4f:50:da:1c:0c:88:64:24:5e:3f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d94e06871609cc1f815a56de5c9faf6d57d584
Validity
Not Before: Jan 1 14:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7439f6e769b1492ab972cb9ed4987eb9edec3dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:be:10:ac:1a:4b:6c:c4:b0:57:ea:ac:74:fa:
5f:57:ca:64:3c:43:03:d1:e1:2e:90:4b:54:c3:1c:
27:94:3b:60:d5:2c:ed:fc:98:bb:1c:e4:33:11:8f:
4d:f4:fb:a9:b1:67:0d:be:1c:bb:10:61:4b:04:87:
1f:e2:bf:22:78:37:58:bd:a7:44:9c:b7:f5:9e:14:
9f:0e:c4:a4:f2:60:e8:0e:f7:8d:4f:75:36:2c:02:
1b:03:e3:4b:84:95:2e:e8:d3:33:2f:74:e4:e9:97:
a5:80:f8:28:56:45:ed:c2:93:a4:32:26:29:12:a6:
90:a5:f6:6c:5b:f4:73:d5:91:08:c5:b1:9c:7b:ef:
3b:0c:c5:1a:df:c6:e7:53:8f:55:9e:4a:ba:d8:1f:
ee:05:e9:b5:9b:ab:12:28:21:1d:65:e7:bd:0c:5a:
fc:c6:1c:bd:8c:9d:80:4c:45:0d:94:82:0f:bd:07:
86:d9:d6:e0:28:a8:67:f3:3c:89:05:5c:4b:5f:7e:
a1:01:f2:0c:47:5f:2a:2d:9c:b4:9f:98:63:99:62:
85:a6:b3:7a:be:cf:e7:5b:d9:06:45:bc:cc:e5:1e:
56:2a:01:92:29:c9:b4:6e:06:96:04:97:6c:2d:bb:
06:09:81:88:93:ad:21:ee:cd:37:4c:9e:7c:3a:d0:
cd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:39:F6:E7:69:B1:49:2A:B9:72:CB:9E:D4:98:7E:B9:ED:EC:3D:FB
X509v3 Authority Key Identifier:
keyid:43:D9:4E:06:87:16:09:CC:1F:81:5A:56:DE:5C:9F:AF:6D:57:D5:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9lOBocWCcwfgVpW3lyfr21X1YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3213d3-cd1a-464d-918d-2d626acb7833/1/dDn252mxSSq5csue1Jh-ue3sPfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3213d3-cd1a-464d-918d-2d626acb7833/1/Q9lOBocWCcwfgVpW3lyfr21X1YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.128.0/21
185.102.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:3e:2b:bf:55:c4:94:c8:38:89:51:cf:fd:76:2c:17:8c:f2:
ae:08:50:3d:97:43:2e:ff:68:da:44:4a:c2:e3:c4:a9:e3:4c:
89:2b:e2:54:ef:66:9f:d3:b2:0b:ac:09:8f:56:8b:a7:33:a5:
1a:4d:78:71:80:77:9c:27:e8:fe:bb:84:8d:e1:4d:56:83:bd:
c4:18:75:85:1c:72:ea:83:5d:5c:c3:21:be:70:ac:f4:69:d4:
77:f5:55:af:09:df:31:18:04:14:df:21:c2:1d:7f:38:36:ce:
74:96:d4:e9:d8:b8:a9:11:e0:b6:5f:aa:d7:ab:9c:cc:6c:a0:
18:6a:33:3a:03:1b:6b:3b:f9:24:b3:68:5f:2d:51:02:a3:fd:
b2:72:be:59:73:ca:48:37:50:b1:56:9c:35:f5:46:30:ad:88:
49:a8:78:cd:d8:cc:52:18:99:e4:48:47:4d:c1:1a:d7:4a:0f:
49:bb:03:e4:6f:8a:8a:d7:43:3e:ee:99:95:c1:a2:64:c7:93:
0b:4e:89:f3:eb:66:6d:fa:03:45:07:71:67:a8:8d:36:5d:d5:
f9:c0:b3:30:be:17:42:0d:32:49:65:22:2f:01:3d:96:c1:11:
f8:99:27:7d:df:ae:16:35:a9:80:b2:05:71:db:2b:8a:57:a8:
82:4f:11:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtwbm8LE9Q2hwMiGQkXj+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDk0ZTA2ODcxNjA5Y2MxZjgxNWE1NmRlNWM5ZmFmNmQ1
N2Q1ODQwHhcNMjMwMTAxMTQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDM5ZjZlNzY5YjE0OTJhYjk3MmNiOWVkNDk4N2ViOWVkZWMzZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1L4QrBpLbMSwV+qsdPpfV8pkPEMD
0eEukEtUwxwnlDtg1Szt/Ji7HOQzEY9N9PupsWcNvhy7EGFLBIcf4r8ieDdYvadE
nLf1nhSfDsSk8mDoDveNT3U2LAIbA+NLhJUu6NMzL3Tk6ZelgPgoVkXtwpOkMiYp
EqaQpfZsW/Rz1ZEIxbGce+87DMUa38bnU49Vnkq62B/uBem1m6sSKCEdZee9DFr8
xhy9jJ2ATEUNlIIPvQeG2dbgKKhn8zyJBVxLX36hAfIMR18qLZy0n5hjmWKFprN6
vs/nW9kGRbzM5R5WKgGSKcm0bgaWBJdsLbsGCYGIk60h7s03TJ58OtDNnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHQ59udpsUkquXLLntSYfrnt7D37MB8GA1UdIwQY
MBaAFEPZTgaHFgnMH4FaVt5cn69tV9WEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlsT0JvY1dDY3dmZ1ZwVzNseWZyMjFYMVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8zMjEzZDMtY2QxYS00NjRkLTkxOGQt
MmQ2MjZhY2I3ODMzLzEvZERuMjUybXhTU3E1Y3N1ZTFKaC11ZTNzUGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8zMjEzZDMtY2QxYS00NjRkLTkxOGQtMmQ2MjZhY2I3ODMz
LzEvUTlsT0JvY1dDY3dmZ1ZwVzNseWZyMjFYMVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBSyAAwQC
uWaQMA0GCSqGSIb3DQEBCwUAA4IBAQCLPiu/VcSUyDiJUc/9diwXjPKuCFA9l0Mu
/2jaRErC48Sp40yJK+JU72af07ILrAmPVounM6UaTXhxgHecJ+j+u4SN4U1Wg73E
GHWFHHLqg11cwyG+cKz0adR39VWvCd8xGAQU3yHCHX84Ns50ltTp2LipEeC2X6rX
q5zMbKAYajM6AxtrO/kks2hfLVECo/2ycr5Zc8pIN1CxVpw19UYwrYhJqHjN2MxS
GJnkSEdNwRrXSg9JuwPkb4qK10M+7pmVwaJkx5MLTonz62Zt+gNFB3FnqI02XdX5
wLMwvhdCDTJJZSIvAT2WwRH4mSd9364WNamAsgVx2yuKV6iCTxFp
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:41:14 2025 by rpki-client