Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DDOHe8VRuZYSoAmAr7pXBl2xdCU.roa
File: DDOHe8VRuZYSoAmAr7pXBl2xdCU.roa (raw, json)
Hash identifier: crRL38Id0NlpRNlg1Y6e4fXCcmLY+pSHVThTxMSbaVk=
Subject key identifier: 0C:33:87:7B:C5:51:B9:96:12:A0:09:80:AF:BA:57:06:5D:B1:74:25
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182A02DA6B9A2D28938AFA01E086554415B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DDOHe8VRuZYSoAmAr7pXBl2xdCU.roa
Signing time: Mon 15 Aug 2022 06:25:22 +0000
ROA not before: Mon 15 Aug 2022 06:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
109.205.211.0/24 maxlen: 24
185.81.216.0/22 maxlen: 22
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a0:2d:a6:b9:a2:d2:89:38:af:a0:1e:08:65:54:41:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 15 06:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c33877bc551b99612a00980afba57065db17425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:09:13:a0:09:74:ba:5d:ff:74:ab:b6:8b:51:
06:26:91:ea:e7:94:18:41:a1:b1:c3:2a:77:7b:b7:
5e:23:79:4e:ff:b9:bf:fa:48:f6:65:d5:5b:3a:d9:
c7:de:d4:1d:af:9a:c0:b9:17:d6:96:46:76:95:8c:
df:9f:d4:ee:6c:92:b6:46:fa:6b:e2:ac:aa:ee:f6:
25:15:60:38:45:fb:c0:f0:33:58:3e:59:fc:8e:3e:
ea:39:7e:d6:bd:f1:e5:5f:c5:7e:eb:2c:09:ac:41:
27:88:5c:47:da:a6:98:43:b1:a2:83:7e:ff:8b:34:
3b:5b:ea:a8:06:15:14:54:f3:6f:7f:af:e1:e2:b6:
df:04:5f:82:ff:a0:b3:c2:6c:d9:1a:c1:35:ad:8e:
f5:7f:e6:01:ac:17:6a:fb:8d:e1:95:c9:89:6b:17:
61:db:9f:95:8c:18:7b:db:0a:fc:74:07:71:96:71:
f6:0e:13:9e:34:83:df:a1:ef:27:95:1a:47:32:a7:
04:8e:77:15:2b:e2:bf:cc:e2:c3:c5:cb:d7:24:4c:
8b:32:9d:2e:d8:61:37:be:cf:22:1f:27:f0:53:18:
31:e2:b7:b6:52:e8:d5:aa:58:4b:0d:c3:98:dd:49:
49:95:d9:32:e3:56:de:9d:e4:01:f8:2a:1e:4d:76:
c5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:33:87:7B:C5:51:B9:96:12:A0:09:80:AF:BA:57:06:5D:B1:74:25
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DDOHe8VRuZYSoAmAr7pXBl2xdCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.195.0/24
109.205.211.0/24
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:cc:26:15:78:dd:44:57:61:84:50:68:1c:8d:19:79:f4:8f:
70:89:09:17:6c:9e:ad:43:23:90:4c:46:c1:7f:75:aa:1d:07:
7b:7a:aa:62:99:3a:b9:34:da:a5:34:9b:ee:96:4f:22:f3:61:
67:41:fd:98:79:8f:a4:b9:f1:8d:cb:a5:26:82:b9:15:0f:ab:
99:45:5d:1e:28:6d:1e:6f:8b:bf:45:2c:9f:37:49:f1:05:aa:
5a:f4:aa:6c:98:f8:1b:0b:1d:e7:5f:41:c1:ae:47:b0:f9:ab:
e7:25:a6:45:1b:37:ed:f4:f9:72:6a:e8:4f:37:ff:69:77:e6:
5b:31:83:41:cb:ec:fd:f8:85:ee:fa:e7:67:9d:97:13:03:8e:
aa:9d:37:da:78:43:0e:cd:22:7b:bd:9b:35:80:6e:dc:db:11:
fc:35:17:12:c8:a3:97:7d:30:40:c9:d2:5a:82:d0:1a:e3:3f:
dd:fd:fb:ef:cd:38:a5:09:1a:df:49:c3:b2:6e:98:a0:04:8e:
33:50:31:90:5c:b8:a2:53:85:6b:b1:35:2a:14:fe:f1:95:5d:
b2:99:ea:78:c4:73:5a:8b:e6:ad:63:b6:bc:50:97:1c:d6:45:
32:43:56:40:b0:8c:a7:96:6c:80:75:d8:f7:cd:4f:70:a2:72:
20:9f:66:a2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYKgLaa5otKJOK+gHghlVEFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODE1MDYyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzMzODc3YmM1NTFiOTk2MTJhMDA5ODBhZmJhNTcwNjVkYjE3NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAkToAl0ul3/dKu2i1EGJpHq55QY
QaGxwyp3e7deI3lO/7m/+kj2ZdVbOtnH3tQdr5rAuRfWlkZ2lYzfn9TubJK2Rvpr
4qyq7vYlFWA4RfvA8DNYPln8jj7qOX7WvfHlX8V+6ywJrEEniFxH2qaYQ7Gig37/
izQ7W+qoBhUUVPNvf6/h4rbfBF+C/6CzwmzZGsE1rY71f+YBrBdq+43hlcmJaxdh
25+VjBh72wr8dAdxlnH2DhOeNIPfoe8nlRpHMqcEjncVK+K/zOLDxcvXJEyLMp0u
2GE3vs8iHyfwUxgx4re2UujVqlhLDcOY3UlJldky41beneQB+CoeTXbFtQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAwzh3vFUbmWEqAJgK+6VwZdsXQlMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRERPSGU4VlJ1WllTb0FtQXI3cFhCbDJ4ZENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQAWJfDAwQAbc3TAwQApNdkAwQCuVHYMA0G
CSqGSIb3DQEBCwUAA4IBAQBezCYVeN1EV2GEUGgcjRl59I9wiQkXbJ6tQyOQTEbB
f3WqHQd7eqpimTq5NNqlNJvulk8i82FnQf2YeY+kufGNy6UmgrkVD6uZRV0eKG0e
b4u/RSyfN0nxBapa9KpsmPgbCx3nX0HBrkew+avnJaZFGzft9PlyauhPN/9pd+Zb
MYNBy+z9+IXu+udnnZcTA46qnTfaeEMOzSJ7vZs1gG7c2xH8NRcSyKOXfTBAydJa
gtAa4z/d/fvvzTilCRrfScOybpigBI4zUDGQXLiiU4VrsTUqFP7xlV2ymep4xHNa
i+atY7a8UJcc1kUyQ1ZAsIynlmyAddj3zU9wonIgn2ai
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:08 2025 by rpki-client