Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/dnyw3iay1Aip2ZpVD4ZPk8-avl8.roa
File: dnyw3iay1Aip2ZpVD4ZPk8-avl8.roa (raw, json)
Hash identifier: mopZ0fPcq5kEmUODaOO6zKksU0YRbtLkTWrK5Idg3mI=
Subject key identifier: 76:7C:B0:DE:26:B2:D4:08:A9:D9:9A:55:0F:86:4F:93:CF:9A:BE:5F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 030B3DAC
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/dnyw3iay1Aip2ZpVD4ZPk8-avl8.roa
Signing time: Mon 21 Mar 2022 16:22:46 +0000
ROA not before: Mon 21 Mar 2022 16:22:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 109.205.215.0/24 maxlen: 24
109.205.214.0/24 maxlen: 24
88.151.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51068332 (0x30b3dac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Mar 21 16:22:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=767cb0de26b2d408a9d99a550f864f93cf9abe5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:49:df:5e:d2:04:cf:12:2d:1d:66:d2:38:a0:
ec:99:1a:ad:ff:cc:c1:80:45:77:65:47:ef:bf:0e:
93:07:a4:72:fc:5c:ed:2d:f7:85:08:91:96:e4:ee:
41:9d:9c:c4:82:d1:45:24:73:90:f3:fc:28:fa:38:
e1:90:a0:e9:c8:89:c3:3b:3d:59:49:73:16:36:98:
b1:10:d9:91:2d:ba:aa:a6:4d:65:8d:14:f7:76:2b:
4a:28:1c:21:14:48:3b:ef:6a:ca:30:31:36:d9:85:
c8:50:b6:f8:01:08:dd:6d:0a:ee:33:63:ca:21:e6:
e3:2e:88:22:13:d8:d9:a1:40:71:1c:98:0c:2d:dd:
36:31:89:46:e5:50:d0:8d:a7:39:20:b7:f0:f2:fa:
15:5a:bb:43:75:1b:dd:bf:01:c1:91:00:71:30:3e:
7e:06:06:ee:64:16:03:23:08:2e:07:6a:70:d2:7b:
f0:a7:fc:32:f4:d1:ce:12:3b:3e:b2:f7:ae:0c:20:
2f:8c:71:d3:54:71:70:a6:f6:4a:dd:e2:31:f0:f7:
8c:45:cd:d4:a4:4c:9e:7c:49:30:f1:b9:89:e3:f0:
90:fd:7b:c9:98:c0:b0:09:0c:46:e4:2a:93:7c:7f:
1f:46:74:b2:0f:21:ca:b6:ed:ea:21:09:a7:f5:ee:
f0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7C:B0:DE:26:B2:D4:08:A9:D9:9A:55:0F:86:4F:93:CF:9A:BE:5F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/dnyw3iay1Aip2ZpVD4ZPk8-avl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.192.0/24
109.205.214.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:b5:b2:7a:62:b4:21:56:5e:dc:24:f5:c8:82:ee:4b:87:69:
0b:1e:86:eb:f6:37:3e:cc:03:5e:23:0c:be:37:55:4f:e6:85:
75:87:3a:19:00:7d:9c:55:c2:11:0d:85:61:6b:fb:82:80:b8:
fb:cc:7c:9d:a3:b0:19:c5:66:78:82:c2:80:09:75:9d:b0:29:
e7:80:8d:61:35:f9:cc:20:e8:5c:7a:76:53:67:54:56:63:7f:
fd:75:db:fc:ba:63:3a:fd:77:73:5f:a1:cf:69:54:3a:72:ea:
9e:5b:30:2f:78:33:1d:3b:df:e2:b7:c0:35:4d:8e:79:64:69:
db:6a:5c:d8:7d:16:99:8c:1e:9b:83:5f:31:da:f7:4f:97:21:
33:55:3d:dc:eb:73:9f:08:ef:a6:f8:72:c4:c9:4f:9d:38:83:
2e:c7:45:1a:58:aa:4d:21:69:93:fc:08:82:07:45:79:84:13:
93:aa:b2:4c:0d:3a:d4:5b:1c:ef:3a:93:1d:52:e8:e3:8c:21:
65:bf:13:e0:1c:0f:4e:8b:ba:69:0a:c3:54:24:9e:24:aa:f8:
8d:db:61:25:32:a2:c0:26:01:09:2e:f8:b2:75:79:2f:2c:9a:
24:2c:c4:1a:6b:e6:59:66:9d:78:af:de:c8:9c:24:3f:6a:4a:
c4:8f:72:ba
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAws9rDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDMy
MTE2MjI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY3Y2IwZGUyNmIy
ZDQwOGE5ZDk5YTU1MGY4NjRmOTNjZjlhYmU1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhJ317SBM8SLR1m0jig7Jkarf/MwYBFd2VH778Okwekcvxc
7S33hQiRluTuQZ2cxILRRSRzkPP8KPo44ZCg6ciJwzs9WUlzFjaYsRDZkS26qqZN
ZY0U93YrSigcIRRIO+9qyjAxNtmFyFC2+AEI3W0K7jNjyiHm4y6IIhPY2aFAcRyY
DC3dNjGJRuVQ0I2nOSC38PL6FVq7Q3Ub3b8BwZEAcTA+fgYG7mQWAyMILgdqcNJ7
8Kf8MvTRzhI7PrL3rgwgL4xx01RxcKb2St3iMfD3jEXN1KRMnnxJMPG5iePwkP17
yZjAsAkMRuQqk3x/H0Z0sg8hyrbt6iEJp/Xu8BMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR2fLDeJrLUCKnZmlUPhk+Tz5q+XzAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
L2RueXczaWF5MUFpcDJacFZENFpQazgtYXZsOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFiXwAMEAW3N1jANBgkqhkiG9w0B
AQsFAAOCAQEAOrWyemK0IVZe3CT1yILuS4dpCx6G6/Y3PswDXiMMvjdVT+aFdYc6
GQB9nFXCEQ2FYWv7goC4+8x8naOwGcVmeILCgAl1nbAp54CNYTX5zCDoXHp2U2dU
VmN//XXb/LpjOv13c1+hz2lUOnLqnlswL3gzHTvf4rfANU2OeWRp22pc2H0WmYwe
m4NfMdr3T5chM1U93OtznwjvpvhyxMlPnTiDLsdFGliqTSFpk/wIggdFeYQTk6qy
TA061Fsc7zqTHVLo44whZb8T4BwPTou6aQrDVCSeJKr4jdthJTKiwCYBCS74snV5
LyyaJCzEGmvmWWadeK/eyJwkP2pKxI9yug==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:47 2025 by rpki-client