Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/Dkrh41RBUsOp4qRaJPjaH27mOk8.roa
File: Dkrh41RBUsOp4qRaJPjaH27mOk8.roa (raw, json)
Hash identifier: gGPZZ0iWtzD6zMuXDM8R7ORnwWwYkBuFtbb3ZzRfOfA=
Subject key identifier: 0E:4A:E1:E3:54:41:52:C3:A9:E2:A4:5A:24:F8:DA:1F:6E:E6:3A:4F
Certificate issuer: /CN=9478ed3ead627fce16c5180250c466217318d65c
Certificate serial: 01856CB85A56DCE2E1746E042D56B6EDE1AD
Authority key identifier: 94:78:ED:3E:AD:62:7F:CE:16:C5:18:02:50:C4:66:21:73:18:D6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHjtPq1if84WxRgCUMRmIXMY1lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/Dkrh41RBUsOp4qRaJPjaH27mOk8.roa
Signing time: Sun 01 Jan 2023 09:44:59 +0000
ROA not before: Sun 01 Jan 2023 09:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25148
IP address blocks: 89.250.112.0/20 maxlen: 20
79.171.80.0/21 maxlen: 21
195.28.172.0/23 maxlen: 23
109.68.88.0/21 maxlen: 21
46.31.184.0/22 maxlen: 22
194.24.252.0/23 maxlen: 23
81.93.160.0/20 maxlen: 20
46.31.188.0/22 maxlen: 22
195.225.0.0/19 maxlen: 19
2a01:600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:5a:56:dc:e2:e1:74:6e:04:2d:56:b6:ed:e1:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9478ed3ead627fce16c5180250c466217318d65c
Validity
Not Before: Jan 1 09:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e4ae1e3544152c3a9e2a45a24f8da1f6ee63a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:c8:bb:0e:72:9b:c9:27:24:8f:c2:f6:94:
85:f4:21:de:9c:b1:a3:11:d8:d8:52:8a:68:28:9e:
ce:25:96:08:46:1a:ac:d6:11:c8:e2:f7:b6:42:b7:
e7:fe:00:20:2d:96:a4:2b:00:6b:8c:3e:a8:5e:8c:
69:f4:cc:07:7e:30:22:a6:6c:b3:d2:1f:9c:23:9a:
44:78:25:de:b3:3f:0b:08:69:0d:85:f8:4c:83:e2:
25:de:cd:79:8a:a8:4f:6f:b2:27:39:b7:63:b3:f6:
87:62:96:8a:3b:e3:08:0c:1f:fd:6c:0d:37:8f:a5:
fa:d8:73:40:3e:26:53:9b:40:14:1d:fd:ee:7f:94:
46:bd:08:b3:31:fc:1a:d3:53:f4:09:d5:b5:02:0d:
8b:9f:7d:44:20:b0:de:6e:b9:26:b4:db:94:80:79:
0d:48:a7:30:0f:d0:76:65:0d:89:f9:70:c9:18:50:
a7:3c:23:2e:36:d1:50:bb:a5:71:14:92:d4:51:ef:
b8:79:bc:0c:14:0c:c7:c5:cd:14:62:0c:d5:75:ec:
3c:d3:8d:f6:6f:21:b5:12:10:98:0f:69:0d:69:bf:
77:7c:d6:4e:9f:b9:6c:ba:54:f6:bd:09:32:50:3e:
06:24:69:2e:0d:37:99:99:af:a1:ca:20:b3:f9:55:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4A:E1:E3:54:41:52:C3:A9:E2:A4:5A:24:F8:DA:1F:6E:E6:3A:4F
X509v3 Authority Key Identifier:
keyid:94:78:ED:3E:AD:62:7F:CE:16:C5:18:02:50:C4:66:21:73:18:D6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHjtPq1if84WxRgCUMRmIXMY1lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/Dkrh41RBUsOp4qRaJPjaH27mOk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/lHjtPq1if84WxRgCUMRmIXMY1lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.184.0/21
79.171.80.0/21
81.93.160.0/20
89.250.112.0/20
109.68.88.0/21
194.24.252.0/23
195.28.172.0/23
195.225.0.0/19
IPv6:
2a01:600::/32
Signature Algorithm: sha256WithRSAEncryption
7a:0c:0e:69:79:b0:43:52:26:33:23:67:04:a5:e0:b5:f7:43:
95:86:cf:dd:1f:ca:bc:a5:1b:2f:5f:57:ab:01:aa:d3:2e:e8:
1c:8b:4c:d3:23:15:9a:66:c7:ab:ce:93:7d:fa:75:c8:08:42:
4b:56:7b:a4:32:25:3f:5c:af:93:de:5e:08:24:1f:5c:3a:18:
61:5a:3a:8d:8e:7d:aa:35:30:5b:4d:e3:c2:d9:61:8d:c7:d6:
7d:1c:bd:ba:41:0f:49:3f:52:1a:cf:26:15:93:4c:0e:2d:90:
89:2b:d6:f2:c7:14:31:e0:fd:21:c4:27:13:2b:f7:98:5a:41:
4b:b5:23:f9:77:c0:62:aa:e8:a9:40:ca:4d:58:62:a1:7e:0b:
e8:0e:b6:d3:e1:12:1a:78:1a:61:29:f2:ea:41:d7:08:b7:0a:
7e:bb:2b:35:f5:f5:c0:4b:df:e2:6d:63:b2:01:f2:2d:86:88:
6f:1a:ff:e3:80:89:ac:4d:48:92:7a:46:7d:a4:14:6f:a0:e4:
95:fb:2a:1f:f9:89:f9:6d:e4:0f:04:ed:8c:10:4e:32:30:53:
30:2c:07:0b:84:8d:3a:c0:e8:62:13:5b:cb:6f:89:f1:d3:43:
6d:ff:f0:1c:6c:94:ac:64:63:0b:05:1c:a0:b1:2a:c4:38:f8:
80:c8:8e:26
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVsuFpW3OLhdG4ELVa27eGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzhlZDNlYWQ2MjdmY2UxNmM1MTgwMjUwYzQ2NjIxNzMx
OGQ2NWMwHhcNMjMwMTAxMDk0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTRhZTFlMzU0NDE1MmMzYTllMmE0NWEyNGY4ZGExZjZlZTYzYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr7Iuw5ym8knJI/C9pSF9CHenLGj
EdjYUopoKJ7OJZYIRhqs1hHI4ve2Qrfn/gAgLZakKwBrjD6oXoxp9MwHfjAipmyz
0h+cI5pEeCXesz8LCGkNhfhMg+Il3s15iqhPb7InObdjs/aHYpaKO+MIDB/9bA03
j6X62HNAPiZTm0AUHf3uf5RGvQizMfwa01P0CdW1Ag2Ln31EILDebrkmtNuUgHkN
SKcwD9B2ZQ2J+XDJGFCnPCMuNtFQu6VxFJLUUe+4ebwMFAzHxc0UYgzVdew80432
byG1EhCYD2kNab93fNZOn7lsulT2vQkyUD4GJGkuDTeZma+hyiCz+VV02QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFA5K4eNUQVLDqeKkWiT42h9u5jpPMB8GA1UdIwQY
MBaAFJR47T6tYn/OFsUYAlDEZiFzGNZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhqdFBxMWlmODRXeFJnQ1VNUm1JWE1ZMWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lNGJlMjMtYjUzNi00ZTMwLTlhNWIt
NWQ1ZDAyYmI3MTk5LzEvRGtyaDQxUkJVc09wNHFSYUpQamFIMjdtT2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lNGJlMjMtYjUzNi00ZTMwLTlhNWItNWQ1ZDAyYmI3MTk5
LzEvbEhqdFBxMWlmODRXeFJnQ1VNUm1JWE1ZMWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLh+4AwQD
T6tQAwQEUV2gAwQEWfpwAwQDbURYAwQBwhj8AwQBwxysAwQFw+EAMA0EAgACMAcD
BQAqAQYAMA0GCSqGSIb3DQEBCwUAA4IBAQB6DA5pebBDUiYzI2cEpeC190OVhs/d
H8q8pRsvX1erAarTLugci0zTIxWaZserzpN9+nXICEJLVnukMiU/XK+T3l4IJB9c
OhhhWjqNjn2qNTBbTePC2WGNx9Z9HL26QQ9JP1IazyYVk0wOLZCJK9byxxQx4P0h
xCcTK/eYWkFLtSP5d8BiquipQMpNWGKhfgvoDrbT4RIaeBphKfLqQdcItwp+uys1
9fXAS9/ibWOyAfIthohvGv/jgImsTUiSekZ9pBRvoOSV+yof+Yn5beQPBO2MEE4y
MFMwLAcLhI06wOhiE1vLb4nx00Nt//AcbJSsZGMLBRygsSrEOPiAyI4m
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:38 2025 by rpki-client