Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/DJRcH92LCyNilG8u29fFmKqmvTM.roa
File: DJRcH92LCyNilG8u29fFmKqmvTM.roa (raw, json)
Hash identifier: GfA/yM0Tf+r9idDnYJRjrD3xsFjAwhLGYQ0RJkg8BgE=
Subject key identifier: 0C:94:5C:1F:DD:8B:0B:23:62:94:6F:2E:DB:D7:C5:98:AA:A6:BD:33
Certificate issuer: /CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Certificate serial: 16C4861D
Authority key identifier: 38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/DJRcH92LCyNilG8u29fFmKqmvTM.roa
Signing time: Sat 01 Jan 2022 09:01:54 +0000
ROA not before: Sat 01 Jan 2022 09:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201644
IP address blocks: 185.68.89.0/24 maxlen: 24
185.68.90.0/23 maxlen: 23
185.68.90.0/24 maxlen: 24
185.68.91.0/24 maxlen: 24
185.68.88.0/22 maxlen: 22
185.68.88.0/24 maxlen: 24
185.68.88.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 381978141 (0x16c4861d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Validity
Not Before: Jan 1 09:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c945c1fdd8b0b2362946f2edbd7c598aaa6bd33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a3:d2:7a:d7:31:c2:cc:f6:5e:30:4b:a8:6c:
7a:27:f3:68:fc:de:cf:56:aa:35:12:77:f0:11:6b:
f5:b0:39:98:09:30:ee:87:b5:60:18:00:d4:e6:f2:
58:cb:20:8f:df:0d:aa:03:0b:31:2f:e6:74:28:91:
39:44:ff:ec:1b:73:a8:21:34:70:13:3f:91:88:0b:
a2:13:2c:5a:00:42:45:c0:ff:6f:df:1b:f7:74:2a:
ce:6d:e8:1d:1c:48:28:0a:34:37:85:14:96:aa:31:
b5:81:6c:53:9e:ee:b5:3b:81:db:26:94:ea:a8:5d:
59:fd:96:4f:fa:eb:f3:a8:7b:56:6d:5c:51:1a:af:
4a:41:3c:da:d7:7a:ee:a3:43:33:b9:d6:b3:7a:62:
20:1c:0a:9e:62:e2:23:b2:1d:b8:d7:e7:28:83:72:
c5:b5:0c:65:b7:35:fa:83:97:d1:76:49:1b:17:ff:
3e:cd:45:5b:18:58:3d:1a:e1:d0:4d:bc:2b:42:fe:
57:2f:34:02:04:03:35:02:0e:d7:3b:93:88:69:2e:
25:92:8c:8d:25:eb:90:46:9c:23:e6:84:b7:01:bb:
d3:cb:73:c0:eb:97:26:39:26:4f:c8:2b:68:2a:d5:
f0:fd:9c:d3:8f:7c:38:4c:07:a0:41:2d:32:27:12:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:94:5C:1F:DD:8B:0B:23:62:94:6F:2E:DB:D7:C5:98:AA:A6:BD:33
X509v3 Authority Key Identifier:
keyid:38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/DJRcH92LCyNilG8u29fFmKqmvTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.88.0/22
Signature Algorithm: sha256WithRSAEncryption
25:1c:a4:65:bb:66:f2:3e:fd:ec:39:26:56:13:bc:21:1e:af:
6f:f8:bd:2f:64:6c:d7:3a:22:69:09:e7:60:f6:fe:3d:88:bb:
28:08:14:24:bb:ac:1d:5d:79:70:c2:44:50:2c:ec:54:c3:f4:
30:0d:ef:79:b5:00:38:4d:0c:32:9f:20:0a:99:09:f4:30:2b:
f4:f7:8a:d9:aa:97:3f:f7:b3:68:e2:a5:69:b0:cc:a1:ab:01:
e2:a4:ad:45:f1:04:41:d9:94:5e:89:8e:31:01:28:ad:6b:bb:
23:8d:56:ec:42:36:72:9c:44:a8:42:ae:4b:5e:39:10:ed:36:
cb:08:ce:27:e4:1f:08:6b:bf:27:a2:79:bc:02:24:1e:1a:2b:
65:9e:98:f9:ea:45:9a:0f:5a:5a:3a:92:3b:8d:f8:8d:08:32:
4c:ab:86:04:5e:66:9f:ca:62:bd:d7:2f:74:0b:87:44:b4:fc:
19:11:42:75:6c:30:ab:de:81:c2:0c:b5:59:78:8f:8c:77:71:
d8:c5:49:69:58:03:c0:be:56:56:6a:3e:8c:67:4c:dd:a6:ca:
71:f3:91:af:cf:a5:a6:01:32:3f:b3:0f:92:48:8c:42:1f:db:
f8:1b:de:88:fc:46:bf:9b:f2:4a:b9:7e:fc:c1:67:8d:7b:90:
bc:dc:cb:0c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFsSGHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODkwZTdhNDU0OWE1NzFmNjhiNjg4ZGFkNGY1Y2VkOGU1MjkwNjhiMB4XDTIyMDEw
MTA5MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM5NDVjMWZkZDhi
MGIyMzYyOTQ2ZjJlZGJkN2M1OThhYWE2YmQzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqj0nrXMcLM9l4wS6hseifzaPzez1aqNRJ38BFr9bA5mAkw
7oe1YBgA1ObyWMsgj98NqgMLMS/mdCiROUT/7BtzqCE0cBM/kYgLohMsWgBCRcD/
b98b93Qqzm3oHRxIKAo0N4UUlqoxtYFsU57utTuB2yaU6qhdWf2WT/rr86h7Vm1c
URqvSkE82td67qNDM7nWs3piIBwKnmLiI7IduNfnKINyxbUMZbc1+oOX0XZJGxf/
Ps1FWxhYPRrh0E28K0L+Vy80AgQDNQIO1zuTiGkuJZKMjSXrkEacI+aEtwG708tz
wOuXJjkmT8graCrV8P2c0498OEwHoEEtMicSSesCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMlFwf3YsLI2KUby7b18WYqqa9MzAfBgNVHSMEGDAWgBQ4kOekVJpXH2i2
iNrU9c7Y5SkGizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09KRG5wRlNhVng5b3RvamExUFhPMk9VcEJvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvMjVkZjRlLWFmYzUtNGM1MC04ZGUyLTk0ODEyYzdmNDQ5ZS8x
L0RKUmNIOTJMQ3lOaWxHOHUyOWZGbUtxbXZUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
MjVkZjRlLWFmYzUtNGM1MC04ZGUyLTk0ODEyYzdmNDQ5ZS8xL09KRG5wRlNhVng5
b3RvamExUFhPMk9VcEJvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlEWDANBgkqhkiG9w0BAQsFAAOC
AQEAJRykZbtm8j797DkmVhO8IR6vb/i9L2Rs1zoiaQnnYPb+PYi7KAgUJLusHV15
cMJEUCzsVMP0MA3vebUAOE0MMp8gCpkJ9DAr9PeK2aqXP/ezaOKlabDMoasB4qSt
RfEEQdmUXomOMQEorWu7I41W7EI2cpxEqEKuS145EO02ywjOJ+QfCGu/J6J5vAIk
HhorZZ6Y+epFmg9aWjqSO434jQgyTKuGBF5mn8pivdcvdAuHRLT8GRFCdWwwq96B
wgy1WXiPjHdx2MVJaVgDwL5WVmo+jGdM3abKcfORr8+lpgEyP7MPkkiMQh/b+Bve
iPxGv5vySrl+/MFnjXuQvNzLDA==
-----END CERTIFICATE-----
Generated at Sun May 11 13:28:52 2025 by rpki-client