Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/DG1uj3s4tK65lWM4i4kJac6V_Ps.roa
File: DG1uj3s4tK65lWM4i4kJac6V_Ps.roa (raw, json)
Hash identifier: xbugn87lfeVnv0t9ZxoGY7irJJHTsveEiA1ulHGwnng=
Subject key identifier: 0C:6D:6E:8F:7B:38:B4:AE:B9:95:63:38:8B:89:09:69:CE:95:FC:FB
Certificate issuer: /CN=8d8f7eb4d2548f9ccbf3cb38e702a190c11742f5
Certificate serial: 01857079AA9A3586B1DADE3BCADC21070B7C
Authority key identifier: 8D:8F:7E:B4:D2:54:8F:9C:CB:F3:CB:38:E7:02:A1:90:C1:17:42:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jY9-tNJUj5zL88s45wKhkMEXQvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/DG1uj3s4tK65lWM4i4kJac6V_Ps.roa
Signing time: Mon 02 Jan 2023 03:14:59 +0000
ROA not before: Mon 02 Jan 2023 03:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205071
IP address blocks: 185.231.96.0/22 maxlen: 22
195.140.232.0/22 maxlen: 22
193.138.108.0/24 maxlen: 24
2a0c:5100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:aa:9a:35:86:b1:da:de:3b:ca:dc:21:07:0b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d8f7eb4d2548f9ccbf3cb38e702a190c11742f5
Validity
Not Before: Jan 2 03:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c6d6e8f7b38b4aeb99563388b890969ce95fcfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b5:af:5e:cb:25:7d:65:b0:2e:52:fe:7a:79:
fe:91:a7:fd:ca:56:96:d1:73:9e:d9:d0:ab:86:30:
9c:6c:67:fd:0a:62:71:82:86:0d:83:e0:69:50:4e:
9c:70:fb:e7:c6:57:6a:de:7b:7b:3f:8b:b3:7f:6d:
45:0a:34:29:b3:4a:89:d8:81:ce:7f:63:45:19:6b:
22:81:66:41:e6:35:4f:b0:84:21:e1:0b:42:a6:1c:
be:13:99:c7:39:11:61:9c:41:b2:35:9f:1d:ba:a0:
96:04:de:d0:b3:f1:63:d7:6b:98:46:92:d4:27:2b:
1f:42:68:ff:2d:a3:41:e4:27:6d:09:09:f2:2f:e3:
bd:6f:77:d0:78:f1:f6:2b:59:37:bb:f2:86:f0:21:
7b:df:d8:8d:82:1e:25:81:27:57:77:d2:70:db:fd:
e8:7f:37:3c:b4:2b:2a:9e:31:0f:8d:dc:3f:cd:72:
34:a3:bb:ec:77:eb:2d:7b:bf:97:b8:a0:1c:2e:12:
93:1e:e1:12:b3:00:85:27:d6:2c:ae:ce:f4:f5:17:
6b:78:b1:33:18:f9:fa:a4:81:13:66:34:97:5b:0a:
20:53:c5:a6:73:2c:45:ae:98:06:5b:b7:cd:b5:4f:
ff:64:79:6c:e1:f2:db:73:87:21:cc:7c:64:ef:ed:
ee:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:6D:6E:8F:7B:38:B4:AE:B9:95:63:38:8B:89:09:69:CE:95:FC:FB
X509v3 Authority Key Identifier:
keyid:8D:8F:7E:B4:D2:54:8F:9C:CB:F3:CB:38:E7:02:A1:90:C1:17:42:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jY9-tNJUj5zL88s45wKhkMEXQvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/DG1uj3s4tK65lWM4i4kJac6V_Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/jY9-tNJUj5zL88s45wKhkMEXQvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.96.0/22
193.138.108.0/24
195.140.232.0/22
IPv6:
2a0c:5100::/29
Signature Algorithm: sha256WithRSAEncryption
55:d5:b7:19:f5:ec:2f:ba:a2:b5:f4:77:8d:63:9a:c5:61:13:
39:cb:74:22:83:53:24:49:83:1c:f7:0e:74:e9:94:f4:5c:81:
42:f0:c6:42:08:a4:a4:84:d9:05:46:0a:a1:90:21:2b:d8:5a:
c3:0a:6f:18:7f:bb:78:6c:c4:e1:a7:c0:0a:9a:ad:a4:ec:de:
b6:5b:c0:82:91:b0:34:92:ab:9a:2e:cf:c0:5b:e1:00:1f:79:
6b:c7:78:ca:24:a9:dc:95:39:b1:65:1c:0d:e0:b6:76:c4:ec:
5a:4c:01:48:cc:0a:c7:f0:49:63:c8:3a:23:1f:3f:ae:74:cd:
02:90:a3:97:62:78:e5:4c:3a:c6:db:8f:9b:86:ef:76:95:21:
63:5e:3a:f9:2e:1a:66:24:63:e8:a6:5d:27:5d:11:8b:52:1d:
7e:9d:f0:b3:b8:0c:34:9d:4b:51:ab:52:70:16:fb:7b:c6:df:
52:d1:14:5b:f8:0e:ed:6f:1c:d1:bf:75:86:5e:49:a8:ef:9a:
cd:81:30:12:4c:c7:f0:1a:af:d8:68:01:ca:0b:e7:1f:6b:8f:
16:db:86:12:b5:8c:b4:48:05:be:6d:70:c2:33:13:78:65:df:
4b:01:39:fc:5e:be:62:9d:14:ac:49:d0:16:04:2d:99:c7:1e:
e0:4f:e9:5d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVweaqaNYax2t47ytwhBwt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkOGY3ZWI0ZDI1NDhmOWNjYmYzY2IzOGU3MDJhMTkwYzEx
NzQyZjUwHhcNMjMwMTAyMDMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzZkNmU4ZjdiMzhiNGFlYjk5NTYzMzg4Yjg5MDk2OWNlOTVmY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7WvXsslfWWwLlL+enn+kaf9ylaW
0XOe2dCrhjCcbGf9CmJxgoYNg+BpUE6ccPvnxldq3nt7P4uzf21FCjQps0qJ2IHO
f2NFGWsigWZB5jVPsIQh4QtCphy+E5nHORFhnEGyNZ8duqCWBN7Qs/Fj12uYRpLU
JysfQmj/LaNB5CdtCQnyL+O9b3fQePH2K1k3u/KG8CF739iNgh4lgSdXd9Jw2/3o
fzc8tCsqnjEPjdw/zXI0o7vsd+ste7+XuKAcLhKTHuESswCFJ9Ysrs709RdreLEz
GPn6pIETZjSXWwogU8WmcyxFrpgGW7fNtU//ZHls4fLbc4chzHxk7+3u5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAxtbo97OLSuuZVjOIuJCWnOlfz7MB8GA1UdIwQY
MBaAFI2PfrTSVI+cy/PLOOcCoZDBF0L1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalk5LXROSlVqNXpMODhzNDV3S2hrTUVYUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMjYxZWItYzdjZC00NTRkLTg0YTYt
YWZkMjcyZGQwZmI1LzEvREcxdWozczR0SzY1bFdNNGk0a0phYzZWX1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMjYxZWItYzdjZC00NTRkLTg0YTYtYWZkMjcyZGQwZmI1
LzEvalk5LXROSlVqNXpMODhzNDV3S2hrTUVYUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuedgAwQA
wYpsAwQCw4zoMA0EAgACMAcDBQMqDFEAMA0GCSqGSIb3DQEBCwUAA4IBAQBV1bcZ
9ewvuqK19HeNY5rFYRM5y3Qig1MkSYMc9w506ZT0XIFC8MZCCKSkhNkFRgqhkCEr
2FrDCm8Yf7t4bMThp8AKmq2k7N62W8CCkbA0kquaLs/AW+EAH3lrx3jKJKnclTmx
ZRwN4LZ2xOxaTAFIzArH8EljyDojHz+udM0CkKOXYnjlTDrG24+bhu92lSFjXjr5
LhpmJGPopl0nXRGLUh1+nfCzuAw0nUtRq1JwFvt7xt9S0RRb+A7tbxzRv3WGXkmo
75rNgTASTMfwGq/YaAHKC+cfa48W24YStYy0SAW+bXDCMxN4Zd9LATn8Xr5inRSs
SdAWBC2Zxx7gT+ld
-----END CERTIFICATE-----
Generated at Fri May 9 02:07:45 2025 by rpki-client