Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/1-dctVtpMO04G1DCPMkTXELD41U4.roa
File: 1-dctVtpMO04G1DCPMkTXELD41U4.roa (raw, json)
Hash identifier: KpgEDs1q3oraZopHdrkQN2XMVYHHvSVi23zBfo2eKRY=
Subject key identifier: F9:D7:2D:56:DA:4C:3B:4E:06:D4:30:8F:32:44:D7:10:B0:F8:D5:4E
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 0188B36C0F87FE26D8ED8279E53C1B6D4148
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/1-dctVtpMO04G1DCPMkTXELD41U4.roa
Signing time: Tue 13 Jun 2023 06:23:03 +0000
ROA not before: Tue 13 Jun 2023 06:23:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203759
IP address blocks: 45.129.40.0/21 maxlen: 24
193.148.160.0/19 maxlen: 24
185.86.188.0/22 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
45.142.7.0/24 maxlen: 24
2a05:b540::/29 maxlen: 48
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:6c:0f:87:fe:26:d8:ed:82:79:e5:3c:1b:6d:41:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Jun 13 06:23:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9d72d56da4c3b4e06d4308f3244d710b0f8d54e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a1:6d:9d:14:8c:58:b9:b8:88:03:2c:d9:72:
be:8b:ca:cc:73:07:9a:a8:b8:2d:d5:bd:8b:f2:81:
9e:68:fa:ad:54:21:a1:1f:53:76:27:72:30:60:88:
4d:c1:39:6f:20:75:64:95:3d:a0:46:fc:ae:d4:d1:
39:52:54:8b:07:23:31:d3:b5:fb:77:7d:bf:93:96:
86:c7:af:fc:a8:1c:6a:ad:0a:9b:bb:0e:dd:73:b6:
6c:96:f0:e6:a4:a5:23:a7:bf:8e:78:e9:b2:e1:25:
35:e8:7f:2d:36:b8:de:67:0a:0c:e0:36:76:1a:08:
ab:8c:df:27:85:12:b6:01:6a:d4:ca:30:57:a8:6d:
e0:ce:a1:75:2d:88:f5:3f:d4:6c:70:37:5e:6c:d3:
dc:fa:71:b4:be:4c:d6:e6:2b:5e:e0:02:ae:d6:81:
03:9f:11:66:77:dc:e9:0d:1b:ba:6d:98:09:8c:91:
01:0d:b1:6d:85:0a:ec:90:1d:79:2a:df:06:a6:0f:
aa:94:d0:6e:12:de:89:66:65:49:a7:14:50:43:cf:
12:10:0c:8e:1b:ec:b4:c2:50:6b:21:b0:f4:f5:c6:
3e:e2:d0:8c:38:63:96:70:86:87:7d:ec:d6:85:f4:
b4:7f:61:2d:e0:6b:8f:f7:51:95:61:18:70:39:75:
a0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D7:2D:56:DA:4C:3B:4E:06:D4:30:8F:32:44:D7:10:B0:F8:D5:4E
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/1-dctVtpMO04G1DCPMkTXELD41U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.40.0/21
45.142.7.0/24
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
193.148.160.0/19
IPv6:
2a05:b540::/29
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
74:18:f8:cf:b3:77:fc:22:cc:85:fe:0c:3c:9e:5d:a6:c1:f3:
aa:32:a3:17:28:09:11:71:e3:60:be:ee:2a:b5:72:86:af:d9:
3f:c4:1e:6b:0b:dd:f9:9c:0a:aa:95:bf:bd:cd:b7:09:45:9b:
0a:c5:c1:65:cd:70:f9:59:10:53:fe:db:b0:d5:f7:0a:5d:cb:
9c:58:bb:49:6c:87:37:c9:93:bc:8f:dd:a6:45:32:f8:a9:34:
7b:02:02:0b:ba:cd:de:57:0c:c4:65:17:39:4c:03:ff:62:c8:
43:43:67:15:3c:d1:2c:84:bd:89:b5:07:05:c2:ca:05:df:b6:
77:a9:4b:c4:b1:c7:51:b7:47:c9:e6:4d:da:d7:ba:ce:eb:d0:
1f:bf:1e:30:00:da:d3:9d:ce:dc:4c:30:3e:b8:82:5d:d7:9f:
38:6a:79:23:4d:05:ea:06:57:b5:00:db:5c:88:a4:8f:be:f6:
4e:60:b3:eb:71:7a:8f:24:31:1b:0d:61:4d:85:d3:60:b3:6c:
b6:97:8c:93:a6:82:5e:8a:00:96:38:02:7e:38:22:cf:b8:a8:
79:7c:af:8a:01:35:f0:5d:4e:89:62:66:b2:c0:bb:7c:e6:01:
68:23:64:4d:85:27:5c:88:b3:4b:ca:e9:fe:98:49:67:66:cb:
71:da:f1:ed
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYizbA+H/ibY7YJ55TwbbUFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjMwNjEzMDYyMzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ3MmQ1NmRhNGMzYjRlMDZkNDMwOGYzMjQ0ZDcxMGIwZjhkNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqFtnRSMWLm4iAMs2XK+i8rMcwea
qLgt1b2L8oGeaPqtVCGhH1N2J3IwYIhNwTlvIHVklT2gRvyu1NE5UlSLByMx07X7
d32/k5aGx6/8qBxqrQqbuw7dc7ZslvDmpKUjp7+OeOmy4SU16H8tNrjeZwoM4DZ2
GgirjN8nhRK2AWrUyjBXqG3gzqF1LYj1P9RscDdebNPc+nG0vkzW5ite4AKu1oED
nxFmd9zpDRu6bZgJjJEBDbFthQrskB15Kt8Gpg+qlNBuEt6JZmVJpxRQQ88SEAyO
G+y0wlBrIbD09cY+4tCMOGOWcIaHfezWhfS0f2Et4GuP91GVYRhwOXWg+wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFPnXLVbaTDtOBtQwjzJE1xCw+NVOMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvMS1kY3RWdHBNTzA0RzFEQ1BNa1RYRUxENDFVNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWUvYWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNj
NC8xL2ttWUxJXzQ3aGtMV3YwZGZqcmY4clowVHhCTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEAy2BKAME
AC2OBwMEArlWvAMEArl8wAMEAsETgAMEBcGUoDAUBAIAAjAOAwUDKgW1QAMFAyoG
tQAwDQYJKoZIhvcNAQELBQADggEBAHQY+M+zd/wizIX+DDyeXabB86oyoxcoCRFx
42C+7iq1coav2T/EHmsL3fmcCqqVv73NtwlFmwrFwWXNcPlZEFP+27DV9wpdy5xY
u0lshzfJk7yP3aZFMvipNHsCAgu6zd5XDMRlFzlMA/9iyENDZxU80SyEvYm1BwXC
ygXftnepS8Sxx1G3R8nmTdrXus7r0B+/HjAA2tOdztxMMD64gl3XnzhqeSNNBeoG
V7UA21yIpI++9k5gs+txeo8kMRsNYU2F02CzbLaXjJOmgl6KAJY4An44Is+4qHl8
r4oBNfBdToliZrLAu3zmAWgjZE2FJ1yIs0vK6f6YSWdmy3Ha8e0=
-----END CERTIFICATE-----
Generated at Wed May 7 13:32:04 2025 by rpki-client