Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Ld0dq-MTBQcQ0AsDIm6Sxly0iOY.roa
File: Ld0dq-MTBQcQ0AsDIm6Sxly0iOY.roa (raw, json)
Hash identifier: skrsXIJ+zjefF5weIuo+IGnUexvDzpdTzJyCnaLlSo8=
Subject key identifier: 2D:DD:1D:AB:E3:13:05:07:10:D0:0B:03:22:6E:92:C6:5C:B4:88:E6
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0188BEA6D1D56D1DE9F16DD357FC77E1D5BB
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Ld0dq-MTBQcQ0AsDIm6Sxly0iOY.roa
Signing time: Thu 15 Jun 2023 10:43:03 +0000
ROA not before: Thu 15 Jun 2023 10:43:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 212.68.180.0/22 maxlen: 22
212.68.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:a6:d1:d5:6d:1d:e9:f1:6d:d3:57:fc:77:e1:d5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jun 15 10:43:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ddd1dabe313050710d00b03226e92c65cb488e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:66:64:1e:9c:31:6e:b6:db:df:00:db:8b:82:
0f:96:7f:11:ed:2a:33:f4:3b:d9:96:56:6f:83:94:
28:e3:a9:30:ed:88:2d:9e:dd:b8:fc:b6:1c:62:cf:
7f:f9:08:10:5f:4c:34:b0:34:59:fe:64:0c:6d:9f:
49:be:03:15:48:a4:6d:97:79:09:3b:bf:41:d3:7a:
3d:a9:81:bd:a8:9b:13:96:b2:9e:eb:fe:02:f9:72:
eb:d9:66:fd:92:de:66:73:58:31:fa:03:ca:81:81:
69:b6:76:28:4b:85:35:db:5f:60:bc:d9:a7:a4:25:
98:0d:3b:92:70:70:41:ed:ed:e8:f6:0a:e1:34:01:
b2:14:83:df:94:b3:26:19:5a:8b:06:45:c5:a4:47:
98:d0:67:c9:6a:fd:b0:39:46:3e:de:76:97:cb:f1:
0c:cf:64:39:38:bb:cc:c3:68:4a:eb:13:86:7f:ae:
0f:d0:09:30:1e:c9:03:a2:2d:3f:17:db:a7:da:ea:
47:5f:0b:ca:ce:67:96:25:af:b9:b2:5d:f1:a3:02:
81:aa:f5:14:16:9d:0f:1a:65:52:e5:62:6c:59:86:
87:90:43:c3:1a:47:ea:5c:63:7b:23:ba:58:54:74:
a4:e9:77:af:da:0e:e5:c9:c7:73:f3:8d:29:8b:39:
86:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DD:1D:AB:E3:13:05:07:10:D0:0B:03:22:6E:92:C6:5C:B4:88:E6
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Ld0dq-MTBQcQ0AsDIm6Sxly0iOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.180.0/22
212.68.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:62:3e:4d:cf:78:ec:c1:31:2f:a2:8d:54:66:65:92:85:92:
71:05:43:17:d2:34:d6:7a:9c:78:a1:cc:85:d1:60:fc:b5:10:
e7:6d:07:01:76:3d:fc:57:a3:d2:c1:5e:8c:13:36:56:45:7d:
dd:77:35:d2:59:35:4f:48:30:15:c1:54:8f:c3:7c:26:63:c6:
1c:62:1d:fd:bf:70:da:f4:63:95:a0:fe:21:24:df:f0:90:5f:
1c:b3:ab:f6:12:8b:f9:e2:f0:d3:64:54:9a:6d:5b:70:92:4f:
f2:b3:62:29:df:c7:6a:a4:27:ea:97:5b:75:57:3a:80:af:54:
05:05:a3:38:e7:7c:d4:d8:b0:11:ab:e3:43:d0:b5:a2:9f:2c:
6d:06:76:d2:62:be:48:9f:b0:3c:e8:9b:51:6b:cb:f9:5c:e7:
ad:28:5b:11:ac:ad:26:03:d2:d6:8e:03:1b:50:b0:b4:39:18:
97:c8:ba:3f:06:61:b0:4d:34:af:c1:48:d3:99:de:b0:71:de:
48:79:d6:79:7c:4b:b7:35:eb:c6:61:9f:30:97:3a:46:45:69:
0b:1f:b8:46:30:8f:d5:b9:03:ca:48:e4:69:ec:5d:47:3a:2b:
bd:da:3a:7e:8f:33:1d:21:7f:00:05:b5:8c:a0:dc:df:84:f8:
1e:b5:2a:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi+ptHVbR3p8W3TV/x34dW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMwNjE1MTA0MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRkMWRhYmUzMTMwNTA3MTBkMDBiMDMyMjZlOTJjNjVjYjQ4OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmZkHpwxbrbb3wDbi4IPln8R7Soz
9DvZllZvg5Qo46kw7Ygtnt24/LYcYs9/+QgQX0w0sDRZ/mQMbZ9JvgMVSKRtl3kJ
O79B03o9qYG9qJsTlrKe6/4C+XLr2Wb9kt5mc1gx+gPKgYFptnYoS4U1219gvNmn
pCWYDTuScHBB7e3o9grhNAGyFIPflLMmGVqLBkXFpEeY0GfJav2wOUY+3naXy/EM
z2Q5OLvMw2hK6xOGf64P0AkwHskDoi0/F9un2upHXwvKzmeWJa+5sl3xowKBqvUU
Fp0PGmVS5WJsWYaHkEPDGkfqXGN7I7pYVHSk6Xev2g7lycdz840pizmGewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3dHavjEwUHENALAyJuksZctIjmMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvTGQwZHEtTVRCUWNRMEFzREltNlN4bHkwaU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1ES0AwQC
1ES8MA0GCSqGSIb3DQEBCwUAA4IBAQAqYj5Nz3jswTEvoo1UZmWShZJxBUMX0jTW
epx4ocyF0WD8tRDnbQcBdj38V6PSwV6MEzZWRX3ddzXSWTVPSDAVwVSPw3wmY8Yc
Yh39v3Da9GOVoP4hJN/wkF8cs6v2Eov54vDTZFSabVtwkk/ys2Ip38dqpCfql1t1
VzqAr1QFBaM453zU2LARq+ND0LWinyxtBnbSYr5In7A86JtRa8v5XOetKFsRrK0m
A9LWjgMbULC0ORiXyLo/BmGwTTSvwUjTmd6wcd5IedZ5fEu3NevGYZ8wlzpGRWkL
H7hGMI/VuQPKSORp7F1HOiu92jp+jzMdIX8ABbWMoNzfhPgetSrl
-----END CERTIFICATE-----
Generated at Sun May 11 15:58:53 2025 by rpki-client