Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/dGeVLgiIn40Cph89qqrH4epMdNk.roa
File: dGeVLgiIn40Cph89qqrH4epMdNk.roa (raw, json)
Hash identifier: A6vvX8vXbBobBjwnEimBfyWbfvBZesy5MbW+A1rR+0g=
Subject key identifier: 74:67:95:2E:08:88:9F:8D:02:A6:1F:3D:AA:AA:C7:E1:EA:4C:74:D9
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01890776E2655C7175DD51A7B78EB6198B87
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/dGeVLgiIn40Cph89qqrH4epMdNk.roa
Signing time: Thu 29 Jun 2023 14:02:58 +0000
ROA not before: Thu 29 Jun 2023 14:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12414
IP address blocks: 217.26.96.0/20 maxlen: 24
82.139.64.0/18 maxlen: 24
185.117.108.0/22 maxlen: 22
5.199.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:07:76:e2:65:5c:71:75:dd:51:a7:b7:8e:b6:19:8b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jun 29 14:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7467952e08889f8d02a61f3daaaac7e1ea4c74d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:eb:be:b8:96:10:a1:4c:9a:45:17:72:b5:b9:
78:ba:d6:ab:45:af:98:27:1b:9d:0f:3d:71:3a:53:
41:4f:83:20:76:c5:2f:9f:3d:78:0f:05:dc:a6:eb:
c9:26:5e:4c:32:1c:b6:f4:8b:f5:ce:50:2a:25:9b:
57:7b:e9:a7:9b:29:7f:da:33:56:1d:a4:96:25:1a:
25:89:31:e6:25:e1:6e:9d:4d:a0:9f:6b:e7:e4:da:
c6:65:78:fd:b9:a7:d2:96:2c:11:25:a5:d8:10:21:
16:81:52:f9:44:99:f5:28:c5:32:5e:1c:64:13:f8:
42:73:15:70:47:e6:e7:45:a9:ae:83:22:41:c4:40:
90:c9:6a:90:1b:16:a3:15:6f:ff:42:a0:43:11:5e:
33:53:d1:85:d3:2e:08:05:c0:5f:50:d9:8d:20:a8:
e4:9f:35:a3:e8:5f:5c:25:78:72:39:23:c2:02:41:
2c:05:ba:45:28:2f:d3:73:4e:9a:9e:94:4c:a5:ac:
8a:bf:80:86:52:3f:b5:18:da:fc:8b:fe:f5:89:6a:
0e:f1:c7:80:2d:82:91:51:43:3a:a3:53:f2:76:b4:
80:e6:05:a7:48:60:70:24:76:21:23:bc:58:18:bf:
5b:ae:21:ff:01:05:0f:27:b9:ed:8b:f1:16:c6:f5:
5f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:67:95:2E:08:88:9F:8D:02:A6:1F:3D:AA:AA:C7:E1:EA:4C:74:D9
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/dGeVLgiIn40Cph89qqrH4epMdNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.144.0/20
82.139.64.0/18
185.117.108.0/22
217.26.96.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:77:06:66:7c:07:63:99:9b:a1:bf:a2:71:d3:7f:98:c8:0c:
12:58:e6:5d:0e:d1:90:a8:91:10:60:d6:09:36:1f:2f:4c:8d:
c5:2a:d2:b4:57:df:28:f7:e5:18:f0:72:69:99:5a:4d:a3:87:
db:4b:9b:d1:05:58:58:90:e3:52:e1:f5:02:df:f3:7c:f0:8e:
73:77:00:ff:81:95:22:37:f9:a4:54:06:0c:54:65:43:20:54:
a4:6e:40:f0:a5:33:7c:aa:c8:4f:e5:c6:71:0a:34:23:98:a5:
2f:72:3f:2e:f5:ec:a3:21:00:ef:61:2a:53:e5:b1:ac:21:12:
3a:d2:87:dc:40:a7:97:2b:53:be:f8:73:76:9b:e2:de:f3:04:
6a:ef:99:fc:2b:69:08:71:ab:04:e5:74:08:57:4e:be:a8:99:
db:3e:ae:1c:39:de:af:bb:e9:68:a7:79:92:ca:0f:49:94:eb:
f8:88:68:be:15:c1:08:27:ad:b4:0f:22:4f:e4:3b:29:5a:a8:
55:e8:a6:85:eb:81:cb:52:72:d2:84:d4:ba:36:8f:73:ca:24:
f6:ea:a4:92:de:f8:24:89:f4:d3:53:1a:17:2c:98:05:e7:10:
01:27:70:96:fe:be:16:3f:d2:46:f7:15:fc:f4:24:a1:62:b9:
49:8c:a7:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkHduJlXHF13VGnt462GYuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwNjI5MTQwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDY3OTUyZTA4ODg5ZjhkMDJhNjFmM2RhYWFhYzdlMWVhNGM3NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguu+uJYQoUyaRRdytbl4utarRa+Y
JxudDz1xOlNBT4MgdsUvnz14DwXcpuvJJl5MMhy29Iv1zlAqJZtXe+mnmyl/2jNW
HaSWJRoliTHmJeFunU2gn2vn5NrGZXj9uafSliwRJaXYECEWgVL5RJn1KMUyXhxk
E/hCcxVwR+bnRamugyJBxECQyWqQGxajFW//QqBDEV4zU9GF0y4IBcBfUNmNIKjk
nzWj6F9cJXhyOSPCAkEsBbpFKC/Tc06anpRMpayKv4CGUj+1GNr8i/71iWoO8ceA
LYKRUUM6o1PydrSA5gWnSGBwJHYhI7xYGL9briH/AQUPJ7nti/EWxvVf4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHRnlS4IiJ+NAqYfPaqqx+HqTHTZMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvZEdlVkxnaUluNDBDcGg4OXFxckg0ZXBNZE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBceQAwQG
UotAAwQCuXVsAwQE2RpgMA0GCSqGSIb3DQEBCwUAA4IBAQCqdwZmfAdjmZuhv6Jx
03+YyAwSWOZdDtGQqJEQYNYJNh8vTI3FKtK0V98o9+UY8HJpmVpNo4fbS5vRBVhY
kONS4fUC3/N88I5zdwD/gZUiN/mkVAYMVGVDIFSkbkDwpTN8qshP5cZxCjQjmKUv
cj8u9eyjIQDvYSpT5bGsIRI60ofcQKeXK1O++HN2m+Le8wRq75n8K2kIcasE5XQI
V06+qJnbPq4cOd6vu+lop3mSyg9JlOv4iGi+FcEIJ620DyJP5DspWqhV6KaF64HL
UnLShNS6No9zyiT26qSS3vgkifTTUxoXLJgF5xABJ3CW/r4WP9JG9xX89CShYrlJ
jKde
-----END CERTIFICATE-----
Generated at Sat May 10 19:54:20 2025 by rpki-client