Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/dQwH2nC-aovLLxAhHPNvKAL3VBk.roa
File: dQwH2nC-aovLLxAhHPNvKAL3VBk.roa (raw, json)
Hash identifier: 81sTs0Bdy6oX0jXY+sHL3Pllu9+7XxYoR2Qpll7VfwY=
Subject key identifier: 75:0C:07:DA:70:BE:6A:8B:CB:2F:10:21:1C:F3:6F:28:02:F7:54:19
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 01887118D25DEB1D67D7CE1B012BCE14B868
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/dQwH2nC-aovLLxAhHPNvKAL3VBk.roa
Signing time: Wed 31 May 2023 09:17:12 +0000
ROA not before: Wed 31 May 2023 09:17:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.8.196.0/22 maxlen: 24
83.136.104.0/21 maxlen: 24
95.141.36.0/23 maxlen: 24
94.198.101.0/24 maxlen: 24
158.58.172.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:18:d2:5d:eb:1d:67:d7:ce:1b:01:2b:ce:14:b8:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: May 31 09:17:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=750c07da70be6a8bcb2f10211cf36f2802f75419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:06:9b:a0:92:8b:93:b8:e9:74:a7:79:41:d1:
4b:30:ed:06:cb:20:35:6b:7e:1d:a0:81:16:90:f9:
b6:dc:31:2c:0a:8e:be:99:fb:aa:2f:17:e9:a4:b8:
ce:7e:63:87:8d:48:06:86:1c:31:5c:6d:19:e9:7f:
c5:42:b1:7a:db:33:66:0c:b9:43:1e:bd:f7:05:b4:
49:43:74:1c:54:25:cd:fe:a6:a4:d5:26:e2:66:8e:
18:0d:8d:2b:9e:ec:8a:10:18:df:19:0d:e6:9c:dd:
27:09:cf:65:f1:ca:6c:8b:b9:29:e3:03:11:03:7e:
cd:87:d3:6c:0b:a4:7b:91:d3:36:60:69:7f:06:5c:
73:7c:7b:c4:08:9b:ef:f4:b8:ef:c2:df:d6:e2:fc:
92:24:90:6a:3e:f3:26:f9:54:37:51:8f:24:1b:b9:
d0:39:34:43:b3:fe:9d:76:29:6e:dc:08:94:e2:38:
8e:ea:a7:66:76:c0:cf:89:5d:d0:70:35:a0:95:e4:
1e:e7:40:08:6a:d3:c7:9e:b5:71:c7:dd:cc:d3:b1:
5c:e7:30:37:a5:c5:5d:7e:32:dc:6c:0b:36:68:f3:
40:24:d2:f6:5a:76:77:38:a4:f4:75:51:4b:b0:07:
6b:87:37:9b:ab:2a:56:c9:f6:b2:03:e9:88:46:29:
b3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0C:07:DA:70:BE:6A:8B:CB:2F:10:21:1C:F3:6F:28:02:F7:54:19
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/dQwH2nC-aovLLxAhHPNvKAL3VBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/21
94.198.101.0/24
95.141.36.0/23
158.58.172.0/23
185.8.196.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:37:55:77:4d:07:85:87:14:84:59:35:24:b6:6d:be:7f:38:
7b:29:5f:9f:a8:42:3b:cc:eb:c6:d1:ff:5b:54:66:55:83:c9:
50:e6:e2:82:b7:03:c4:12:66:81:4b:19:24:17:2b:fa:7b:73:
e7:a5:d3:3a:70:23:0b:b0:0d:79:14:db:1d:ab:2c:ea:2a:f7:
4f:d9:69:bc:13:6e:df:10:68:f5:a9:19:54:22:0f:bc:76:d2:
ca:7f:0b:bf:d9:dd:87:c0:24:2e:80:4f:73:49:db:aa:db:ea:
5c:e1:c9:42:08:cd:e1:b8:4a:e4:47:1c:16:0a:e6:c4:7a:5c:
92:d0:c8:39:b5:2f:38:de:3f:d9:15:54:1c:20:ba:65:b6:e1:
f6:b3:b5:88:0f:59:47:a1:4d:54:bf:d4:7f:c5:57:65:79:c7:
3d:e7:0d:f2:89:10:b5:c0:08:71:23:7e:7b:75:50:4c:44:dd:
bf:09:e6:b9:7d:52:f1:6b:10:75:eb:08:a2:8d:4a:8f:66:66:
66:9b:e2:37:3f:b3:14:a9:47:f5:63:47:ad:fb:ad:32:38:00:
97:cb:00:86:de:54:11:19:14:0a:19:37:5e:7c:d7:8d:86:d7:
0f:bb:f0:93:ac:f2:d9:a7:ad:12:a7:4b:0e:6a:98:af:24:db:
aa:44:20:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhxGNJd6x1n184bASvOFLhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjMwNTMxMDkxNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBjMDdkYTcwYmU2YThiY2IyZjEwMjExY2YzNmYyODAyZjc1NDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgaboJKLk7jpdKd5QdFLMO0GyyA1
a34doIEWkPm23DEsCo6+mfuqLxfppLjOfmOHjUgGhhwxXG0Z6X/FQrF62zNmDLlD
Hr33BbRJQ3QcVCXN/qak1SbiZo4YDY0rnuyKEBjfGQ3mnN0nCc9l8cpsi7kp4wMR
A37Nh9NsC6R7kdM2YGl/BlxzfHvECJvv9Ljvwt/W4vySJJBqPvMm+VQ3UY8kG7nQ
OTRDs/6ddilu3AiU4jiO6qdmdsDPiV3QcDWgleQe50AIatPHnrVxx93M07Fc5zA3
pcVdfjLcbAs2aPNAJNL2WnZ3OKT0dVFLsAdrhzebqypWyfayA+mIRimzbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHUMB9pwvmqLyy8QIRzzbygC91QZMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvZFF3SDJuQy1hb3ZMTHhBaEhQTnZLQUwzVkJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDU4hoAwQA
XsZlAwQBX40kAwQBnjqsAwQCuQjEMA0GCSqGSIb3DQEBCwUAA4IBAQCwN1V3TQeF
hxSEWTUktm2+fzh7KV+fqEI7zOvG0f9bVGZVg8lQ5uKCtwPEEmaBSxkkFyv6e3Pn
pdM6cCMLsA15FNsdqyzqKvdP2Wm8E27fEGj1qRlUIg+8dtLKfwu/2d2HwCQugE9z
Sduq2+pc4clCCM3huErkRxwWCubEelyS0Mg5tS843j/ZFVQcILpltuH2s7WID1lH
oU1Uv9R/xVdlecc95w3yiRC1wAhxI357dVBMRN2/Cea5fVLxaxB16wiijUqPZmZm
m+I3P7MUqUf1Y0et+60yOACXywCG3lQRGRQKGTdefNeNhtcPu/CTrPLZp60Sp0sO
apivJNuqRCDY
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:26:19 2025 by rpki-client