Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0dg8qL4gkJHQJBs84jNwcFnLaPw.roa
File: 0dg8qL4gkJHQJBs84jNwcFnLaPw.roa (raw, json)
Hash identifier: syTOc0mFMnNTBUf8fAJAPwFZFaSwLK8o/0ye5eXXBUs=
Subject key identifier: D1:D8:3C:A8:BE:20:90:91:D0:24:1B:3C:E2:33:70:70:59:CB:68:FC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018986ABB413266248EAFA31FA9B33F5D879
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0dg8qL4gkJHQJBs84jNwcFnLaPw.roa
Signing time: Mon 24 Jul 2023 06:52:26 +0000
ROA not before: Mon 24 Jul 2023 06:52:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 84.54.33.0/24 maxlen: 24
193.218.34.0/24 maxlen: 24
45.83.28.0/24 maxlen: 24
2a0b:64c5::/32 maxlen: 32
2a0b:64c6::/32 maxlen: 32
2a0b:64c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:86:ab:b4:13:26:62:48:ea:fa:31:fa:9b:33:f5:d8:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 24 06:52:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1d83ca8be209091d0241b3ce233707059cb68fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:37:ab:03:a8:40:98:58:23:8c:42:5e:d4:a5:
8a:a9:96:30:1b:de:94:2a:96:80:d2:c9:9c:ec:ad:
ea:e7:ae:59:05:18:c1:d6:dd:a5:8d:b7:e4:c8:cb:
02:fd:6d:d4:9e:21:9c:8a:b5:75:01:2b:6c:4b:12:
c8:3a:29:30:2d:b6:ee:9f:86:bc:73:64:db:76:9e:
1a:0e:26:26:5a:96:de:70:18:a9:ac:6f:4b:e4:a3:
9f:c0:ed:84:b4:28:24:12:01:d5:68:4f:65:69:be:
f6:36:64:07:20:aa:dc:bb:fa:ce:f7:8e:52:e8:06:
68:90:21:5d:68:99:e1:4f:77:7f:2b:68:64:eb:17:
ef:ca:91:93:18:07:99:db:bc:b7:64:cf:b0:d2:49:
72:9b:fe:7b:a0:c7:68:cf:f9:ba:2a:4f:cb:81:3c:
42:63:1a:da:a0:98:15:e9:7d:12:b3:e9:e5:73:87:
9a:e3:b7:8b:e5:81:26:14:d4:8b:ed:b8:44:4c:81:
97:eb:7c:83:28:f4:5f:0f:24:9e:d6:bc:e2:44:a7:
3f:40:32:2c:a9:52:d6:ac:94:1a:dd:8f:13:5b:bc:
e1:93:47:b2:ce:22:0a:73:e4:ca:be:c1:0d:49:73:
2e:d0:ef:5d:b1:7b:da:76:e4:e5:42:94:79:c0:7e:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D8:3C:A8:BE:20:90:91:D0:24:1B:3C:E2:33:70:70:59:CB:68:FC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0dg8qL4gkJHQJBs84jNwcFnLaPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.28.0/24
84.54.33.0/24
193.218.34.0/24
IPv6:
2a0b:64c4::-2a0b:64c6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
12:00:d7:9e:7d:5a:20:80:7f:c9:26:a7:83:cc:c0:43:1a:2a:
45:12:7e:27:ce:12:92:00:f0:44:b0:98:f9:36:df:84:df:88:
34:e3:e1:db:f2:39:5e:43:28:0a:eb:b6:a1:03:44:9e:0b:60:
28:6e:c0:ff:3c:e5:cf:29:1d:55:ae:78:95:0e:a0:45:11:44:
b0:64:9a:3a:24:39:e0:95:65:c3:87:ec:01:51:42:3b:36:4e:
3d:e4:5b:4c:03:b3:bd:20:19:46:3e:41:2e:10:1e:5f:fd:c2:
0f:b2:66:35:34:db:25:6a:29:64:1c:e8:e6:26:e9:f0:24:de:
25:f2:e7:8b:5e:d4:50:4c:a1:08:ea:38:de:c6:22:14:c4:35:
9b:d9:ee:09:e8:c6:dc:db:99:12:20:56:8e:eb:9a:28:ff:2b:
92:92:0a:03:98:09:92:43:a7:e0:5f:a2:74:d8:1a:e2:06:ab:
82:f2:c9:b7:59:34:e0:3b:cc:62:87:cc:22:4a:b9:d2:c6:8d:
44:bb:8f:f6:33:85:f9:a1:8d:14:fa:35:76:a2:7f:28:bb:96:
e1:a8:e2:29:d1:20:be:59:6e:ee:9d:3e:68:ba:fa:36:5b:2e:
d1:8a:3d:16:c1:46:3a:2e:70:9d:e9:2e:d3:0e:98:8b:8a:88:
ac:30:c8:4e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmGq7QTJmJI6vox+psz9dh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzI0MDY1MjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQ4M2NhOGJlMjA5MDkxZDAyNDFiM2NlMjMzNzA3MDU5Y2I2OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDerA6hAmFgjjEJe1KWKqZYwG96U
KpaA0smc7K3q565ZBRjB1t2ljbfkyMsC/W3UniGcirV1AStsSxLIOikwLbbun4a8
c2Tbdp4aDiYmWpbecBiprG9L5KOfwO2EtCgkEgHVaE9lab72NmQHIKrcu/rO945S
6AZokCFdaJnhT3d/K2hk6xfvypGTGAeZ27y3ZM+w0klym/57oMdoz/m6Kk/LgTxC
YxraoJgV6X0Ss+nlc4ea47eL5YEmFNSL7bhETIGX63yDKPRfDySe1rziRKc/QDIs
qVLWrJQa3Y8TW7zhk0eyziIKc+TKvsENSXMu0O9dsXvaduTlQpR5wH6hQQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNHYPKi+IJCR0CQbPOIzcHBZy2j8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMGRnOHFMNGdrSkhRSkJzODRqTndjRm5MYVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQALVMcAwQA
VDYhAwQAwdoiMBYEAgACMBAwDgMFAioLZMQDBQAqC2TGMA0GCSqGSIb3DQEBCwUA
A4IBAQASANeefVoggH/JJqeDzMBDGipFEn4nzhKSAPBEsJj5Nt+E34g04+Hb8jle
QygK67ahA0SeC2AobsD/POXPKR1VrniVDqBFEUSwZJo6JDnglWXDh+wBUUI7Nk49
5FtMA7O9IBlGPkEuEB5f/cIPsmY1NNslailkHOjmJunwJN4l8ueLXtRQTKEI6jje
xiIUxDWb2e4J6Mbc25kSIFaO65oo/yuSkgoDmAmSQ6fgX6J02BriBquC8sm3WTTg
O8xih8wiSrnSxo1Eu4/2M4X5oY0U+jV2on8ou5bhqOIp0SC+WW7unT5ouvo2Wy7R
ij0WwUY6LnCd6S7TDpiLioisMMhO
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:37:23 2025 by rpki-client