Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/odxpEmQ-ZeDA1nyyjUy1bSw_6UY.roa
File: odxpEmQ-ZeDA1nyyjUy1bSw_6UY.roa (raw, json)
Hash identifier: BhjXLCUVQubD7GFbntHM42khaO/xwevYYDE/dAsoEVM=
Subject key identifier: A1:DC:69:12:64:3E:65:E0:C0:D6:7C:B2:8D:4C:B5:6D:2C:3F:E9:46
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A3188BD7869615A4328D04CF84C3212ED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/odxpEmQ-ZeDA1nyyjUy1bSw_6UY.roa
Signing time: Sat 26 Aug 2023 11:09:19 +0000
ROA not before: Sat 26 Aug 2023 11:09:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 93.114.192.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:88:bd:78:69:61:5a:43:28:d0:4c:f8:4c:32:12:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 26 11:09:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1dc6912643e65e0c0d67cb28d4cb56d2c3fe946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ef:3e:b3:fa:91:3a:6b:66:81:6b:64:fd:b4:
c7:36:2f:92:b6:f5:4a:54:11:47:00:47:56:d8:f4:
31:86:d8:b1:0e:9c:95:71:24:a9:f2:70:84:a8:9e:
34:08:cf:fc:d5:a1:56:db:3d:75:29:d7:74:21:f7:
5f:50:13:ab:0f:7a:8d:01:08:d4:d7:4f:26:5e:8f:
3a:11:e2:50:10:73:ca:13:c1:05:e0:23:2f:2b:95:
5f:bd:70:6d:28:c1:29:23:d8:20:20:e0:91:bf:bd:
47:b7:ee:4d:b0:8d:46:6b:ea:1f:25:ad:5a:18:dc:
9e:9e:fd:75:ee:5e:10:9c:d4:e6:15:c7:26:77:90:
f7:c3:2d:0c:91:e9:ba:3f:d1:20:44:84:3a:e0:13:
e3:a7:ec:3d:e4:8a:3b:12:8d:da:3f:1d:5a:8d:ae:
13:12:68:36:40:71:13:f3:23:e9:a2:00:6f:2d:21:
d7:12:3a:85:8b:d5:96:2d:3b:8c:85:4b:1c:0f:11:
67:25:f8:82:ff:b9:47:5e:01:b0:69:79:5e:50:8b:
61:22:6c:54:de:e5:60:2b:90:f9:90:53:29:92:5e:
0c:ab:cc:a9:85:3d:ec:5e:4d:70:f6:f4:bd:1f:39:
12:a4:82:8b:21:b5:41:90:73:4f:ad:9e:ab:c9:b7:
2f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DC:69:12:64:3E:65:E0:C0:D6:7C:B2:8D:4C:B5:6D:2C:3F:E9:46
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/odxpEmQ-ZeDA1nyyjUy1bSw_6UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.212.132.0/24
188.212.155.0/24
188.212.158.0/23
188.240.68.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:2e:37:e8:7e:30:bf:e6:c8:ab:77:8f:bc:72:c8:f8:68:2b:
6b:02:2d:dd:ba:1b:50:4d:4d:e6:f5:86:2a:fc:df:54:23:1e:
0e:1e:27:1f:3e:63:c1:a1:46:b7:ee:d7:1c:3e:75:c2:23:4a:
b8:66:fa:c2:4c:54:4a:f9:f5:25:bc:f0:82:36:7a:cc:20:05:
75:8c:bd:26:bd:6b:66:f4:f2:8a:47:33:a0:50:6e:00:7d:33:
15:ca:ab:ae:84:5e:73:92:cd:e7:dd:cd:f7:b4:c8:c5:6c:df:
57:97:42:ab:43:99:ff:25:0d:4c:fd:44:f1:0a:c9:71:55:73:
20:ba:c1:9c:f0:5b:e6:55:34:e9:83:54:fc:a4:56:d1:f0:4f:
d4:1b:f0:fa:de:9b:da:c7:36:50:5c:9c:cb:18:4b:f1:11:ea:
32:ff:5e:57:7c:19:c6:4b:62:9c:d9:46:6c:42:b9:49:26:6f:
19:76:de:4c:d2:0c:de:26:92:55:f6:6b:47:2f:5d:d8:6c:58:
ad:19:29:5c:c8:d1:38:86:ed:5a:d2:5c:c4:88:fd:d7:dc:d9:
84:cb:1e:62:f7:a3:8e:dd:43:c7:03:f7:a8:0b:33:c5:56:ad:
34:81:29:3b:85:b7:d3:7d:cc:d6:9a:86:eb:83:8c:df:24:6a:
37:e4:7c:f6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYoxiL14aWFaQyjQTPhMMhLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODI2MTEwOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRjNjkxMjY0M2U2NWUwYzBkNjdjYjI4ZDRjYjU2ZDJjM2ZlOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu8+s/qROmtmgWtk/bTHNi+StvVK
VBFHAEdW2PQxhtixDpyVcSSp8nCEqJ40CM/81aFW2z11Kdd0IfdfUBOrD3qNAQjU
108mXo86EeJQEHPKE8EF4CMvK5VfvXBtKMEpI9ggIOCRv71Ht+5NsI1Ga+ofJa1a
GNyenv117l4QnNTmFccmd5D3wy0Mkem6P9EgRIQ64BPjp+w95Io7Eo3aPx1aja4T
Emg2QHET8yPpogBvLSHXEjqFi9WWLTuMhUscDxFnJfiC/7lHXgGwaXleUIthImxU
3uVgK5D5kFMpkl4Mq8yphT3sXk1w9vS9HzkSpIKLIbVBkHNPrZ6rybcvcQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKHcaRJkPmXgwNZ8so1MtW0sP+lGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb2R4cEVtUS1aZURBMW55eWpVeTFiU3dfNlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAWSU+AwQA
XXLAAwQAXXNtAwQAvNSEAwQAvNSbAwQBvNSeAwQAvPBEAwQAvPFuAwQAvPHWAwQA
vPHzMA0GCSqGSIb3DQEBCwUAA4IBAQAcLjfofjC/5sird4+8csj4aCtrAi3duhtQ
TU3m9YYq/N9UIx4OHicfPmPBoUa37tccPnXCI0q4ZvrCTFRK+fUlvPCCNnrMIAV1
jL0mvWtm9PKKRzOgUG4AfTMVyquuhF5zks3n3c33tMjFbN9Xl0KrQ5n/JQ1M/UTx
CslxVXMgusGc8FvmVTTpg1T8pFbR8E/UG/D63pvaxzZQXJzLGEvxEeoy/15XfBnG
S2Kc2UZsQrlJJm8Zdt5M0gzeJpJV9mtHL13YbFitGSlcyNE4hu1a0lzEiP3X3NmE
yx5i96OO3UPHA/eoCzPFVq00gSk7hbfTfczWmobrg4zfJGo35Hz2
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:24:07 2025 by rpki-client