Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/daXzPwB1SIIeNjL3C1O2dwHp2S8.roa
File: daXzPwB1SIIeNjL3C1O2dwHp2S8.roa (raw, json)
Hash identifier: JFM8lzmKydWEEERWx7X9yDGNU2UdMN2BttN5GEvJrp4=
Subject key identifier: 75:A5:F3:3F:00:75:48:82:1E:36:32:F7:0B:53:B6:77:01:E9:D9:2F
Certificate issuer: /CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Certificate serial: 0588A2F4
Authority key identifier: DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/daXzPwB1SIIeNjL3C1O2dwHp2S8.roa
Signing time: Sat 01 Jan 2022 08:56:03 +0000
ROA not before: Sat 01 Jan 2022 08:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208566
IP address blocks: 195.191.235.0/24 maxlen: 24
45.128.217.0/24 maxlen: 24
45.128.216.0/24 maxlen: 24
2a0e:41c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92840692 (0x588a2f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Validity
Not Before: Jan 1 08:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75a5f33f007548821e3632f70b53b67701e9d92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d9:25:4f:5e:18:d0:e9:8b:0f:89:fa:52:d9:
7c:54:13:16:18:5b:d9:2b:db:c2:88:84:50:be:e5:
da:4e:d4:d9:0f:4a:a0:77:82:d0:0c:2f:a7:d5:cb:
10:5f:53:92:e9:5a:16:54:43:87:ac:f7:61:3c:b5:
4e:40:79:15:e5:1e:0b:3b:70:e1:07:26:f3:66:56:
a6:86:ed:e4:49:ac:41:16:75:a1:a1:1d:26:1a:c0:
8b:16:7f:f7:e6:fd:b6:ca:2e:06:99:21:ed:b2:a1:
0a:ff:15:f5:3b:19:ee:21:c0:74:7a:7d:11:d1:68:
f7:84:0c:00:1e:27:21:e5:8b:c9:da:12:99:aa:46:
79:55:33:74:3c:90:bc:4a:5b:aa:56:03:74:19:f5:
2d:0d:00:da:9d:78:fc:47:22:cf:4b:61:ea:f0:ca:
14:7f:bd:5f:bd:4a:27:01:c0:b5:1d:6c:b1:32:cb:
03:a3:70:01:48:55:3a:1c:24:dd:0a:f3:63:cd:23:
93:4b:c0:6b:8f:d0:4d:8a:d4:93:db:28:3b:78:83:
1d:a4:2e:e1:57:17:41:aa:84:f7:40:70:a9:f3:ff:
b3:98:03:1c:20:2a:47:63:05:55:dd:76:87:6e:c6:
fb:34:22:49:05:0a:a6:86:7e:2a:47:55:95:c7:6a:
18:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A5:F3:3F:00:75:48:82:1E:36:32:F7:0B:53:B6:77:01:E9:D9:2F
X509v3 Authority Key Identifier:
keyid:DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/daXzPwB1SIIeNjL3C1O2dwHp2S8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.216.0/23
195.191.235.0/24
IPv6:
2a0e:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:ea:39:ef:50:f5:f4:8f:64:51:22:3b:aa:e3:8e:33:ed:b9:
a1:b5:70:8a:fc:9a:4e:19:8a:15:ef:4a:53:22:e7:dd:6d:0a:
75:82:e7:58:31:09:b4:17:4e:a8:d0:ea:9d:b5:66:f8:e5:cb:
ae:4d:eb:87:c3:4a:2d:98:97:d0:c1:57:49:e0:3d:95:76:77:
34:fc:75:29:95:47:03:4f:d5:3e:db:c8:30:c4:f9:98:dc:36:
fc:8b:dd:a2:7d:bc:6d:c9:a1:d9:d3:0d:82:89:5b:63:a7:a0:
bb:7a:55:0c:4d:06:59:c1:76:01:d1:b9:e3:a2:6d:59:e5:3b:
28:92:4d:c6:5a:4a:77:e4:73:13:90:8f:78:dd:17:e8:42:1f:
e1:6c:be:4a:e6:08:c9:4e:31:ba:55:74:8f:b1:e1:95:7a:aa:
43:d2:34:10:f2:be:7e:a4:cf:98:71:64:47:54:c0:02:67:63:
18:63:65:4b:89:fb:63:97:f2:d5:cc:65:28:a6:41:a9:03:4c:
cb:f5:26:50:b4:5d:18:bd:ee:b6:57:70:2f:6f:24:be:09:83:
e5:c9:f1:26:8d:b0:a7:cc:25:88:e2:43:08:97:b4:a1:db:45:
cd:ec:fe:5c:a5:a5:1c:2c:8e:c6:47:c4:50:ab:03:21:bb:34:
20:fb:ab:07
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBYii9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2JjYWI0ODU5NTM2Y2Y5OTY1OTZlZjE5ZDJhNjQ2MTFkMDM2ZmU0MB4XDTIyMDEw
MTA4NTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVhNWYzM2YwMDc1
NDg4MjFlMzYzMmY3MGI1M2I2NzcwMWU5ZDkyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnZJU9eGNDpiw+J+lLZfFQTFhhb2SvbwoiEUL7l2k7U2Q9K
oHeC0Awvp9XLEF9TkulaFlRDh6z3YTy1TkB5FeUeCztw4Qcm82ZWpobt5EmsQRZ1
oaEdJhrAixZ/9+b9tsouBpkh7bKhCv8V9TsZ7iHAdHp9EdFo94QMAB4nIeWLydoS
mapGeVUzdDyQvEpbqlYDdBn1LQ0A2p14/Eciz0th6vDKFH+9X71KJwHAtR1ssTLL
A6NwAUhVOhwk3QrzY80jk0vAa4/QTYrUk9soO3iDHaQu4VcXQaqE90BwqfP/s5gD
HCAqR2MFVd12h27G+zQiSQUKpoZ+KkdVlcdqGBUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR1pfM/AHVIgh42MvcLU7Z3AenZLzAfBgNVHSMEGDAWgBTcvKtIWVNs+ZZZ
bvGdKmRhHQNv5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNMeXJTRmxUYlBtV1dXN3huU3BrWVIwRGItUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvY2E5Mjc0LTNhOTQtNGYxYS1iZWUyLTI2NmZlMjczN2I4Zi8x
L2RhWHpQd0IxU0lJZU5qTDNDMU8yZHdIcDJTOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
Y2E5Mjc0LTNhOTQtNGYxYS1iZWUyLTI2NmZlMjczN2I4Zi8xLzNMeXJTRmxUYlBt
V1dXN3huU3BrWVIwRGItUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAS2A2AMEAMO/6zANBAIAAjAHAwUD
Kg5BwDANBgkqhkiG9w0BAQsFAAOCAQEAc+o571D19I9kUSI7quOOM+25obVwivya
ThmKFe9KUyLn3W0KdYLnWDEJtBdOqNDqnbVm+OXLrk3rh8NKLZiX0MFXSeA9lXZ3
NPx1KZVHA0/VPtvIMMT5mNw2/Ivdon28bcmh2dMNgolbY6egu3pVDE0GWcF2AdG5
46JtWeU7KJJNxlpKd+RzE5CPeN0X6EIf4Wy+SuYIyU4xulV0j7HhlXqqQ9I0EPK+
fqTPmHFkR1TAAmdjGGNlS4n7Y5fy1cxlKKZBqQNMy/UmULRdGL3utldwL28kvgmD
5cnxJo2wp8wliOJDCJe0odtFzez+XKWlHCyOxkfEUKsDIbs0IPurBw==
-----END CERTIFICATE-----
Generated at Thu May 1 06:29:19 2025 by rpki-client