Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b81d08-66c9-4be9-a221-aff871b5b5f7/1/DKEVSXgItHxtbvWq1zt1D7nwyrA.roa
File: DKEVSXgItHxtbvWq1zt1D7nwyrA.roa (raw, json)
Hash identifier: m/iF4qnPUaJOPgGR1hUWDqCkJ3U7huTCySIaDA8ccHI=
Subject key identifier: 0C:A1:15:49:78:08:B4:7C:6D:6E:F5:AA:D7:3B:75:0F:B9:F0:CA:B0
Certificate issuer: /CN=61edfe7a4fc64de529d162df2fed0780c6e5e1a8
Certificate serial: 01856C4A56BE1F525CA78F0FCCB3B3036AAF
Authority key identifier: 61:ED:FE:7A:4F:C6:4D:E5:29:D1:62:DF:2F:ED:07:80:C6:E5:E1:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ye3-ek_GTeUp0WLfL-0HgMbl4ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b81d08-66c9-4be9-a221-aff871b5b5f7/1/DKEVSXgItHxtbvWq1zt1D7nwyrA.roa
Signing time: Sun 01 Jan 2023 07:44:49 +0000
ROA not before: Sun 01 Jan 2023 07:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 193.134.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:56:be:1f:52:5c:a7:8f:0f:cc:b3:b3:03:6a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61edfe7a4fc64de529d162df2fed0780c6e5e1a8
Validity
Not Before: Jan 1 07:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ca115497808b47c6d6ef5aad73b750fb9f0cab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3e:ac:1c:6a:f8:f5:1a:de:7c:e7:f5:5a:9a:
d9:b6:e4:d9:0e:d1:a4:8a:20:c2:4a:59:48:8d:b6:
76:65:f9:8c:3c:dc:ec:07:f0:86:9a:1c:1e:84:9b:
8d:39:2f:45:60:8a:63:00:89:20:2c:27:ae:fc:9e:
03:26:35:85:da:17:2b:45:64:1b:51:62:70:36:21:
f3:c0:68:99:77:79:62:8e:34:66:fc:cd:ee:59:ea:
a1:e8:71:fb:b3:1a:e4:d5:6f:b2:aa:ce:7c:de:9b:
83:9c:51:83:ab:f3:f9:fc:c8:7a:a3:df:07:df:af:
a6:99:e1:eb:2d:bc:75:c9:a7:30:f2:1e:45:93:76:
6b:b5:22:f4:aa:e2:cd:75:d4:f8:6a:cf:f0:23:e0:
b2:86:48:7b:75:5a:60:bc:e7:b0:6b:88:b7:71:24:
af:a6:a7:8b:13:95:ab:d0:e3:ae:50:8e:84:76:bc:
ca:66:15:c0:3f:56:5d:8d:83:61:c3:c9:48:18:a5:
0f:20:54:7c:03:06:9f:eb:7d:31:bd:15:9e:bf:5d:
bb:8e:17:11:bd:1f:f5:d0:34:c3:20:18:65:19:9a:
ad:f9:68:87:a5:84:98:88:69:76:ea:f3:3b:2d:ba:
96:c6:fb:8c:24:34:42:c4:84:d5:11:cf:44:85:5f:
64:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A1:15:49:78:08:B4:7C:6D:6E:F5:AA:D7:3B:75:0F:B9:F0:CA:B0
X509v3 Authority Key Identifier:
keyid:61:ED:FE:7A:4F:C6:4D:E5:29:D1:62:DF:2F:ED:07:80:C6:E5:E1:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ye3-ek_GTeUp0WLfL-0HgMbl4ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b81d08-66c9-4be9-a221-aff871b5b5f7/1/DKEVSXgItHxtbvWq1zt1D7nwyrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b81d08-66c9-4be9-a221-aff871b5b5f7/1/Ye3-ek_GTeUp0WLfL-0HgMbl4ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:a6:41:3c:d6:1b:0d:aa:9f:9f:9a:aa:46:11:5e:44:8f:be:
05:f2:75:3a:aa:10:2c:e6:f9:ac:4e:47:12:b7:df:7e:4c:38:
e3:4f:61:77:db:63:b7:25:51:6a:2d:0d:9f:05:f5:ec:ca:4f:
86:61:88:aa:4e:7a:ce:56:c9:49:76:dc:ac:39:b2:d9:95:e7:
e2:a3:6f:15:46:86:5d:d1:34:ec:aa:59:8d:9d:83:ec:b5:3b:
8d:30:12:a8:7e:f6:8b:23:8c:36:55:19:0f:96:86:e6:ac:7d:
97:32:63:c1:9c:1e:0b:fb:90:21:ba:f4:3e:85:c5:ae:77:f4:
ae:df:ea:c5:e8:24:69:c6:05:73:3d:e0:72:96:3d:b0:0c:84:
ee:99:9b:3e:06:2e:48:61:43:7a:0a:68:a9:cd:7e:17:24:4d:
15:ec:f0:b7:77:e4:8e:b6:4b:5a:83:cb:67:7e:3c:53:93:c6:
21:84:a5:36:94:ea:6b:cd:d9:c6:d6:59:84:3b:71:ee:8a:58:
17:b9:5a:55:1b:11:cd:0d:e0:e6:43:b9:3a:30:52:64:73:59:
7e:b7:ed:db:b5:3c:50:76:9f:ad:f7:04:0d:27:89:6b:27:ca:
20:26:9a:41:fe:be:50:a9:85:02:db:4a:88:2b:d2:6f:df:08:
3c:b8:08:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSla+H1Jcp48PzLOzA2qvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZWRmZTdhNGZjNjRkZTUyOWQxNjJkZjJmZWQwNzgwYzZl
NWUxYTgwHhcNMjMwMTAxMDc0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ExMTU0OTc4MDhiNDdjNmQ2ZWY1YWFkNzNiNzUwZmI5ZjBjYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4D6sHGr49RrefOf1WprZtuTZDtGk
iiDCSllIjbZ2ZfmMPNzsB/CGmhwehJuNOS9FYIpjAIkgLCeu/J4DJjWF2hcrRWQb
UWJwNiHzwGiZd3lijjRm/M3uWeqh6HH7sxrk1W+yqs583puDnFGDq/P5/Mh6o98H
36+mmeHrLbx1yacw8h5Fk3ZrtSL0quLNddT4as/wI+Cyhkh7dVpgvOewa4i3cSSv
pqeLE5Wr0OOuUI6EdrzKZhXAP1ZdjYNhw8lIGKUPIFR8Awaf630xvRWev127jhcR
vR/10DTDIBhlGZqt+WiHpYSYiGl26vM7LbqWxvuMJDRCxITVEc9EhV9kAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyhFUl4CLR8bW71qtc7dQ+58MqwMB8GA1UdIwQY
MBaAFGHt/npPxk3lKdFi3y/tB4DG5eGoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWUzLWVrX0dUZVVwMFdMZkwtMEhnTWJsNGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iODFkMDgtNjZjOS00YmU5LWEyMjEt
YWZmODcxYjViNWY3LzEvREtFVlNYZ0l0SHh0YnZXcTF6dDFEN253eXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iODFkMDgtNjZjOS00YmU5LWEyMjEtYWZmODcxYjViNWY3
LzEvWWUzLWVrX0dUZVVwMFdMZkwtMEhnTWJsNGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYb8MA0G
CSqGSIb3DQEBCwUAA4IBAQBfpkE81hsNqp+fmqpGEV5Ej74F8nU6qhAs5vmsTkcS
t99+TDjjT2F322O3JVFqLQ2fBfXsyk+GYYiqTnrOVslJdtysObLZlefio28VRoZd
0TTsqlmNnYPstTuNMBKofvaLI4w2VRkPlobmrH2XMmPBnB4L+5AhuvQ+hcWud/Su
3+rF6CRpxgVzPeBylj2wDITumZs+Bi5IYUN6CmipzX4XJE0V7PC3d+SOtktag8tn
fjxTk8YhhKU2lOprzdnG1lmEO3HuilgXuVpVGxHNDeDmQ7k6MFJkc1l+t+3btTxQ
dp+t9wQNJ4lrJ8ogJppB/r5QqYUC20qIK9Jv3wg8uAhm
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:15:58 2025 by rpki-client