Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d8d705-62ef-4e66-b7e6-e83e5ff618dd/1/1-aMmYiB2YOjmKICST1iGZtX9rgk.roa
File: 1-aMmYiB2YOjmKICST1iGZtX9rgk.roa (raw, json)
Hash identifier: jcyR2itFDsj6b5etU/emhW4jiYDZeJXlCKfoOyl9QUQ=
Subject key identifier: F9:A3:26:62:20:76:60:E8:E6:28:80:92:4F:58:86:66:D5:FD:AE:09
Certificate issuer: /CN=a4f0bedb978e1928d1e970ca2ed96937118fff68
Certificate serial: FF7028
Authority key identifier: A4:F0:BE:DB:97:8E:19:28:D1:E9:70:CA:2E:D9:69:37:11:8F:FF:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPC-25eOGSjR6XDKLtlpNxGP_2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d8d705-62ef-4e66-b7e6-e83e5ff618dd/1/1-aMmYiB2YOjmKICST1iGZtX9rgk.roa
Signing time: Sat 01 Jan 2022 11:02:38 +0000
ROA not before: Sat 01 Jan 2022 11:02:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196752
IP address blocks: 164.138.30.0/23 maxlen: 24
37.252.120.0/21 maxlen: 24
91.213.195.0/24 maxlen: 24
164.138.24.0/21 maxlen: 24
185.24.220.0/22 maxlen: 24
84.22.96.0/19 maxlen: 24
84.22.96.0/22 maxlen: 24
84.22.100.0/23 maxlen: 24
84.22.118.0/23 maxlen: 24
84.22.122.0/24 maxlen: 24
46.19.32.0/21 maxlen: 24
46.19.36.0/22 maxlen: 24
2a02:2770::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16740392 (0xff7028)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f0bedb978e1928d1e970ca2ed96937118fff68
Validity
Not Before: Jan 1 11:02:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9a32662207660e8e62880924f588666d5fdae09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:48:63:e3:7a:ee:b1:f6:ee:b7:66:13:a7:
da:cc:1e:8e:50:96:f2:90:97:d3:77:10:0c:8a:12:
c3:c7:5c:d0:91:e1:63:37:b2:f4:94:c9:87:81:c6:
1b:99:a6:76:37:46:fd:2d:84:f2:21:d6:89:48:9f:
95:3d:58:15:7a:16:52:a3:c3:7c:04:3f:bd:52:61:
dc:ad:7b:af:17:23:c4:95:7d:02:79:a9:92:1f:dd:
f5:30:90:b5:2c:87:2e:cd:8b:20:5f:5e:33:f9:95:
ba:24:32:6b:1e:aa:cb:ea:70:ef:d7:67:9b:32:14:
7b:c5:f2:83:17:3e:6a:ca:c7:1a:f6:07:f3:8a:09:
63:cb:f9:93:48:c2:90:78:9f:e9:19:f0:64:a3:e4:
83:e1:48:20:82:c5:f4:b1:9b:3a:88:54:7e:f8:f8:
9a:66:08:27:a5:be:4c:a7:cc:fd:49:d4:b5:4b:67:
3b:06:70:05:ac:b4:62:6e:d7:77:d5:d0:26:5d:68:
1f:31:d0:ac:9f:7c:42:60:09:94:8a:6c:a3:ae:19:
ad:ed:b7:df:94:49:73:36:fd:45:40:ac:cf:7e:1b:
15:eb:fd:53:80:19:57:86:34:d9:6f:ab:3d:3b:72:
f0:f3:e0:42:c1:d0:8d:eb:4b:0e:a0:1b:8c:8a:af:
27:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A3:26:62:20:76:60:E8:E6:28:80:92:4F:58:86:66:D5:FD:AE:09
X509v3 Authority Key Identifier:
keyid:A4:F0:BE:DB:97:8E:19:28:D1:E9:70:CA:2E:D9:69:37:11:8F:FF:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPC-25eOGSjR6XDKLtlpNxGP_2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d8d705-62ef-4e66-b7e6-e83e5ff618dd/1/1-aMmYiB2YOjmKICST1iGZtX9rgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d8d705-62ef-4e66-b7e6-e83e5ff618dd/1/pPC-25eOGSjR6XDKLtlpNxGP_2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.120.0/21
46.19.32.0/21
84.22.96.0/19
91.213.195.0/24
164.138.24.0/21
185.24.220.0/22
IPv6:
2a02:2770::/32
Signature Algorithm: sha256WithRSAEncryption
49:bc:0c:42:d1:b3:0a:fc:7f:84:aa:a5:a0:37:18:c5:6e:a8:
8f:95:8a:fd:49:b1:55:be:6d:27:22:96:4f:bc:75:45:97:42:
1f:20:d7:a6:d1:b1:48:a4:44:2b:de:51:f7:b9:62:2e:49:ff:
e4:4c:04:7e:88:f9:1c:59:fb:87:56:b1:83:30:99:4d:0c:49:
76:74:2d:ca:c6:01:98:ad:51:b2:45:ee:de:b5:ae:37:26:4d:
06:ce:c3:99:fb:49:bd:6a:04:d6:dc:39:eb:dc:03:3c:ff:29:
50:04:22:8f:78:07:a1:98:1d:b0:2f:08:86:a7:97:e7:58:0d:
9f:b2:c0:39:f6:b7:ac:3a:78:1b:83:ba:ee:36:5c:29:f7:77:
a7:f4:91:51:f0:a2:c2:12:50:68:8a:c4:a1:99:a5:cd:97:ab:
d0:87:c5:6d:73:8c:a4:91:94:75:cb:66:51:5c:9f:04:1d:45:
a9:48:cd:95:48:8a:b0:b6:94:e0:6b:7f:42:98:4a:68:ba:c0:
54:f3:29:d4:36:d2:2b:51:59:65:f4:25:61:77:9b:5c:77:e5:
98:74:ea:f2:10:81:88:ab:6c:8e:6f:73:92:6f:5f:eb:39:e9:
95:8e:60:ef:d2:0d:4e:f2:c0:10:27:1a:ba:95:7a:c8:7a:fe:
0f:fd:63:68
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEAP9wKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGYwYmVkYjk3OGUxOTI4ZDFlOTcwY2EyZWQ5NjkzNzExOGZmZjY4MB4XDTIyMDEw
MTExMDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlhMzI2NjIyMDc2
NjBlOGU2Mjg4MDkyNGY1ODg2NjZkNWZkYWUwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL70SGPjeu6x9u63ZhOn2swejlCW8pCX03cQDIoSw8dc0JHh
Yzey9JTJh4HGG5mmdjdG/S2E8iHWiUiflT1YFXoWUqPDfAQ/vVJh3K17rxcjxJV9
Anmpkh/d9TCQtSyHLs2LIF9eM/mVuiQyax6qy+pw79dnmzIUe8Xygxc+asrHGvYH
84oJY8v5k0jCkHif6RnwZKPkg+FIIILF9LGbOohUfvj4mmYIJ6W+TKfM/UnUtUtn
OwZwBay0Ym7Xd9XQJl1oHzHQrJ98QmAJlIpso64Zre2335RJczb9RUCsz34bFev9
U4AZV4Y02W+rPTty8PPgQsHQjetLDqAbjIqvJ+8CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBT5oyZiIHZg6OYogJJPWIZm1f2uCTAfBgNVHSMEGDAWgBSk8L7bl44ZKNHp
cMou2Wk3EY//aDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BQQy0yNWVPR1NqUjZYREtMdGxwTnhHUF8yZy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvZDhkNzA1LTYyZWYtNGU2Ni1iN2U2LWU4M2U1ZmY2MThkZC8x
LzEtYU1tWWlCMllPam1LSUNTVDFpR1p0WDlyZ2sucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0
L2Q4ZDcwNS02MmVmLTRlNjYtYjdlNi1lODNlNWZmNjE4ZGQvMS9wUEMtMjVlT0dT
alI2WERLTHRscE54R1BfMmcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
TAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQDBAMl/HgDBAMuEyADBAVUFmADBABb
1cMDBAOkihgDBAK5GNwwDQQCAAIwBwMFACoCJ3AwDQYJKoZIhvcNAQELBQADggEB
AEm8DELRswr8f4SqpaA3GMVuqI+Viv1JsVW+bScilk+8dUWXQh8g16bRsUikRCve
Ufe5Yi5J/+RMBH6I+RxZ+4dWsYMwmU0MSXZ0LcrGAZitUbJF7t61rjcmTQbOw5n7
Sb1qBNbcOevcAzz/KVAEIo94B6GYHbAvCIanl+dYDZ+ywDn2t6w6eBuDuu42XCn3
d6f0kVHwosISUGiKxKGZpc2Xq9CHxW1zjKSRlHXLZlFcnwQdRalIzZVIirC2lOBr
f0KYSmi6wFTzKdQ20itRWWX0JWF3m1x35Zh06vIQgYirbI5vc5JvX+s56ZWOYO/S
DU7ywBAnGrqVesh6/g/9Y2g=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:22:32 2025 by rpki-client