Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/aSS9Jb-Fxs33wfNlQMpFdx77XeQ.roa
File: aSS9Jb-Fxs33wfNlQMpFdx77XeQ.roa (raw, json)
Hash identifier: mRZSRugrtM7sOROflEm27FaUqAjdR0b281j+xJD+euY=
Subject key identifier: 69:24:BD:25:BF:85:C6:CD:F7:C1:F3:65:40:CA:45:77:1E:FB:5D:E4
Certificate issuer: /CN=4021dff35edf0ce6e428d6affc212c4717679ee1
Certificate serial: 08F27501
Authority key identifier: 40:21:DF:F3:5E:DF:0C:E6:E4:28:D6:AF:FC:21:2C:47:17:67:9E:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCHf817fDObkKNav_CEsRxdnnuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/aSS9Jb-Fxs33wfNlQMpFdx77XeQ.roa
Signing time: Sat 01 Jan 2022 02:00:37 +0000
ROA not before: Sat 01 Jan 2022 02:00:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50427
IP address blocks: 185.112.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150107393 (0x8f27501)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4021dff35edf0ce6e428d6affc212c4717679ee1
Validity
Not Before: Jan 1 02:00:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6924bd25bf85c6cdf7c1f36540ca45771efb5de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:1a:26:e8:b1:5f:26:26:66:e7:23:bd:40:
ed:1b:97:bd:f1:dc:4f:42:be:65:a4:14:74:12:3b:
2e:e3:ee:32:b6:f4:df:29:65:fe:2f:cb:d2:1e:7f:
31:cf:2d:f2:aa:cd:19:92:58:b7:a6:c6:21:03:6b:
8b:1c:0d:e1:85:3e:c1:87:f3:ee:c9:18:f0:fb:2d:
9d:5d:d4:47:3a:c8:4b:dd:1e:3b:75:f6:c8:c3:29:
85:dc:3b:50:cd:b0:64:c3:ba:b4:1d:ea:19:ee:1d:
b5:6a:b7:f6:f3:02:33:71:c5:5d:94:ef:d0:5c:23:
72:cf:32:4c:70:d7:93:6a:03:a0:30:80:57:f5:31:
33:fc:43:5a:91:4e:0d:ca:1f:fe:44:3c:5a:d0:7c:
15:fd:0e:e2:86:d1:d3:d6:72:6e:74:f7:40:b6:5b:
20:a3:b4:e2:8d:43:fd:c9:90:c0:e8:b8:94:39:ab:
a8:eb:34:5c:cb:24:34:be:4e:f8:4b:93:2a:9f:80:
f8:4c:a4:1b:67:6d:79:b2:97:d4:33:33:e4:35:ae:
df:63:5f:93:00:3e:b2:ed:78:35:13:5e:c5:58:df:
60:57:fa:cc:2d:20:b3:a2:3c:2f:99:ee:eb:5f:74:
16:62:5e:e1:8b:30:a8:a4:9f:d2:12:e7:d3:b7:d7:
70:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:24:BD:25:BF:85:C6:CD:F7:C1:F3:65:40:CA:45:77:1E:FB:5D:E4
X509v3 Authority Key Identifier:
keyid:40:21:DF:F3:5E:DF:0C:E6:E4:28:D6:AF:FC:21:2C:47:17:67:9E:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCHf817fDObkKNav_CEsRxdnnuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/aSS9Jb-Fxs33wfNlQMpFdx77XeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/QCHf817fDObkKNav_CEsRxdnnuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.224.0/22
Signature Algorithm: sha256WithRSAEncryption
58:fa:c2:5f:9d:ec:fb:4c:07:56:aa:5c:63:dc:c7:8a:5d:ad:
38:1f:93:15:5b:50:b1:77:4e:94:4a:b6:86:e9:1d:d3:8e:88:
44:27:c8:a7:3e:e6:61:c0:cb:c8:7c:cc:2f:1f:0b:e9:15:64:
89:82:dc:f9:a0:d0:98:d2:8a:e0:d3:e7:40:84:f9:c6:1f:13:
de:3d:01:a8:a7:99:14:ff:39:d7:15:d5:50:19:4a:f0:85:76:
99:38:e7:e5:30:6a:c6:71:22:1e:8d:c5:3e:6b:ef:de:20:48:
8f:5e:f8:36:b1:62:14:23:f4:78:22:b6:15:51:3a:7a:e6:9d:
80:79:ce:10:5a:13:24:52:51:da:62:74:3d:c0:31:b7:9a:1d:
08:98:7f:03:d4:fc:85:3c:60:33:4f:01:b8:8e:fc:36:62:f3:
54:fb:8f:bd:bb:ec:69:3f:02:c9:f0:dc:d1:23:36:0f:7c:2a:
f9:61:1a:8d:98:de:2c:ee:2b:ab:62:77:0d:d3:e1:e5:67:73:
07:f9:8b:62:b3:03:16:08:c9:f9:12:a3:78:0e:df:6f:78:1d:
af:b5:86:1b:c3:38:07:6e:7c:4b:8b:ab:2b:e1:fa:a9:24:6d:
1f:01:e3:0f:63:95:44:75:5f:b5:97:5e:8f:ee:ce:4c:69:39:
29:63:a5:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECPJ1ATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDIxZGZmMzVlZGYwY2U2ZTQyOGQ2YWZmYzIxMmM0NzE3Njc5ZWUxMB4XDTIyMDEw
MTAyMDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkyNGJkMjViZjg1
YzZjZGY3YzFmMzY1NDBjYTQ1NzcxZWZiNWRlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDuGibosV8mJmbnI71A7RuXvfHcT0K+ZaQUdBI7LuPuMrb0
3yll/i/L0h5/Mc8t8qrNGZJYt6bGIQNrixwN4YU+wYfz7skY8PstnV3URzrIS90e
O3X2yMMphdw7UM2wZMO6tB3qGe4dtWq39vMCM3HFXZTv0Fwjcs8yTHDXk2oDoDCA
V/UxM/xDWpFODcof/kQ8WtB8Ff0O4obR09ZybnT3QLZbIKO04o1D/cmQwOi4lDmr
qOs0XMskNL5O+EuTKp+A+EykG2dtebKX1DMz5DWu32NfkwA+su14NRNexVjfYFf6
zC0gs6I8L5nu6190FmJe4YswqKSf0hLn07fXcMsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpJL0lv4XGzffB82VAykV3Hvtd5DAfBgNVHSMEGDAWgBRAId/zXt8M5uQo
1q/8ISxHF2ee4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FDSGY4MTdmRE9ia0tOYXZfQ0VzUnhkbm51RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvMDE0MDg4LTU2ODQtNDljMi1iNjMwLWViNTNhNTE4YzI2My8x
L2FTUzlKYi1GeHMzM3dmTmxRTXBGZHg3N1hlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
MDE0MDg4LTU2ODQtNDljMi1iNjMwLWViNTNhNTE4YzI2My8xL1FDSGY4MTdmRE9i
a0tOYXZfQ0VzUnhkbm51RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlw4DANBgkqhkiG9w0BAQsFAAOC
AQEAWPrCX53s+0wHVqpcY9zHil2tOB+TFVtQsXdOlEq2hukd046IRCfIpz7mYcDL
yHzMLx8L6RVkiYLc+aDQmNKK4NPnQIT5xh8T3j0BqKeZFP851xXVUBlK8IV2mTjn
5TBqxnEiHo3FPmvv3iBIj174NrFiFCP0eCK2FVE6euadgHnOEFoTJFJR2mJ0PcAx
t5odCJh/A9T8hTxgM08BuI78NmLzVPuPvbvsaT8CyfDc0SM2D3wq+WEajZjeLO4r
q2J3DdPh5WdzB/mLYrMDFgjJ+RKjeA7fb3gdr7WGG8M4B258S4urK+H6qSRtHwHj
D2OVRHVftZdej+7OTGk5KWOlKQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:09 2025 by rpki-client