Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/1-cfLtzju23-Q0kiEPHwgJSYZuZU.roa
File: 1-cfLtzju23-Q0kiEPHwgJSYZuZU.roa (raw, json)
Hash identifier: aALhITCgdkfTW2Xnxxj/KxP3o7pcwA8LkL8DDcAvEG8=
Subject key identifier: F9:C7:CB:B7:38:EE:DB:7F:90:D2:48:84:3C:7C:20:25:26:19:B9:95
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 15209670
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/1-cfLtzju23-Q0kiEPHwgJSYZuZU.roa
Signing time: Sat 01 Jan 2022 15:57:43 +0000
ROA not before: Sat 01 Jan 2022 15:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39605
IP address blocks: 193.84.18.0/24 maxlen: 24
78.40.120.0/21 maxlen: 24
185.60.92.0/22 maxlen: 24
158.58.176.0/21 maxlen: 24
2a02:4b8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 354457200 (0x15209670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jan 1 15:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9c7cbb738eedb7f90d248843c7c20252619b995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:32:31:c5:2c:e5:47:87:e2:6e:3e:eb:73:41:
a8:92:01:fc:10:7a:ec:14:d6:2d:79:f9:c1:78:62:
8c:d1:f6:8f:3a:3d:f0:81:53:ab:01:90:80:f2:79:
29:b8:eb:98:12:5f:91:a1:cd:13:bb:71:ae:bc:e1:
f3:be:58:d8:ca:13:85:7f:b1:db:cf:61:bf:81:f5:
a2:95:2d:13:c6:00:d2:6c:a7:e5:8f:e9:8f:29:e8:
6e:0a:c6:93:5c:6b:c1:aa:ff:df:8d:60:07:f2:0a:
2c:77:4e:5c:c9:a9:19:59:03:c1:fa:9d:d5:e4:34:
e7:6e:3b:22:ae:0a:b1:89:d2:b3:0f:45:42:64:fe:
bb:44:ce:d2:8e:12:a1:3d:e0:88:36:04:d6:66:85:
9b:9b:4c:e1:83:06:e5:f5:55:d5:c1:a4:fa:3d:f0:
f6:62:8a:30:8a:b4:c1:62:5b:33:20:56:3a:e0:1d:
98:89:61:c6:6f:8e:37:1e:2b:73:d8:6b:f4:a0:ac:
d9:7a:1a:fc:0e:af:fa:58:fb:1f:57:9b:b8:c4:87:
5d:93:a4:e5:4e:1b:82:4b:b4:16:1e:f4:1b:a7:79:
fd:5d:42:97:ea:14:6f:27:f9:df:38:a0:57:a0:b9:
f4:69:ad:98:90:3b:96:90:c9:78:2e:2c:db:bd:0a:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C7:CB:B7:38:EE:DB:7F:90:D2:48:84:3C:7C:20:25:26:19:B9:95
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/1-cfLtzju23-Q0kiEPHwgJSYZuZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.120.0/21
158.58.176.0/21
185.60.92.0/22
193.84.18.0/24
IPv6:
2a02:4b8::/29
Signature Algorithm: sha256WithRSAEncryption
14:5c:58:7a:28:26:bf:4b:91:62:28:fc:a9:02:73:c5:c7:cf:
4f:38:2b:c3:80:72:6f:3f:5d:f2:f9:f0:68:21:8b:10:21:08:
96:14:ac:f6:5f:43:51:76:78:8b:12:0e:47:68:ed:55:56:1f:
c3:06:b5:7a:85:73:dc:35:12:0b:f4:20:ab:d4:97:bc:1a:95:
7a:ad:20:38:f0:a8:12:7e:5b:51:2e:ee:e5:0b:85:f5:a9:24:
29:b1:91:f3:a4:0e:df:bf:9a:a6:c6:d5:18:01:91:d0:7e:8e:
9e:af:43:39:23:0e:04:17:2d:21:ee:cb:83:09:05:4e:05:83:
df:37:be:e6:06:a2:7c:08:31:d1:26:dc:1b:77:dd:95:c4:9b:
dc:1c:38:94:10:ea:f9:c4:4e:2f:ea:d9:60:4c:0f:ab:db:dc:
8c:d8:c0:7f:86:a2:81:26:34:72:4e:b6:fb:27:89:05:fa:22:
26:1a:6a:ce:5a:42:c9:9a:92:54:d9:4a:fb:29:e4:39:3d:81:
07:e2:6a:3a:47:a7:0d:98:97:ee:c3:2f:39:50:b3:2b:cd:51:
de:e1:bc:94:d2:97:ab:f9:14:d4:3a:fc:49:da:08:d1:e7:2b:
e3:ed:41:28:83:05:ed:59:b1:30:79:0e:f2:cf:f0:bb:bd:54:
c9:82:97:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEFSCWcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDc2ODNkNmVhNTM5ZmVmMWI2YjZkYmRkNzRhMzFkMDVlNWYwYTIzMB4XDTIyMDEw
MTE1NTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjljN2NiYjczOGVl
ZGI3ZjkwZDI0ODg0M2M3YzIwMjUyNjE5Yjk5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4yMcUs5UeH4m4+63NBqJIB/BB67BTWLXn5wXhijNH2jzo9
8IFTqwGQgPJ5KbjrmBJfkaHNE7txrrzh875Y2MoThX+x289hv4H1opUtE8YA0myn
5Y/pjynobgrGk1xrwar/341gB/IKLHdOXMmpGVkDwfqd1eQ05247Iq4KsYnSsw9F
QmT+u0TO0o4SoT3giDYE1maFm5tM4YMG5fVV1cGk+j3w9mKKMIq0wWJbMyBWOuAd
mIlhxm+ONx4rc9hr9KCs2Xoa/A6v+lj7H1ebuMSHXZOk5U4bgku0Fh70G6d5/V1C
l+oUbyf53zigV6C59GmtmJA7lpDJeC4s270KUOMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBT5x8u3OO7bf5DSSIQ8fCAlJhm5lTAfBgNVHSMEGDAWgBRNdoPW6lOf7xtr
bb3XSjHQXl8KIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RYYUQxdXBUbi04YmEyMjkxMG94MEY1ZkNpTS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvZTUxOTVkLTY2OTgtNDYwNC05MTE0LTY4YjM3NjhmNTBkYy8x
LzEtY2ZMdHpqdTIzLVEwa2lFUEh3Z0pTWVp1WlUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5
L2U1MTk1ZC02Njk4LTQ2MDQtOTExNC02OGIzNzY4ZjUwZGMvMS9UWGFEMXVwVG4t
OGJhMjI5MTBveDBGNWZDaU0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBANOKHgDBAOeOrADBAK5PFwDBADB
VBIwDQQCAAIwBwMFAyoCBLgwDQYJKoZIhvcNAQELBQADggEBABRcWHooJr9LkWIo
/KkCc8XHz084K8OAcm8/XfL58GghixAhCJYUrPZfQ1F2eIsSDkdo7VVWH8MGtXqF
c9w1Egv0IKvUl7walXqtIDjwqBJ+W1Eu7uULhfWpJCmxkfOkDt+/mqbG1RgBkdB+
jp6vQzkjDgQXLSHuy4MJBU4Fg983vuYGonwIMdEm3Bt33ZXEm9wcOJQQ6vnETi/q
2WBMD6vb3IzYwH+GooEmNHJOtvsniQX6IiYaas5aQsmaklTZSvsp5Dk9gQfiajpH
pw2Yl+7DLzlQsyvNUd7hvJTSl6v5FNQ6/EnaCNHnK+PtQSiDBe1ZsTB5DvLP8Lu9
VMmCl2k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:15 2025 by rpki-client