Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ClVFgo8uS0EQoXS3mQqfhsYP4Yc.roa
File: ClVFgo8uS0EQoXS3mQqfhsYP4Yc.roa (raw, json)
Hash identifier: N7C4phCShgExgA2Sdt/wmK9VlyWOwSlPYkGHyoUfiVA=
Subject key identifier: 0A:55:45:82:8F:2E:4B:41:10:A1:74:B7:99:0A:9F:86:C6:0F:E1:87
Certificate issuer: /CN=0291d4de130da6aace22ed99650be182497e0bcf
Certificate serial: 091A9C39
Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ClVFgo8uS0EQoXS3mQqfhsYP4Yc.roa
Signing time: Sat 01 Jan 2022 09:01:34 +0000
ROA not before: Sat 01 Jan 2022 09:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25415
IP address blocks: 193.107.184.0/22 maxlen: 22
185.27.8.0/22 maxlen: 22
2a0c:9bc0::/29 maxlen: 29
2a00:8920::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152738873 (0x91a9c39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf
Validity
Not Before: Jan 1 09:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a5545828f2e4b4110a174b7990a9f86c60fe187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:26:7e:1d:0b:85:2b:14:30:78:2a:8f:cf:e3:
a9:42:d2:90:0a:ff:90:6c:5a:bc:75:f2:f5:0a:e7:
e3:57:fc:0a:31:9b:91:52:9c:a6:7a:74:ce:7f:e7:
6e:ec:c7:2b:85:6d:60:4e:52:68:2d:40:3c:0b:a4:
3e:a5:13:15:28:94:03:74:7c:be:e8:dc:1d:d9:b1:
e1:5f:f6:54:b2:5a:0a:92:15:58:b3:ad:6e:83:8c:
82:d1:e1:37:3c:64:2e:1a:03:5b:99:5d:09:de:1b:
ac:5c:2d:d2:c6:d2:9f:0d:99:d6:47:2f:6f:c1:fe:
3e:bf:9d:72:83:fe:7e:b0:54:24:29:9e:7a:26:50:
d9:2c:25:30:08:d1:4d:4f:f4:47:01:14:9e:0d:f6:
dd:4c:5f:8b:7a:22:c9:0d:46:60:25:bf:50:1c:7d:
3d:c5:5b:80:9d:f4:c1:aa:23:56:2e:75:c9:ea:40:
2e:b0:22:69:8c:f1:cc:2b:12:dd:c6:cb:6f:d5:30:
55:c4:2b:51:5a:aa:71:2d:f7:b3:47:24:87:29:b0:
d9:47:51:dd:9a:5c:08:5b:4e:95:ed:f4:94:1f:75:
c0:12:bb:66:a0:64:eb:f8:f1:31:a6:8d:72:f3:d3:
ec:94:d2:2a:b3:08:c3:24:6b:d8:59:32:c0:f0:0d:
62:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:55:45:82:8F:2E:4B:41:10:A1:74:B7:99:0A:9F:86:C6:0F:E1:87
X509v3 Authority Key Identifier:
keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ClVFgo8uS0EQoXS3mQqfhsYP4Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.8.0/22
193.107.184.0/22
IPv6:
2a00:8920::/32
2a0c:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:18:c6:ca:49:9b:dc:92:b9:f6:b0:26:31:63:54:e6:42:dc:
08:c5:02:f4:d1:8f:ce:33:43:d6:33:a8:47:7a:45:ab:2b:9c:
57:98:10:d4:79:92:24:b3:5a:d9:08:c2:14:01:eb:98:67:be:
da:b7:43:60:a4:42:f8:d2:09:3d:14:e0:28:41:20:df:f5:f3:
93:c9:d3:c6:64:b3:de:b5:b6:b5:01:d0:72:bc:25:29:25:a2:
21:b3:6d:82:1c:f9:d3:9e:49:8b:92:be:94:e4:dd:c4:57:3a:
52:55:3f:b8:02:3c:0d:9b:56:c7:bc:30:60:c7:82:de:8a:63:
2d:73:5e:38:1c:3e:89:55:2c:96:42:92:13:d9:81:1a:6b:4b:
18:a6:64:41:e5:ca:91:96:e8:61:f3:18:e8:16:f4:7c:59:ce:
d9:3a:fc:c6:a4:15:f0:bd:44:ef:14:c2:c9:29:d9:04:40:23:
2d:16:ca:b7:91:0c:fb:93:b1:1d:ac:30:67:63:d1:26:3b:0a:
cc:3e:e2:60:39:36:0d:e4:1f:fa:7e:aa:cc:c8:cf:6c:1b:21:
8f:44:db:64:cc:2a:12:3e:93:29:1b:11:60:88:d2:02:21:13:
9a:cc:98:75:9e:2e:92:ac:f4:bb:94:e6:3d:f9:14:90:51:a2:
97:e6:d4:d2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECRqcOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjkxZDRkZTEzMGRhNmFhY2UyMmVkOTk2NTBiZTE4MjQ5N2UwYmNmMB4XDTIyMDEw
MTA5MDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE1NTQ1ODI4ZjJl
NGI0MTEwYTE3NGI3OTkwYTlmODZjNjBmZTE4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0mfh0LhSsUMHgqj8/jqULSkAr/kGxavHXy9Qrn41f8CjGb
kVKcpnp0zn/nbuzHK4VtYE5SaC1APAukPqUTFSiUA3R8vujcHdmx4V/2VLJaCpIV
WLOtboOMgtHhNzxkLhoDW5ldCd4brFwt0sbSnw2Z1kcvb8H+Pr+dcoP+frBUJCme
eiZQ2SwlMAjRTU/0RwEUng323Uxfi3oiyQ1GYCW/UBx9PcVbgJ30waojVi51yepA
LrAiaYzxzCsS3cbLb9UwVcQrUVqqcS33s0ckhymw2UdR3ZpcCFtOle30lB91wBK7
ZqBk6/jxMaaNcvPT7JTSKrMIwyRr2FkywPANYp8CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQKVUWCjy5LQRChdLeZCp+Gxg/hhzAfBgNVHSMEGDAWgBQCkdTeEw2mqs4i
7ZllC+GCSX4LzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FwSFUzaE1OcHFyT0l1MlpaUXZoZ2tsLUM4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvYTlhNDc5LTllMmYtNGNiMC04ZGVkLTc3ODE2ODEwNzdmNy8x
L0NsVkZnbzh1UzBFUW9YUzNtUXFmaHNZUDRZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
YTlhNDc5LTllMmYtNGNiMC04ZGVkLTc3ODE2ODEwNzdmNy8xL0FwSFUzaE1OcHFy
T0l1MlpaUXZoZ2tsLUM4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArkbCAMEAsFruDAUBAIAAjAOAwUA
KgCJIAMFAyoMm8AwDQYJKoZIhvcNAQELBQADggEBAJ8YxspJm9ySufawJjFjVOZC
3AjFAvTRj84zQ9YzqEd6RasrnFeYENR5kiSzWtkIwhQB65hnvtq3Q2CkQvjSCT0U
4ChBIN/185PJ08Zks961trUB0HK8JSkloiGzbYIc+dOeSYuSvpTk3cRXOlJVP7gC
PA2bVse8MGDHgt6KYy1zXjgcPolVLJZCkhPZgRprSximZEHlypGW6GHzGOgW9HxZ
ztk6/MakFfC9RO8Uwskp2QRAIy0WyreRDPuTsR2sMGdj0SY7Csw+4mA5Ng3kH/p+
qszIz2wbIY9E22TMKhI+kykbEWCI0gIhE5rMmHWeLpKs9LuU5j35FJBRopfm1NI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:35:47 2025 by rpki-client