Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/6fRg4B-FU-DsPyf7V3QKpmhJay0.roa
File: 6fRg4B-FU-DsPyf7V3QKpmhJay0.roa (raw, json)
Hash identifier: ZJBMUUV5ydP3RCIl7AubgYEKrlDeu4b3THSrSfK9Oy8=
Subject key identifier: E9:F4:60:E0:1F:85:53:E0:EC:3F:27:FB:57:74:0A:A6:68:49:6B:2D
Certificate issuer: /CN=a1f7882861c29ed599be4a937480c4d13e25bfc2
Certificate serial: 11E4037C
Authority key identifier: A1:F7:88:28:61:C2:9E:D5:99:BE:4A:93:74:80:C4:D1:3E:25:BF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/6fRg4B-FU-DsPyf7V3QKpmhJay0.roa
Signing time: Sat 01 Jan 2022 06:01:33 +0000
ROA not before: Sat 01 Jan 2022 06:01:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33986
IP address blocks: 217.194.188.0/24 maxlen: 24
217.194.189.0/24 maxlen: 24
217.194.190.0/24 maxlen: 24
217.194.187.0/24 maxlen: 24
217.194.191.0/24 maxlen: 24
185.41.75.0/24 maxlen: 24
185.41.72.0/24 maxlen: 24
185.41.73.0/24 maxlen: 24
185.41.74.0/24 maxlen: 24
185.41.72.0/22 maxlen: 22
45.9.96.0/22 maxlen: 24
217.194.176.0/24 maxlen: 24
217.194.176.0/20 maxlen: 20
217.194.177.0/24 maxlen: 24
217.194.178.0/24 maxlen: 24
217.194.179.0/24 maxlen: 24
217.194.184.0/24 maxlen: 24
217.194.185.0/24 maxlen: 24
217.194.186.0/24 maxlen: 24
217.194.181.0/24 maxlen: 24
217.194.182.0/24 maxlen: 24
217.194.183.0/24 maxlen: 24
217.194.180.0/24 maxlen: 24
46.102.101.0/24 maxlen: 24
185.169.44.0/22 maxlen: 22
2a00:5b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300155772 (0x11e4037c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1f7882861c29ed599be4a937480c4d13e25bfc2
Validity
Not Before: Jan 1 06:01:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9f460e01f8553e0ec3f27fb57740aa668496b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:31:b6:94:11:e5:9a:8a:25:31:1f:8c:d3:
e9:23:dc:b8:94:6b:92:38:c6:47:ad:ef:a5:68:c4:
61:73:31:bd:2c:23:89:64:33:d5:67:e2:20:7b:0f:
65:22:39:53:e0:88:69:4f:29:87:e1:c2:88:e1:fd:
0f:40:a2:42:3b:b3:c6:bc:be:fb:4b:cc:7d:fd:8c:
6d:dc:98:dd:62:75:c5:4f:b0:67:18:c1:6a:23:f3:
b4:4d:17:1d:a5:69:6a:ab:c7:ea:4b:b2:fb:60:a5:
33:4e:34:0b:53:14:8a:f0:48:6e:d1:ce:09:c4:46:
de:6c:8f:06:45:a8:ce:51:17:f2:e0:7e:a2:d2:af:
8c:3b:06:f1:8b:ec:ed:f7:fa:ac:c8:1d:34:70:9f:
91:1a:20:7f:21:f1:c3:96:6b:c4:a0:ca:be:26:b1:
f5:e7:0a:05:9d:6d:7b:2d:78:14:bf:56:fe:3b:7a:
05:50:cb:ae:0d:17:0d:9a:66:29:c2:32:58:00:3c:
9a:51:01:50:f4:1c:75:ad:10:81:c6:a1:fc:82:bb:
74:8a:1a:76:85:57:47:7d:65:5b:8b:3b:bd:3c:a8:
c7:49:7c:24:7a:ea:92:ee:d4:e0:85:ec:cc:31:03:
d4:11:5b:a1:7b:57:4c:37:c8:b6:5d:a9:74:8a:d8:
62:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F4:60:E0:1F:85:53:E0:EC:3F:27:FB:57:74:0A:A6:68:49:6B:2D
X509v3 Authority Key Identifier:
keyid:A1:F7:88:28:61:C2:9E:D5:99:BE:4A:93:74:80:C4:D1:3E:25:BF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/6fRg4B-FU-DsPyf7V3QKpmhJay0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ofeIKGHCntWZvkqTdIDE0T4lv8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.96.0/22
46.102.101.0/24
185.41.72.0/22
185.169.44.0/22
217.194.176.0/20
IPv6:
2a00:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
35:94:cd:51:70:07:cb:3e:31:66:e0:0d:af:d3:4e:e1:9d:6b:
08:30:1f:05:57:eb:fa:99:0c:f9:f8:e8:fa:f9:87:64:8e:7c:
16:67:4b:f1:37:97:f8:79:cc:31:33:42:9d:25:7d:bc:6d:e0:
46:ce:ec:ce:93:35:35:3f:f0:c8:a2:69:d0:16:c0:f1:a3:1b:
1a:27:31:49:ac:66:b8:ac:8c:90:03:3e:54:31:cc:48:93:62:
da:1b:d1:97:b2:d5:8e:43:3c:04:89:f2:f2:5d:c1:64:7b:7f:
94:0a:89:22:85:67:24:6b:7e:47:a3:0d:ba:ae:cc:8d:ee:66:
2c:49:a3:83:3a:55:0a:dc:56:56:3d:d1:4b:73:12:ea:22:18:
a3:ff:57:60:f4:f0:92:4c:d7:5e:a2:06:b2:50:8a:41:ea:1f:
0b:f4:3e:14:8c:ba:27:f7:04:ce:f7:21:26:0b:ee:be:e4:de:
37:45:82:88:4e:16:96:b4:8d:6e:35:eb:22:84:e3:92:0d:58:
ba:f2:e8:a9:b8:7f:ad:67:a8:c4:87:ec:13:59:39:35:40:61:
a2:d1:22:34:2e:49:22:77:ab:2a:02:40:81:67:e4:59:f1:84:
fe:a5:ee:1a:ec:76:b3:f6:c4:1a:ee:68:e7:4f:01:28:de:34:
bd:da:f4:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEEeQDfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MWY3ODgyODYxYzI5ZWQ1OTliZTRhOTM3NDgwYzRkMTNlMjViZmMyMB4XDTIyMDEw
MTA2MDEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTlmNDYwZTAxZjg1
NTNlMGVjM2YyN2ZiNTc3NDBhYTY2ODQ5NmIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzUMbaUEeWaiiUxH4zT6SPcuJRrkjjGR63vpWjEYXMxvSwj
iWQz1WfiIHsPZSI5U+CIaU8ph+HCiOH9D0CiQjuzxry++0vMff2MbdyY3WJ1xU+w
ZxjBaiPztE0XHaVpaqvH6kuy+2ClM040C1MUivBIbtHOCcRG3myPBkWozlEX8uB+
otKvjDsG8Yvs7ff6rMgdNHCfkRogfyHxw5ZrxKDKviax9ecKBZ1tey14FL9W/jt6
BVDLrg0XDZpmKcIyWAA8mlEBUPQcda0Qgcah/IK7dIoadoVXR31lW4s7vTyox0l8
JHrqku7U4IXszDED1BFboXtXTDfItl2pdIrYYkcCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTp9GDgH4VT4Ow/J/tXdAqmaElrLTAfBgNVHSMEGDAWgBSh94goYcKe1Zm+
SpN0gMTRPiW/wjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29mZUlLR0hDbnRXWnZrcVRkSURFMFQ0bHY4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMDNiYWI4LTZjNDMtNGEyMC1hOTYwLWMzN2E1OTgyZjQ2Ni8x
LzZmUmc0Qi1GVS1Ec1B5ZjdWM1FLcG1oSmF5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MDNiYWI4LTZjNDMtNGEyMC1hOTYwLWMzN2E1OTgyZjQ2Ni8xL29mZUlLR0hDbnRX
WnZrcVRkSURFMFQ0bHY4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAi0JYAMEAC5mZQMEArkpSAMEArmp
LAMEBNnCsDANBAIAAjAHAwUDKgBbADANBgkqhkiG9w0BAQsFAAOCAQEANZTNUXAH
yz4xZuANr9NO4Z1rCDAfBVfr+pkM+fjo+vmHZI58FmdL8TeX+HnMMTNCnSV9vG3g
Rs7szpM1NT/wyKJp0BbA8aMbGicxSaxmuKyMkAM+VDHMSJNi2hvRl7LVjkM8BIny
8l3BZHt/lAqJIoVnJGt+R6MNuq7Mje5mLEmjgzpVCtxWVj3RS3MS6iIYo/9XYPTw
kkzXXqIGslCKQeofC/Q+FIy6J/cEzvchJgvuvuTeN0WCiE4WlrSNbjXrIoTjkg1Y
uvLoqbh/rWeoxIfsE1k5NUBhotEiNC5JInerKgJAgWfkWfGE/qXuGux2s/bEGu5o
508BKN40vdr05A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:00:08 2025 by rpki-client