Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/9akh2uQvrQUwBHCdVo82kQV0wWI.roa
File: 9akh2uQvrQUwBHCdVo82kQV0wWI.roa (raw, json)
Hash identifier: qECAGk79syPzGyPCM7xqVdsjv8xwhIEaeOrT6USg+rE=
Subject key identifier: F5:A9:21:DA:E4:2F:AD:05:30:04:70:9D:56:8F:36:91:05:74:C1:62
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 028EC209
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/9akh2uQvrQUwBHCdVo82kQV0wWI.roa
Signing time: Wed 01 Jun 2022 21:33:20 +0000
ROA not before: Wed 01 Jun 2022 21:33:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207974
IP address blocks: 185.214.168.0/24 maxlen: 24
185.214.168.0/22 maxlen: 22
185.214.170.0/24 maxlen: 24
185.214.169.0/24 maxlen: 24
2a0a:3b40:3000::/36 maxlen: 36
2a0a:3b40:2000::/36 maxlen: 36
2a0a:3b40:1000::/36 maxlen: 36
2a0a:3b40::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42910217 (0x28ec209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jun 1 21:33:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5a921dae42fad053004709d568f36910574c162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:83:9d:b1:77:d9:63:1a:15:ac:22:57:04:
0a:1a:14:5b:b2:a0:ca:03:03:8b:4e:06:75:cc:67:
ea:b4:d8:33:a8:47:15:f8:bf:a1:e6:ad:42:a7:99:
de:03:1e:c8:c1:84:1c:f9:82:49:76:64:6d:6e:63:
30:85:43:a7:ab:c9:66:e1:31:b8:2a:78:a5:a3:b5:
e9:9c:c7:16:c3:c0:22:65:67:94:22:37:15:95:8d:
04:be:a0:2f:da:d5:5f:49:3c:6f:96:ed:fb:9a:e0:
24:38:bf:b9:c4:f2:01:0c:1e:20:8f:ad:9f:f5:e3:
12:16:26:8e:12:9f:8f:a1:37:7c:8a:44:94:2e:46:
ce:7d:9e:79:a4:e2:ae:d0:25:4a:8f:e6:c3:67:34:
42:78:8a:26:87:51:01:23:c7:53:ae:51:7e:f8:5b:
73:18:17:d1:75:47:79:f3:5b:0e:26:d0:13:2e:2e:
86:51:65:ad:92:01:20:36:13:69:3e:f0:c9:35:f3:
4a:73:fa:11:80:ff:f2:ff:e1:06:07:01:8d:79:10:
8e:f4:ea:04:14:ae:dc:6f:ec:ac:8f:03:a9:b6:c6:
60:b8:01:7d:ce:1d:74:41:91:d1:28:ef:f0:c1:88:
4f:17:38:b4:a3:5f:c0:be:dc:01:31:94:49:6c:4c:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A9:21:DA:E4:2F:AD:05:30:04:70:9D:56:8F:36:91:05:74:C1:62
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/9akh2uQvrQUwBHCdVo82kQV0wWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.168.0/22
IPv6:
2a0a:3b40::/34
Signature Algorithm: sha256WithRSAEncryption
a5:d0:97:85:d9:84:2d:13:1a:14:ea:12:1e:05:04:c4:47:d1:
4b:96:d2:96:a3:09:6a:f3:03:62:ab:8f:89:c4:43:71:2e:46:
67:fa:87:48:78:a9:52:cd:b7:3c:14:86:1c:4a:c1:bf:3d:d9:
72:5e:5f:3d:de:75:3e:77:ac:ef:4f:77:1c:79:b5:98:56:ac:
df:67:d7:af:0c:bd:6c:c0:e6:88:9d:8e:6d:b1:a1:fa:8c:15:
b3:7b:5d:c5:35:03:94:73:ae:89:75:ba:99:8a:0b:c1:c8:73:
d3:77:78:17:8e:f9:5f:e3:76:dc:2b:73:4f:0c:50:b7:61:28:
8b:e8:74:72:97:42:02:73:00:9e:01:6a:5a:65:e5:54:1c:20:
8b:7f:18:f5:e6:87:d2:4e:bf:34:16:b8:0b:58:e5:f6:18:b7:
3a:6c:54:41:44:10:fc:38:70:27:1f:c3:8c:e6:4a:1d:74:9d:
d8:70:9f:f5:6e:2b:ab:e5:78:4c:5a:c5:b3:3e:2f:27:1b:3b:
ad:f4:87:e8:dc:b8:69:de:00:fa:bc:77:da:13:4f:d2:a4:a1:
b0:0a:8c:f1:9e:39:3d:c6:4f:3a:4f:3a:95:81:ef:90:db:f8:
8f:b6:5c:3d:5d:1e:27:40:4b:8f:66:fa:74:04:be:ea:5d:6b:
54:cc:e1:3e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEAo7CCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTdiZjRmYmVhODk0ZjQzZWViM2RiMWIyMTZlNTc3NjZlMDFhYjgxMB4XDTIyMDYw
MTIxMzMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVhOTIxZGFlNDJm
YWQwNTMwMDQ3MDlkNTY4ZjM2OTEwNTc0YzE2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOyg52xd9ljGhWsIlcEChoUW7KgygMDi04Gdcxn6rTYM6hH
Ffi/oeatQqeZ3gMeyMGEHPmCSXZkbW5jMIVDp6vJZuExuCp4paO16ZzHFsPAImVn
lCI3FZWNBL6gL9rVX0k8b5bt+5rgJDi/ucTyAQweII+tn/XjEhYmjhKfj6E3fIpE
lC5Gzn2eeaTirtAlSo/mw2c0QniKJodRASPHU65RfvhbcxgX0XVHefNbDibQEy4u
hlFlrZIBIDYTaT7wyTXzSnP6EYD/8v/hBgcBjXkQjvTqBBSu3G/srI8DqbbGYLgB
fc4ddEGR0Sjv8MGITxc4tKNfwL7cATGUSWxMevMCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT1qSHa5C+tBTAEcJ1WjzaRBXTBYjAfBgNVHSMEGDAWgBTRe/T76olPQ+6z
2xshbld2bgGrgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBYdjAtLXFKVDBQdXM5c2JJVzVYZG00QnE0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8x
Lzlha2gydVF2clFVd0JIQ2RWbzgya1FWMHdXSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8xLzBYdjAtLXFKVDBQ
dXM5c2JJVzVYZG00QnE0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEArnWqDAOBAIAAjAIAwYGKgo7QAAw
DQYJKoZIhvcNAQELBQADggEBAKXQl4XZhC0TGhTqEh4FBMRH0UuW0pajCWrzA2Kr
j4nEQ3EuRmf6h0h4qVLNtzwUhhxKwb892XJeXz3edT53rO9Pdxx5tZhWrN9n168M
vWzA5oidjm2xofqMFbN7XcU1A5Rzrol1upmKC8HIc9N3eBeO+V/jdtwrc08MULdh
KIvodHKXQgJzAJ4Balpl5VQcIIt/GPXmh9JOvzQWuAtY5fYYtzpsVEFEEPw4cCcf
w4zmSh10ndhwn/VuK6vleExaxbM+LycbO630h+jcuGneAPq8d9oTT9KkobAKjPGe
OT3GTzpPOpWB75Db+I+2XD1dHidAS49m+nQEvupda1TM4T4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:45 2025 by rpki-client