Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/n7kiZRQ8HqLfLdXRA0pW9pQWuq0.roa
File: n7kiZRQ8HqLfLdXRA0pW9pQWuq0.roa (raw, json)
Hash identifier: IFSTx0qMJ5vA29H77PCuUKhsPsxPxS2Yc7op+jK1lt0=
Subject key identifier: 9F:B9:22:65:14:3C:1E:A2:DF:2D:D5:D1:03:4A:56:F6:94:16:BA:AD
Certificate issuer: /CN=3af1507fda4e704828c7e03caf626456aafc5b1a
Certificate serial: 056201CD
Authority key identifier: 3A:F1:50:7F:DA:4E:70:48:28:C7:E0:3C:AF:62:64:56:AA:FC:5B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/n7kiZRQ8HqLfLdXRA0pW9pQWuq0.roa
Signing time: Sat 01 Jan 2022 12:54:54 +0000
ROA not before: Sat 01 Jan 2022 12:54:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199536
IP address blocks: 185.148.100.0/22 maxlen: 22
2a0f:57c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90309069 (0x56201cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af1507fda4e704828c7e03caf626456aafc5b1a
Validity
Not Before: Jan 1 12:54:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fb92265143c1ea2df2dd5d1034a56f69416baad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:03:69:88:e5:c5:30:af:91:66:e3:90:46:
61:60:0f:5e:ad:c8:c0:42:f6:ac:0d:72:f4:1e:d0:
10:2c:d9:7a:e7:a3:03:db:4b:85:d8:9e:ad:42:d7:
89:b6:d6:b4:74:bc:7a:93:a1:a8:6e:4b:68:39:96:
88:8f:01:a2:ee:5b:39:c7:fb:a2:49:e7:50:c6:f0:
a5:2f:40:ba:5b:75:61:ee:19:91:8e:31:af:24:56:
de:48:3a:91:fb:33:ae:04:bf:73:db:18:9c:ff:4d:
93:c1:c6:ff:78:fc:79:b0:5e:8e:8f:cf:f8:f3:bb:
10:49:4d:5a:c1:8b:ae:32:be:05:fc:3a:28:b8:bc:
52:5e:d5:5a:2d:19:02:49:8c:3f:77:63:ea:99:d5:
c4:93:4b:3f:9f:b6:47:e6:1c:d7:c9:64:05:98:5b:
64:6b:18:e1:a5:5a:2b:b5:c6:31:d8:fd:ba:9f:b9:
3a:c4:7f:d9:bb:9b:59:0b:bc:81:1f:74:54:a8:36:
f1:6e:69:37:1f:e6:29:f9:9e:b9:d0:a2:74:9b:35:
84:e0:cf:d6:7f:85:c3:3d:72:31:86:2f:8e:68:4b:
88:ce:86:01:6d:ce:a0:bf:b6:94:7d:67:69:57:1a:
05:83:c3:94:8b:3f:ed:3f:bb:ba:79:07:64:40:6d:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B9:22:65:14:3C:1E:A2:DF:2D:D5:D1:03:4A:56:F6:94:16:BA:AD
X509v3 Authority Key Identifier:
keyid:3A:F1:50:7F:DA:4E:70:48:28:C7:E0:3C:AF:62:64:56:AA:FC:5B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/n7kiZRQ8HqLfLdXRA0pW9pQWuq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/OvFQf9pOcEgox-A8r2JkVqr8Wxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.100.0/22
IPv6:
2a0f:57c0::/32
Signature Algorithm: sha256WithRSAEncryption
a2:5f:aa:17:49:91:d4:13:94:57:50:2a:41:27:19:94:ed:0a:
17:dc:1c:aa:bf:89:fb:ee:de:b4:95:ac:d7:eb:1f:9d:cb:f1:
f0:b7:9c:28:2f:7d:52:46:4d:8e:13:fc:f6:5e:19:ee:8b:b1:
89:64:ed:00:62:ab:9e:65:05:ad:b9:5f:bd:06:c5:06:a2:ee:
f6:64:36:36:fd:22:15:67:06:0c:04:b1:d9:19:81:d2:43:c0:
3a:cc:fc:a1:72:94:35:3b:e7:a5:50:b1:9a:63:b6:5a:b9:da:
a6:3b:10:e1:c1:5e:1c:90:22:e5:6e:eb:d2:08:6d:b0:48:11:
11:0f:00:3d:47:a0:0a:05:58:46:29:81:62:7d:64:d9:9f:d6:
ff:4e:e9:f3:37:ca:fd:83:86:c8:59:1a:6d:28:0c:bf:55:7e:
89:61:f1:64:a9:f8:8c:08:b8:f8:12:f4:f0:e1:62:89:2b:c0:
f4:b0:e1:1c:e0:2e:30:e2:0e:18:32:ec:27:a7:36:23:6b:16:
62:ab:98:2c:0f:8e:80:1d:80:f6:ce:eb:fe:47:80:88:39:3a:
25:28:8a:fb:e9:8f:6e:34:91:c6:65:e7:cd:27:15:75:53:e3:
7d:26:13:89:db:3a:2e:69:9b:0a:5e:bd:42:07:22:cf:20:d9:
85:26:a8:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBWIBzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYxNTA3ZmRhNGU3MDQ4MjhjN2UwM2NhZjYyNjQ1NmFhZmM1YjFhMB4XDTIyMDEw
MTEyNTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZiOTIyNjUxNDNj
MWVhMmRmMmRkNWQxMDM0YTU2ZjY5NDE2YmFhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9WA2mI5cUwr5Fm45BGYWAPXq3IwEL2rA1y9B7QECzZeuej
A9tLhdierULXibbWtHS8epOhqG5LaDmWiI8Bou5bOcf7oknnUMbwpS9Ault1Ye4Z
kY4xryRW3kg6kfszrgS/c9sYnP9Nk8HG/3j8ebBejo/P+PO7EElNWsGLrjK+Bfw6
KLi8Ul7VWi0ZAkmMP3dj6pnVxJNLP5+2R+Yc18lkBZhbZGsY4aVaK7XGMdj9up+5
OsR/2bubWQu8gR90VKg28W5pNx/mKfmeudCidJs1hODP1n+Fwz1yMYYvjmhLiM6G
AW3OoL+2lH1naVcaBYPDlIs/7T+7unkHZEBtsbMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSfuSJlFDweot8t1dEDSlb2lBa6rTAfBgNVHSMEGDAWgBQ68VB/2k5wSCjH
4DyvYmRWqvxbGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092RlFmOXBPY0Vnb3gtQThyMkprVnFyOFd4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOWY1MGUxLTNlYzQtNDZkYy1iNGY3LTg3NDIzNGVkMWU1ZS8x
L243a2laUlE4SHFMZkxkWFJBMHBXOXBRV3VxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OWY1MGUxLTNlYzQtNDZkYy1iNGY3LTg3NDIzNGVkMWU1ZS8xL092RlFmOXBPY0Vn
b3gtQThyMkprVnFyOFd4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmUZDANBAIAAjAHAwUAKg9XwDAN
BgkqhkiG9w0BAQsFAAOCAQEAol+qF0mR1BOUV1AqQScZlO0KF9wcqr+J++7etJWs
1+sfncvx8LecKC99UkZNjhP89l4Z7ouxiWTtAGKrnmUFrblfvQbFBqLu9mQ2Nv0i
FWcGDASx2RmB0kPAOsz8oXKUNTvnpVCxmmO2WrnapjsQ4cFeHJAi5W7r0ghtsEgR
EQ8APUegCgVYRimBYn1k2Z/W/07p8zfK/YOGyFkabSgMv1V+iWHxZKn4jAi4+BL0
8OFiiSvA9LDhHOAuMOIOGDLsJ6c2I2sWYquYLA+OgB2A9s7r/keAiDk6JSiK++mP
bjSRxmXnzScVdVPjfSYTids6LmmbCl69QgcizyDZhSaoQw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:13 2025 by rpki-client