Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/u1cGOwjKgQTD-YJ3zQLUc9hmCJw.roa
File: u1cGOwjKgQTD-YJ3zQLUc9hmCJw.roa (raw, json)
Hash identifier: s0pO7mIn0XSiMn0AWHAWtJiiNKg4YFOG1Ck94qgCe+Y=
Subject key identifier: BB:57:06:3B:08:CA:81:04:C3:F9:82:77:CD:02:D4:73:D8:66:08:9C
Certificate issuer: /CN=c3bd26fe2295e462be2678533efa531e23b7f102
Certificate serial: 0A3219B4
Authority key identifier: C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/u1cGOwjKgQTD-YJ3zQLUc9hmCJw.roa
Signing time: Sat 01 Jan 2022 15:58:21 +0000
ROA not before: Sat 01 Jan 2022 15:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57773
IP address blocks: 91.208.188.0/24 maxlen: 24
85.208.80.0/22 maxlen: 22
185.141.112.0/22 maxlen: 22
171.22.68.0/22 maxlen: 22
194.33.80.0/24 maxlen: 24
185.205.50.0/23 maxlen: 23
185.205.48.0/23 maxlen: 23
185.205.48.0/22 maxlen: 22
2a09:3b40::/29 maxlen: 29
2a0b:145::/43 maxlen: 43
2a0b:140::/29 maxlen: 29
2a0b:143::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171055540 (0xa3219b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3bd26fe2295e462be2678533efa531e23b7f102
Validity
Not Before: Jan 1 15:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb57063b08ca8104c3f98277cd02d473d866089c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:e7:12:3b:5c:18:fa:14:00:44:7d:e3:85:
65:d9:a0:3b:6c:2a:52:f3:38:58:8a:21:ae:7f:1a:
27:ce:f6:0f:f6:35:04:36:d3:7c:8a:3b:ee:6f:67:
e1:c8:1e:71:eb:c2:59:dd:16:74:b5:26:cd:44:6c:
5e:40:b0:d4:76:87:92:89:64:60:e3:52:3a:97:71:
6b:fd:78:06:2f:65:ea:f1:e1:14:7a:15:16:fc:ca:
eb:a6:47:46:ec:c8:45:1a:b5:a9:19:46:ca:8a:46:
f3:ca:af:2e:67:29:7f:87:9f:7d:57:41:04:22:ba:
e0:d7:4e:72:45:95:a1:de:35:59:ce:14:44:16:bd:
41:c6:d3:fb:08:4d:65:1d:5a:f0:43:78:85:a5:df:
47:17:34:cd:b5:f0:b6:91:30:50:12:31:5e:26:dd:
17:25:65:c5:76:44:4a:76:38:ad:b7:f9:fe:84:09:
60:b3:97:24:f5:d4:90:9c:a5:7a:6b:2a:74:27:c1:
75:87:74:f9:79:45:62:1e:6e:a9:b5:f9:ff:6c:68:
44:3d:23:7b:1e:3c:f8:55:d0:8d:2d:ca:8d:ec:a8:
21:65:62:93:46:f8:33:b8:5f:3a:55:cc:d1:1e:25:
f3:d5:f9:c6:df:0f:ec:1c:7c:0a:0e:64:e2:42:19:
3d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:57:06:3B:08:CA:81:04:C3:F9:82:77:CD:02:D4:73:D8:66:08:9C
X509v3 Authority Key Identifier:
keyid:C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/u1cGOwjKgQTD-YJ3zQLUc9hmCJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.80.0/22
91.208.188.0/24
171.22.68.0/22
185.141.112.0/22
185.205.48.0/22
194.33.80.0/24
IPv6:
2a09:3b40::/29
2a0b:140::/29
Signature Algorithm: sha256WithRSAEncryption
36:c5:d0:80:4a:07:af:f4:0a:69:62:80:e5:84:9d:7b:77:3c:
87:4e:ed:78:b2:27:04:7c:bf:24:71:0e:be:5d:b6:4f:74:06:
a9:b4:e6:0c:4d:90:76:80:e9:d9:52:0e:a6:8d:3a:de:a7:bc:
d3:28:90:0b:30:00:f3:fb:98:7a:f6:45:dc:06:1b:ad:c6:d4:
96:d5:a2:a9:b2:67:09:60:67:b2:cc:3b:45:e6:f7:a1:61:52:
99:2d:f6:f2:05:6a:a8:2f:fc:7a:10:bc:cc:7c:51:b5:3b:1b:
1c:d6:1a:2d:81:97:22:24:6b:63:06:aa:59:bc:b1:6c:bf:79:
a8:eb:e7:07:d1:19:c4:db:87:d8:0a:3d:03:9c:b5:0a:ed:d3:
a8:b1:07:99:ad:4b:1e:fa:92:3d:e5:e4:2a:ae:cf:55:f2:3f:
ae:78:49:77:a4:2e:19:45:de:18:33:14:a8:0e:ce:ca:0f:87:
27:f6:d5:be:7f:c6:43:13:08:95:82:86:6a:fe:0f:15:43:3d:
09:15:ce:b5:ca:12:ca:c5:99:8b:b1:05:fb:73:e1:5a:d0:3b:
99:96:7b:46:c6:e9:f0:31:e0:cb:ce:7d:e7:32:6b:78:26:83:
34:0c:f3:33:50:84:7d:c2:26:5d:8d:dc:29:8d:f3:1b:8f:fb:
1a:ab:40:9a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECjIZtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2JkMjZmZTIyOTVlNDYyYmUyNjc4NTMzZWZhNTMxZTIzYjdmMTAyMB4XDTIyMDEw
MTE1NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI1NzA2M2IwOGNh
ODEwNGMzZjk4Mjc3Y2QwMmQ0NzNkODY2MDg5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGZ5xI7XBj6FABEfeOFZdmgO2wqUvM4WIohrn8aJ872D/Y1
BDbTfIo77m9n4cgecevCWd0WdLUmzURsXkCw1HaHkolkYONSOpdxa/14Bi9l6vHh
FHoVFvzK66ZHRuzIRRq1qRlGyopG88qvLmcpf4effVdBBCK64NdOckWVod41Wc4U
RBa9QcbT+whNZR1a8EN4haXfRxc0zbXwtpEwUBIxXibdFyVlxXZESnY4rbf5/oQJ
YLOXJPXUkJylemsqdCfBdYd0+XlFYh5uqbX5/2xoRD0jex48+FXQjS3KjeyoIWVi
k0b4M7hfOlXM0R4l89X5xt8P7Bx8Cg5k4kIZPZkCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBS7VwY7CMqBBMP5gnfNAtRz2GYInDAfBgNVHSMEGDAWgBTDvSb+IpXkYr4m
eFM++lMeI7fxAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c3MG1faUtWNUdLLUpuaFRQdnBUSGlPMzhRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvOWM1YTAwLTBiNWYtNGE5NS05OGE4LThiZDk3NjkxMGRiZi8x
L3UxY0dPd2pLZ1FURC1ZSjN6UUxVYzlobUNKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
OWM1YTAwLTBiNWYtNGE5NS05OGE4LThiZDk3NjkxMGRiZi8xL3c3MG1faUtWNUdL
LUpuaFRQdnBUSGlPMzhRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEAlXQUAMEAFvQvAMEAqsWRAMEArmN
cAMEArnNMAMEAMIhUDAUBAIAAjAOAwUDKgk7QAMFAyoLAUAwDQYJKoZIhvcNAQEL
BQADggEBADbF0IBKB6/0CmligOWEnXt3PIdO7XiyJwR8vyRxDr5dtk90Bqm05gxN
kHaA6dlSDqaNOt6nvNMokAswAPP7mHr2RdwGG63G1JbVoqmyZwlgZ7LMO0Xm96Fh
Upkt9vIFaqgv/HoQvMx8UbU7GxzWGi2BlyIka2MGqlm8sWy/eajr5wfRGcTbh9gK
PQOctQrt06ixB5mtSx76kj3l5Cquz1XyP654SXekLhlF3hgzFKgOzsoPhyf21b5/
xkMTCJWChmr+DxVDPQkVzrXKEsrFmYuxBftz4VrQO5mWe0bG6fAx4MvOfecya3gm
gzQM8zNQhH3CJl2N3CmN8xuP+xqrQJo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:29 2025 by rpki-client