Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/y10skckD4JvR0_lFpWq7q6JQxeY.roa
File: y10skckD4JvR0_lFpWq7q6JQxeY.roa (raw, json)
Hash identifier: BXNFxBav4umxfevpG7YOt3/IPySD5bAtX7uhZ643Gfs=
Subject key identifier: CB:5D:2C:91:C9:03:E0:9B:D1:D3:F9:45:A5:6A:BB:AB:A2:50:C5:E6
Certificate issuer: /CN=fbd25da64b463af38b444ff37311b1566df5fcb2
Certificate serial: 08D5CBF6
Authority key identifier: FB:D2:5D:A6:4B:46:3A:F3:8B:44:4F:F3:73:11:B1:56:6D:F5:FC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/y10skckD4JvR0_lFpWq7q6JQxeY.roa
Signing time: Sat 01 Jan 2022 09:55:25 +0000
ROA not before: Sat 01 Jan 2022 09:55:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51321
IP address blocks: 185.132.123.0/24 maxlen: 24
185.132.120.0/24 maxlen: 24
185.132.120.0/22 maxlen: 24
185.132.121.0/24 maxlen: 24
185.132.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148229110 (0x8d5cbf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbd25da64b463af38b444ff37311b1566df5fcb2
Validity
Not Before: Jan 1 09:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb5d2c91c903e09bd1d3f945a56abbaba250c5e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:38:67:93:56:85:f1:c0:f0:63:24:7c:d9:32:
1e:ec:a1:b8:c1:b4:57:e0:2a:fc:7b:71:4d:28:89:
e5:f2:37:74:cc:df:a2:22:a5:76:05:3a:22:ba:fd:
ff:fe:90:47:b4:5e:80:26:0c:3e:10:32:aa:5a:ec:
b0:3b:79:cf:88:b0:35:bd:2f:55:55:08:6f:b4:f6:
c9:ad:38:03:6c:51:1e:9f:0b:97:01:bf:ee:05:b0:
67:04:2a:3d:b7:24:3a:41:56:8b:4d:dd:93:91:c5:
58:68:cd:7c:dc:22:38:ab:1a:fb:24:2f:d3:95:4f:
15:3a:4c:5c:ad:72:c1:3e:f6:a9:d0:10:78:08:45:
a1:53:b5:c3:57:44:5b:5a:d0:c7:7b:7a:f3:7e:e7:
6d:c7:49:ce:04:3c:53:84:c6:d3:86:f4:5c:f8:b6:
38:dc:d5:d9:0e:d9:48:81:94:74:52:40:af:9b:9e:
86:99:10:23:eb:31:62:83:7e:c1:88:f5:f8:70:df:
21:18:1c:67:cc:a1:a6:35:71:e0:28:55:5c:ea:90:
8e:ee:e2:b3:d0:52:0f:30:66:a3:8e:a0:94:95:73:
86:80:4d:75:bd:0a:11:7e:03:1f:4b:a9:ee:19:78:
5f:9a:dc:8a:5d:44:6e:af:12:7b:19:8b:fe:87:a1:
4e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5D:2C:91:C9:03:E0:9B:D1:D3:F9:45:A5:6A:BB:AB:A2:50:C5:E6
X509v3 Authority Key Identifier:
keyid:FB:D2:5D:A6:4B:46:3A:F3:8B:44:4F:F3:73:11:B1:56:6D:F5:FC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/y10skckD4JvR0_lFpWq7q6JQxeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/1-9JdpktGOvOLRE_zcxGxVm31_LI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.120.0/22
Signature Algorithm: sha256WithRSAEncryption
74:bc:56:2a:13:24:90:00:ff:28:80:cc:0c:06:5f:bc:7b:28:
1e:33:88:e1:a1:94:b1:52:3c:eb:6d:61:21:d6:00:bf:43:5a:
c1:9b:77:84:9c:ca:29:19:d3:41:4d:cd:59:d9:18:ae:f6:af:
7c:7c:0e:8b:a3:89:f8:3a:5d:2d:6b:8e:9c:82:71:ae:f1:b6:
59:59:49:6c:d8:d6:29:e7:19:b0:6f:9a:31:aa:33:08:fc:35:
05:8f:32:38:5b:32:fc:b7:20:7a:cf:61:b9:ea:bc:9c:a6:4a:
cf:66:28:8f:cc:9f:22:a6:37:be:cb:6e:16:71:f5:6a:7f:a7:
92:30:e5:fa:69:2d:a3:f4:8d:f2:69:9a:d9:96:2d:b5:b3:2d:
2f:42:23:ef:d9:c8:93:55:c2:7b:45:d8:0e:07:44:62:5f:a5:
06:9a:70:33:17:dc:c9:db:de:ec:c3:f5:3e:b7:f6:af:79:3b:
bb:6c:c8:61:3f:17:22:d9:46:a7:97:29:a0:52:1e:0a:05:f4:
8e:ac:0a:ef:a3:3d:a3:bf:e4:1f:14:1e:f1:25:0f:53:89:6e:
59:88:a2:bf:79:b2:a9:04:39:7f:57:25:4b:8b:ac:20:6d:66:
65:ee:fa:71:e3:93:8b:47:b8:8f:dd:13:92:17:a0:ee:18:f9:
e3:1b:90:b5
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECNXL9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmQyNWRhNjRiNDYzYWYzOGI0NDRmZjM3MzExYjE1NjZkZjVmY2IyMB4XDTIyMDEw
MTA5NTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I1ZDJjOTFjOTAz
ZTA5YmQxZDNmOTQ1YTU2YWJiYWJhMjUwYzVlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANg4Z5NWhfHA8GMkfNkyHuyhuMG0V+Aq/HtxTSiJ5fI3dMzf
oiKldgU6Irr9//6QR7RegCYMPhAyqlrssDt5z4iwNb0vVVUIb7T2ya04A2xRHp8L
lwG/7gWwZwQqPbckOkFWi03dk5HFWGjNfNwiOKsa+yQv05VPFTpMXK1ywT72qdAQ
eAhFoVO1w1dEW1rQx3t6837nbcdJzgQ8U4TG04b0XPi2ONzV2Q7ZSIGUdFJAr5ue
hpkQI+sxYoN+wYj1+HDfIRgcZ8yhpjVx4ChVXOqQju7is9BSDzBmo46glJVzhoBN
db0KEX4DH0up7hl4X5rcil1Ebq8SexmL/oehTukCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTLXSyRyQPgm9HT+UWlarurolDF5jAfBgNVHSMEGDAWgBT70l2mS0Y684tE
T/NzEbFWbfX8sjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtOUpkcGt0R092T0xSRV96Y3hHeFZtMzFfTEkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQxL2ZhNjVlOC1lNTk3LTQ3MzgtODM5Ni04MjVlYzEwNzVkZTYv
MS95MTBza2NrRDRKdlIwX2xGcFdxN3E2SlF4ZVkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQx
L2ZhNjVlOC1lNTk3LTQ3MzgtODM5Ni04MjVlYzEwNzVkZTYvMS8xLTlKZHBrdEdP
dk9MUkVfemN4R3hWbTMxX0xJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYR4MA0GCSqGSIb3DQEBCwUA
A4IBAQB0vFYqEySQAP8ogMwMBl+8eygeM4jhoZSxUjzrbWEh1gC/Q1rBm3eEnMop
GdNBTc1Z2Riu9q98fA6Lo4n4Ol0ta46cgnGu8bZZWUls2NYp5xmwb5oxqjMI/DUF
jzI4WzL8tyB6z2G56rycpkrPZiiPzJ8ipje+y24WcfVqf6eSMOX6aS2j9I3yaZrZ
li21sy0vQiPv2ciTVcJ7RdgOB0RiX6UGmnAzF9zJ297sw/U+t/aveTu7bMhhPxci
2UanlymgUh4KBfSOrArvoz2jv+QfFB7xJQ9TiW5ZiKK/ebKpBDl/VyVLi6wgbWZl
7vpx45OLR7iP3ROSF6DuGPnjG5C1
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:50:40 2025 by rpki-client