Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/1-f4uTJCCnRjP7CMwTn3QLW5RbAo.roa
File: 1-f4uTJCCnRjP7CMwTn3QLW5RbAo.roa (raw, json)
Hash identifier: D0cuwnZcY2Tbn/r66Dte/SgPoBa9BiSG0Y8WptpmAxM=
Subject key identifier: F9:FE:2E:4C:90:82:9D:18:CF:EC:23:30:4E:7D:D0:2D:6E:51:6C:0A
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 09D2D50D
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/1-f4uTJCCnRjP7CMwTn3QLW5RbAo.roa
Signing time: Sat 01 Jan 2022 11:58:50 +0000
ROA not before: Sat 01 Jan 2022 11:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202975
IP address blocks: 185.135.100.0/23 maxlen: 23
185.135.102.0/24 maxlen: 24
85.116.132.0/22 maxlen: 22
2a06:f2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164812045 (0x9d2d50d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jan 1 11:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9fe2e4c90829d18cfec23304e7dd02d6e516c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:13:d7:a6:d6:f8:a3:75:59:3d:57:65:13:e2:
34:74:97:08:ac:28:0e:b4:d1:07:df:6a:4b:8c:ac:
8a:9d:d5:41:0b:a9:66:af:d0:2a:b6:c5:ad:a7:96:
da:00:bd:34:cf:c4:f9:a6:4d:4f:98:6f:e5:c2:db:
90:27:ee:ac:89:00:83:b2:c3:69:d5:11:d1:6a:fe:
52:e3:f5:34:70:3b:fd:d4:67:a2:a3:56:6f:c2:7f:
dd:07:c9:f8:fe:c9:7e:27:c8:50:fd:6c:e6:60:24:
ec:a3:1b:b5:63:35:21:a3:c8:31:41:71:f0:31:c5:
19:e2:ee:49:f3:7b:10:82:4d:53:79:7f:f6:8e:91:
4f:b7:8a:bc:24:78:4b:75:74:8c:47:24:0f:b8:cf:
92:15:1f:14:fa:9e:9e:50:9b:4a:7a:e4:05:d7:08:
1f:21:75:9b:12:0c:79:c5:e8:76:76:54:e8:96:73:
ba:89:8b:92:3f:85:0e:86:f2:0e:12:b1:b8:64:a7:
9b:9b:eb:f4:26:89:66:aa:92:1e:2b:0f:c9:70:d3:
3a:58:10:d8:c3:c1:44:6f:0d:3e:2e:23:5e:f0:9f:
65:01:9e:91:77:87:fa:93:d6:07:27:3d:85:34:99:
34:ff:c7:92:d8:2c:4d:9f:67:f9:80:d2:a9:bb:48:
bf:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FE:2E:4C:90:82:9D:18:CF:EC:23:30:4E:7D:D0:2D:6E:51:6C:0A
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/1-f4uTJCCnRjP7CMwTn3QLW5RbAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.132.0/22
185.135.100.0-185.135.102.255
IPv6:
2a06:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:ee:78:dd:4c:52:39:db:ec:2d:aa:98:92:18:8e:14:1f:cd:
ef:01:cd:ad:f0:a3:6c:1a:88:6c:15:91:eb:56:dd:cd:8e:e9:
88:e5:be:bc:ee:e5:42:2c:d7:32:24:ca:e7:87:46:17:95:2e:
14:13:c0:0f:60:9f:7b:c0:04:d8:33:05:6f:07:b7:13:f6:de:
c5:bc:00:25:e8:ea:f7:6a:23:a9:a5:7f:9c:5c:12:aa:3d:24:
04:66:f6:67:71:01:17:38:a9:1c:70:b4:33:1b:c9:fb:fa:be:
18:cb:bf:d5:57:6b:79:49:ee:83:c5:e9:70:2c:ed:ad:c5:4d:
33:d8:df:ac:69:a1:79:e3:bf:06:e7:2e:15:ae:bf:af:89:ec:
8a:5a:7d:e7:27:6e:56:78:83:6c:84:55:2f:e8:6b:5d:40:da:
4f:73:73:29:36:e0:9f:2a:3d:67:5f:f9:f7:4f:06:a9:e3:f8:
b4:bb:6b:dd:d7:71:46:34:67:c6:c7:f2:c7:d9:95:ee:c6:34:
b5:99:1b:ab:9e:fa:01:04:bb:ed:e0:18:5f:bf:3a:87:d7:7e:
e2:2d:b1:67:df:f2:f8:d4:83:55:c6:e9:01:8f:ac:2e:0e:d6:
8e:01:f4:72:55:49:39:4f:55:d6:d5:1d:55:2b:a6:ff:6e:7c:
86:bf:cb:e4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECdLVDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Yjk3NjI3NTU0N2I3NWRmMmIwNGM0ZjliMjkxYzA3MTBjNTA3NzQwMB4XDTIyMDEw
MTExNTg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlmZTJlNGM5MDgy
OWQxOGNmZWMyMzMwNGU3ZGQwMmQ2ZTUxNmMwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoT16bW+KN1WT1XZRPiNHSXCKwoDrTRB99qS4ysip3VQQup
Zq/QKrbFraeW2gC9NM/E+aZNT5hv5cLbkCfurIkAg7LDadUR0Wr+UuP1NHA7/dRn
oqNWb8J/3QfJ+P7JfifIUP1s5mAk7KMbtWM1IaPIMUFx8DHFGeLuSfN7EIJNU3l/
9o6RT7eKvCR4S3V0jEckD7jPkhUfFPqenlCbSnrkBdcIHyF1mxIMecXodnZU6JZz
uomLkj+FDobyDhKxuGSnm5vr9CaJZqqSHisPyXDTOlgQ2MPBRG8NPi4jXvCfZQGe
kXeH+pPWByc9hTSZNP/HktgsTZ9n+YDSqbtIv38CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBT5/i5MkIKdGM/sIzBOfdAtblFsCjAfBgNVHSMEGDAWgBQrl2J1VHt13ysE
xPmykcBxDFB3QDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s1ZGlkVlI3ZGQ4ckJNVDVzcEhBY1F4UWQwQS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvNThmNDVmLThiMDctNGU2YS05NTQ4LWQ1YjBmOTFkOTdjMi8x
LzEtZjR1VEpDQ25SalA3Q013VG4zUUxXNVJiQW8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQy
LzU4ZjQ1Zi04YjA3LTRlNmEtOTU0OC1kNWIwZjkxZDk3YzIvMS9LNWRpZFZSN2Rk
OHJCTVQ1c3BIQWNReFFkMEEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
PAYIKwYBBQUHAQcBAf8ELTArMBoEAgABMBQDBAJVdIQwDAMEArmHZAMEALmHZjAN
BAIAAjAHAwUDKgbywDANBgkqhkiG9w0BAQsFAAOCAQEAEu543UxSOdvsLaqYkhiO
FB/N7wHNrfCjbBqIbBWR61bdzY7piOW+vO7lQizXMiTK54dGF5UuFBPAD2Cfe8AE
2DMFbwe3E/bexbwAJejq92ojqaV/nFwSqj0kBGb2Z3EBFzipHHC0MxvJ+/q+GMu/
1VdreUnug8XpcCztrcVNM9jfrGmheeO/BucuFa6/r4nsilp95yduVniDbIRVL+hr
XUDaT3NzKTbgnyo9Z1/5908GqeP4tLtr3ddxRjRnxsfyx9mV7sY0tZkbq576AQS7
7eAYX786h9d+4i2xZ9/y+NSDVcbpAY+sLg7WjgH0clVJOU9V1tUdVSum/258hr/L
5A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:59 2025 by rpki-client