Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/n8XTcnn7NhJOWBHFPxHzzcGLenw.roa
File: n8XTcnn7NhJOWBHFPxHzzcGLenw.roa (raw, json)
Hash identifier: ozVEGbx5Eeg6D65v7FxIueIi6vT7mVewqqPippX9JuA=
Subject key identifier: 9F:C5:D3:72:79:FB:36:12:4E:58:11:C5:3F:11:F3:CD:C1:8B:7A:7C
Certificate issuer: /CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Certificate serial: 166CE333
Authority key identifier: D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/n8XTcnn7NhJOWBHFPxHzzcGLenw.roa
Signing time: Sat 01 Jan 2022 09:06:14 +0000
ROA not before: Sat 01 Jan 2022 09:06:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199758
IP address blocks: 185.86.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 376234803 (0x166ce333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Validity
Not Before: Jan 1 09:06:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fc5d37279fb36124e5811c53f11f3cdc18b7a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:af:6a:f4:8d:7f:6c:34:2c:c5:b3:19:93:21:
ec:26:69:18:c7:c0:ab:6b:9c:f1:2c:65:de:9f:14:
9a:48:91:0a:ef:6b:e9:79:6e:16:bb:a2:1f:94:37:
6c:ed:28:48:89:67:48:be:96:7c:06:47:fb:e2:b2:
33:1a:5e:53:06:60:11:6f:5a:c6:9c:7c:8d:c3:bb:
00:f6:98:2b:b6:34:83:a0:33:66:35:14:2d:84:39:
30:96:53:05:38:34:9e:29:9e:f2:8b:86:ca:a0:83:
9e:10:f5:a8:13:01:bf:ed:72:bc:db:35:25:ec:75:
48:98:11:76:e1:6f:07:2a:48:99:25:a5:06:f4:92:
d5:71:a7:86:94:ca:38:22:86:f6:13:35:46:45:73:
ec:9d:9d:34:3c:e3:3a:f2:74:23:fb:e4:be:3c:1b:
ec:09:90:73:88:9c:d3:fe:64:f7:ba:36:b1:e2:ec:
16:c7:c5:e5:c4:f6:af:11:8f:79:91:45:32:ca:40:
10:ca:ef:63:c1:3d:f4:8d:00:91:0e:57:0f:53:1e:
70:05:0d:96:27:51:b1:eb:a9:6b:9e:d0:d6:4e:dd:
8c:d5:a6:bd:f9:3b:8d:ac:2c:f2:fd:e5:8d:07:b7:
38:3e:3d:8e:31:fe:4b:f3:23:3f:9e:89:70:b7:5d:
e0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C5:D3:72:79:FB:36:12:4E:58:11:C5:3F:11:F3:CD:C1:8B:7A:7C
X509v3 Authority Key Identifier:
keyid:D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/n8XTcnn7NhJOWBHFPxHzzcGLenw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/13eUOzQRiOnNLpPeKIsz_-BBx9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:9e:5e:37:76:48:5b:c1:75:c5:eb:4e:37:b3:0a:5b:0d:fa:
a3:f6:2a:73:a8:05:fa:36:6d:f5:dc:fc:1e:44:72:4b:92:76:
de:e1:95:4f:45:45:e7:93:97:3f:a7:af:ad:71:aa:9d:94:d1:
03:2c:8f:a8:dc:6e:6c:b7:68:6f:82:a9:40:21:18:fe:2c:d4:
74:3f:de:c8:fc:3f:d0:48:7c:5e:9a:77:ca:26:81:be:7d:a6:
63:d6:a6:63:51:8f:b1:6b:cf:ce:66:ea:1f:54:f1:c3:3e:10:
c4:7b:1a:b7:39:88:8c:26:11:9d:5f:e9:b0:8d:58:76:44:5f:
c8:1a:3b:93:22:ba:52:4a:87:71:46:5f:51:79:af:b5:1d:7a:
27:0a:0a:dc:e9:9b:7a:71:ba:24:97:10:d2:03:f0:a4:aa:f4:
dd:67:41:b4:28:e3:07:57:4f:41:1b:6b:b4:09:dc:a4:d3:fc:
5c:b3:f1:2c:0a:c8:51:6b:5d:df:9c:08:05:1f:8b:32:8f:ae:
39:1b:4a:ee:e3:cc:98:46:85:80:6c:03:f2:e6:53:a4:ed:b5:
dc:8a:f8:e3:40:8e:37:af:fe:27:29:e1:5d:87:ba:7e:0a:6d:
54:05:86:85:3b:2c:be:ac:5e:77:19:26:37:fd:a5:23:54:0e:
a5:8e:86:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFmzjMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Nzc3OTQzYjM0MTE4OGU5Y2QyZTkzZGUyODhiMzNmZmUwNDFjN2QyMB4XDTIyMDEw
MTA5MDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZjNWQzNzI3OWZi
MzYxMjRlNTgxMWM1M2YxMWYzY2RjMThiN2E3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJivavSNf2w0LMWzGZMh7CZpGMfAq2uc8Sxl3p8UmkiRCu9r
6XluFruiH5Q3bO0oSIlnSL6WfAZH++KyMxpeUwZgEW9axpx8jcO7APaYK7Y0g6Az
ZjUULYQ5MJZTBTg0nime8ouGyqCDnhD1qBMBv+1yvNs1Jex1SJgRduFvBypImSWl
BvSS1XGnhpTKOCKG9hM1RkVz7J2dNDzjOvJ0I/vkvjwb7AmQc4ic0/5k97o2seLs
FsfF5cT2rxGPeZFFMspAEMrvY8E99I0AkQ5XD1MecAUNlidRseupa57Q1k7djNWm
vfk7jaws8v3ljQe3OD49jjH+S/MjP56JcLdd4FcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfxdNyefs2Ek5YEcU/EfPNwYt6fDAfBgNVHSMEGDAWgBTXd5Q7NBGI6c0u
k94oizP/4EHH0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEzZVVPelFSaU9uTkxwUGVLSXN6Xy1CQng5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMzViMWRmLTc4Y2YtNDgxOC1iMzNhLWNkYTdmYzdlYjA5Mi8x
L244WFRjbm43TmhKT1dCSEZQeEh6emNHTGVudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MzViMWRmLTc4Y2YtNDgxOC1iMzNhLWNkYTdmYzdlYjA5Mi8xLzEzZVVPelFSaU9u
TkxwUGVLSXN6Xy1CQng5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlWxDANBgkqhkiG9w0BAQsFAAOC
AQEAGp5eN3ZIW8F1xetON7MKWw36o/Yqc6gF+jZt9dz8HkRyS5J23uGVT0VF55OX
P6evrXGqnZTRAyyPqNxubLdob4KpQCEY/izUdD/eyPw/0Eh8Xpp3yiaBvn2mY9am
Y1GPsWvPzmbqH1Txwz4QxHsatzmIjCYRnV/psI1YdkRfyBo7kyK6UkqHcUZfUXmv
tR16JwoK3OmbenG6JJcQ0gPwpKr03WdBtCjjB1dPQRtrtAncpNP8XLPxLArIUWtd
35wIBR+LMo+uORtK7uPMmEaFgGwD8uZTpO213Ir440CON6/+JynhXYe6fgptVAWG
hTssvqxedxkmN/2lI1QOpY6GqQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:12 2025 by rpki-client