Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/M9J6ff98ayg5TfgKGb-o8ETcRBg.roa
File: M9J6ff98ayg5TfgKGb-o8ETcRBg.roa (raw, json)
Hash identifier: hdVGt09bwiNOVuMzUd1SB4G5K2k4Wv2LH+6akWeRIl4=
Subject key identifier: 33:D2:7A:7D:FF:7C:6B:28:39:4D:F8:0A:19:BF:A8:F0:44:DC:44:18
Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39
Certificate serial: 06269109
Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/M9J6ff98ayg5TfgKGb-o8ETcRBg.roa
Signing time: Sat 01 Jan 2022 07:02:12 +0000
ROA not before: Sat 01 Jan 2022 07:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209505
IP address blocks: 185.250.10.0/23 maxlen: 23
185.250.9.0/24 maxlen: 24
2a0b:9401::/32 maxlen: 32
2a0b:9400:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103190793 (0x6269109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39
Validity
Not Before: Jan 1 07:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33d27a7dff7c6b28394df80a19bfa8f044dc4418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a9:f5:c4:3f:44:7c:dc:2f:fb:63:c1:e7:fe:
4d:54:56:b0:91:94:c0:11:74:73:55:fc:0d:ea:74:
15:dc:d5:64:fd:db:05:3c:38:c3:52:c7:98:16:b4:
b7:48:8f:be:6c:75:35:70:eb:51:63:e5:62:8c:57:
47:e9:45:bc:b6:4a:61:05:a7:56:2c:cf:02:a0:b2:
e9:cb:22:11:28:33:07:79:f1:89:e7:af:7b:eb:2b:
6d:97:74:d9:d5:cb:37:b6:a4:f2:af:c5:1a:6c:57:
91:5a:f9:6a:c7:66:1f:40:27:1a:2d:32:98:34:53:
8e:7d:bd:f0:75:10:bd:ba:e8:83:b2:ef:8f:57:99:
ea:bd:5c:80:df:68:91:74:35:42:0a:da:d4:ad:48:
fa:d1:87:a3:0c:9a:b4:1f:b5:c2:12:67:6f:43:7c:
a4:90:10:68:93:36:e7:9e:96:f4:d1:47:16:61:d6:
d7:b7:b6:d7:f9:4c:16:f2:e1:af:49:ed:dd:a8:ce:
b6:64:22:35:24:14:45:64:2a:80:e1:41:69:92:3a:
4f:79:0f:81:91:11:f6:e8:6c:19:4c:fc:50:88:bb:
ef:77:6d:75:57:3c:4a:f1:d1:cb:94:e9:4f:eb:da:
86:33:cb:89:d9:66:af:b1:dc:68:b8:66:5e:16:cb:
da:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D2:7A:7D:FF:7C:6B:28:39:4D:F8:0A:19:BF:A8:F0:44:DC:44:18
X509v3 Authority Key Identifier:
keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/M9J6ff98ayg5TfgKGb-o8ETcRBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.9.0-185.250.11.255
IPv6:
2a0b:9400:1000::/48
2a0b:9401::/32
Signature Algorithm: sha256WithRSAEncryption
53:a7:39:8c:98:8d:29:a5:48:78:9f:31:27:68:65:c8:c8:10:
c5:4d:b0:73:3a:1a:62:0d:f3:48:93:11:67:54:f8:62:1c:cd:
ec:63:57:07:8a:51:b0:34:5c:11:ef:26:5c:9f:16:61:5f:e1:
d5:18:fe:4e:0c:24:f4:40:01:15:ef:2c:49:a6:79:c4:12:10:
9e:8e:69:1d:7e:c1:8a:a1:78:2c:a5:4b:83:aa:9a:13:e6:52:
f8:13:8c:5a:5d:5f:ba:50:5b:06:6e:b8:b1:eb:9a:6d:40:91:
4b:2c:06:06:3d:61:41:82:ea:a3:70:39:79:6b:60:17:f5:d4:
20:7d:0c:8b:d6:eb:dd:42:5e:f0:28:7b:73:87:c3:a4:63:1f:
8e:fd:56:59:b0:54:fa:21:5e:61:06:fb:83:3f:2c:75:ed:58:
8e:05:1c:fe:f7:51:f1:0e:44:e5:9c:aa:1c:37:5d:f1:c5:d6:
97:2e:b6:17:0a:4e:21:59:a6:ea:3f:d5:c0:a0:3e:8d:6b:40:
da:c6:8f:fa:55:bd:31:de:33:9b:e9:c1:5f:7f:a1:90:7a:5f:
57:0d:6d:42:ff:f1:3d:3b:56:4a:bd:22:10:56:05:04:24:2a:
2c:d7:53:17:c2:5c:1c:27:83:8a:1f:90:a8:ec:e3:96:c1:07:
18:1b:7a:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBiaRCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDUwMmUyZDI0YjFmMjE2OTEzMDg4MjA3YTI2OGU2NjI2YjBjZTM5MB4XDTIyMDEw
MTA3MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNkMjdhN2RmZjdj
NmIyODM5NGRmODBhMTliZmE4ZjA0NGRjNDQxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMup9cQ/RHzcL/tjwef+TVRWsJGUwBF0c1X8Dep0FdzVZP3b
BTw4w1LHmBa0t0iPvmx1NXDrUWPlYoxXR+lFvLZKYQWnVizPAqCy6csiESgzB3nx
ieeve+srbZd02dXLN7ak8q/FGmxXkVr5asdmH0AnGi0ymDRTjn298HUQvbrog7Lv
j1eZ6r1cgN9okXQ1Qgra1K1I+tGHowyatB+1whJnb0N8pJAQaJM2556W9NFHFmHW
17e21/lMFvLhr0nt3ajOtmQiNSQURWQqgOFBaZI6T3kPgZER9uhsGUz8UIi773dt
dVc8SvHRy5TpT+vahjPLidlmr7HcaLhmXhbL2o8CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQz0np9/3xrKDlN+AoZv6jwRNxEGDAfBgNVHSMEGDAWgBR9UC4tJLHyFpEw
iCB6Jo5mJrDOOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWQXVMU1N4OGhhUk1JZ2dlaWFPWmlhd3pqay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvYWE1M2NmLWY5ODgtNDBlYi04MDgzLTUxZDc1NTY4YTllMy8x
L005SjZmZjk4YXlnNVRmZ0tHYi1vOEVUY1JCZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
YWE1M2NmLWY5ODgtNDBlYi04MDgzLTUxZDc1NTY4YTllMy8xL2ZWQXVMU1N4OGhh
Uk1JZ2dlaWFPWmlhd3pqay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wFAQCAAEwDjAMAwQAufoJAwQCufoIMBYEAgACMBAD
BwAqC5QAEAADBQAqC5QBMA0GCSqGSIb3DQEBCwUAA4IBAQBTpzmMmI0ppUh4nzEn
aGXIyBDFTbBzOhpiDfNIkxFnVPhiHM3sY1cHilGwNFwR7yZcnxZhX+HVGP5ODCT0
QAEV7yxJpnnEEhCejmkdfsGKoXgspUuDqpoT5lL4E4xaXV+6UFsGbrix65ptQJFL
LAYGPWFBguqjcDl5a2AX9dQgfQyL1uvdQl7wKHtzh8OkYx+O/VZZsFT6IV5hBvuD
Pyx17ViOBRz+91HxDkTlnKocN13xxdaXLrYXCk4hWabqP9XAoD6Na0Daxo/6Vb0x
3jOb6cFff6GQel9XDW1C//E9O1ZKvSIQVgUEJCos11MXwlwcJ4OKH5Co7OOWwQcY
G3py
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:16 2025 by rpki-client