Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/9qXiaAi8fwoM6fhYIIC57YYotRc.roa
File: 9qXiaAi8fwoM6fhYIIC57YYotRc.roa (raw, json)
Hash identifier: aqQ7fUa7lI5vYQ+FSeCo3PYaTgTu06ImNQHQmACJNRc=
Subject key identifier: F6:A5:E2:68:08:BC:7F:0A:0C:E9:F8:58:20:80:B9:ED:86:28:B5:17
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 301A1077
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/9qXiaAi8fwoM6fhYIIC57YYotRc.roa
Signing time: Sat 01 Jan 2022 04:57:42 +0000
ROA not before: Sat 01 Jan 2022 04:57:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20764
IP address blocks: 79.141.208.0/20 maxlen: 20
80.64.96.0/20 maxlen: 20
80.64.98.28/32 maxlen: 32
185.5.160.0/22 maxlen: 22
81.27.240.0/20 maxlen: 20
2a00:1c28::/29 maxlen: 29
2a00:1c28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 807014519 (0x301a1077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: Jan 1 04:57:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6a5e26808bc7f0a0ce9f8582080b9ed8628b517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5a:e7:96:31:9a:42:4d:2c:7a:2d:44:cf:16:
81:af:a0:37:eb:e6:ee:c9:e8:4e:6e:54:19:32:d7:
91:a8:55:88:3e:ad:c8:11:eb:2b:70:87:e7:3a:dd:
49:a6:db:d3:52:ac:d9:e1:a4:3d:c3:7c:8c:70:ca:
78:af:38:6a:c5:07:01:34:91:83:a8:9b:78:5e:48:
f2:dd:40:cb:98:b4:65:a2:2b:a2:2e:81:1f:73:b1:
cf:49:b1:e4:72:67:77:b2:df:bc:ce:8d:ac:9d:44:
4c:49:8e:74:22:17:ad:39:83:74:4c:f4:e6:d2:1c:
bd:33:68:91:e6:0c:d3:59:ce:4b:4a:51:db:75:ba:
89:f5:c7:aa:1d:fe:18:5c:62:3e:5b:05:c3:dc:82:
91:ae:d3:c7:a2:84:c1:63:ea:e1:f4:e8:47:0f:a5:
4a:1f:d0:44:83:18:d6:79:f7:9d:06:18:77:31:3b:
6d:fc:ff:27:27:8f:5a:c6:3a:d0:0d:18:6b:43:42:
32:68:8a:82:ad:57:05:d3:49:cf:8d:17:ac:cf:88:
0f:01:49:39:a7:0c:b2:24:7f:e5:22:3f:81:0a:11:
57:cf:4d:25:14:ce:34:1b:47:e9:f7:e6:34:46:f4:
72:4e:0b:fd:cc:1f:65:70:40:e4:28:df:31:d6:a5:
9a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A5:E2:68:08:BC:7F:0A:0C:E9:F8:58:20:80:B9:ED:86:28:B5:17
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/9qXiaAi8fwoM6fhYIIC57YYotRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.208.0/20
80.64.96.0/20
81.27.240.0/20
185.5.160.0/22
IPv6:
2a00:1c28::/29
Signature Algorithm: sha256WithRSAEncryption
d9:f0:22:5d:31:3d:4b:e9:0a:77:6d:e6:07:5f:9c:24:a3:6a:
8e:6b:46:50:c7:e7:98:9b:f9:08:76:7a:86:e2:4d:d2:0a:f8:
0d:5d:ac:6e:f6:c5:bd:3f:fe:19:26:41:f2:60:b2:2e:aa:0a:
37:77:40:8e:fe:96:dd:ae:7e:d6:ef:20:c7:af:eb:b8:2e:44:
a4:e4:1c:3d:a5:3b:23:70:2b:40:60:e2:0a:84:0f:b6:ec:41:
22:c0:da:ef:5a:eb:b0:6a:10:cc:37:3c:16:2e:b5:ea:d1:44:
1b:78:8b:04:5c:4f:0c:69:50:2d:50:77:10:fa:2f:ab:30:dd:
8a:a6:36:36:1e:86:38:a9:2c:34:d5:40:c0:78:45:b8:5c:d9:
99:ce:3c:c9:4a:52:7e:1b:be:ce:a3:da:e9:4b:28:78:85:5a:
6e:5f:c7:9c:b1:02:0f:19:97:60:9b:5a:21:09:10:ff:6d:f4:
5b:3e:dc:d3:b6:7a:b9:af:85:9e:f0:ae:9e:ce:bf:32:af:65:
e4:88:44:6b:c6:30:18:c9:85:81:80:7d:16:27:58:f0:a2:23:
9e:af:1d:be:46:4c:c4:d8:51:a6:57:8b:34:fd:70:f9:0b:6a:
51:19:a9:65:e9:92:4f:f8:41:66:27:1e:ff:61:c8:eb:4d:ba:
e3:01:12:ff
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEMBoQdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhhZTgwM2I5YmEzODg1NTQwMTgyN2IzZWVjZTE0NTA1YTljMGY2MB4XDTIyMDEw
MTA0NTc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZhNWUyNjgwOGJj
N2YwYTBjZTlmODU4MjA4MGI5ZWQ4NjI4YjUxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZa55YxmkJNLHotRM8Wga+gN+vm7snoTm5UGTLXkahViD6t
yBHrK3CH5zrdSabb01Ks2eGkPcN8jHDKeK84asUHATSRg6ibeF5I8t1Ay5i0ZaIr
oi6BH3Oxz0mx5HJnd7LfvM6NrJ1ETEmOdCIXrTmDdEz05tIcvTNokeYM01nOS0pR
23W6ifXHqh3+GFxiPlsFw9yCka7Tx6KEwWPq4fToRw+lSh/QRIMY1nn3nQYYdzE7
bfz/JyePWsY60A0Ya0NCMmiKgq1XBdNJz40XrM+IDwFJOacMsiR/5SI/gQoRV89N
JRTONBtH6ffmNEb0ck4L/cwfZXBA5CjfMdalmjUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBT2peJoCLx/Cgzp+FgggLnthii1FzAfBgNVHSMEGDAWgBRWiugDubo4hVQB
gns+7OFFBanA9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Zvcm9BN202T0lWVUFZSjdQdXpoUlFXcHdQWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvMjc4ZDVmLTllZTYtNDQ3Ny05ZmUwLThlYWU4Yjc1ZTljYS8x
LzlxWGlhQWk4ZndvTTZmaFlJSUM1N1lZb3RSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
Mjc4ZDVmLTllZTYtNDQ3Ny05ZmUwLThlYWU4Yjc1ZTljYS8xL1Zvcm9BN202T0lW
VUFZSjdQdXpoUlFXcHdQWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBE+N0AMEBFBAYAMEBFEb8AMEArkF
oDANBAIAAjAHAwUDKgAcKDANBgkqhkiG9w0BAQsFAAOCAQEA2fAiXTE9S+kKd23m
B1+cJKNqjmtGUMfnmJv5CHZ6huJN0gr4DV2sbvbFvT/+GSZB8mCyLqoKN3dAjv6W
3a5+1u8gx6/ruC5EpOQcPaU7I3ArQGDiCoQPtuxBIsDa71rrsGoQzDc8Fi616tFE
G3iLBFxPDGlQLVB3EPovqzDdiqY2Nh6GOKksNNVAwHhFuFzZmc48yUpSfhu+zqPa
6UsoeIVabl/HnLECDxmXYJtaIQkQ/230Wz7c07Z6ua+FnvCuns6/Mq9l5IhEa8Yw
GMmFgYB9FidY8KIjnq8dvkZMxNhRpleLNP1w+QtqURmpZemST/hBZice/2HI6026
4wES/w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:36:51 2025 by rpki-client