Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/m_ky7I6kJV38Rsu7gxnDTl5FAO4.roa
File: m_ky7I6kJV38Rsu7gxnDTl5FAO4.roa (raw, json)
Hash identifier: vvnJj3Y8QFheAMAsj9gkFrnwjluM+AuXqVVo14vRBBc=
Subject key identifier: 9B:F9:32:EC:8E:A4:25:5D:FC:46:CB:BB:83:19:C3:4E:5E:45:00:EE
Certificate issuer: /CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Certificate serial: 13ACC7BC
Authority key identifier: FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/m_ky7I6kJV38Rsu7gxnDTl5FAO4.roa
Signing time: Sat 22 Jan 2022 21:38:13 +0000
ROA not before: Sat 22 Jan 2022 21:38:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47576
IP address blocks: 185.126.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 330090428 (0x13acc7bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Validity
Not Before: Jan 22 21:38:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bf932ec8ea4255dfc46cbbb8319c34e5e4500ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3f:b0:f5:a9:fb:f0:43:fa:47:88:14:e7:4b:
e3:0e:1b:2c:f7:03:d5:f4:be:a1:67:26:cf:47:a3:
c6:4d:94:e8:6c:0a:53:7a:47:bd:56:fc:3e:66:86:
35:b0:d0:56:b0:1d:ab:49:c4:75:c7:21:de:57:1f:
61:5c:8c:3d:8b:76:26:3a:d4:af:65:3c:a8:87:9e:
ce:5a:6a:a7:41:3f:c1:48:fb:80:1d:d4:f7:00:69:
9c:1c:21:5e:3d:b6:c6:8e:81:bd:7c:88:bc:d8:be:
8c:86:0f:4b:99:34:8e:7a:27:7c:02:7c:cc:ae:48:
d5:4c:f3:8f:0b:9e:cc:93:e8:83:b8:1f:81:5f:ca:
cb:01:2e:c2:0c:28:7d:34:55:b2:4d:b4:27:42:c8:
67:7d:69:de:1e:fe:b1:e5:30:01:f7:46:02:2a:25:
fd:0c:35:2a:0c:81:5d:38:9c:e9:3f:3a:6f:62:eb:
84:e7:13:67:c8:e5:d0:a2:0d:82:9e:9a:4d:bc:01:
5d:9c:c4:e4:0c:78:46:f8:6d:86:43:0c:b7:2c:72:
43:b1:71:24:a9:8c:59:c6:ea:f4:45:06:4e:0f:f5:
c7:f1:ee:c0:1f:08:a8:1d:d4:9b:17:d5:61:33:a0:
c6:6f:30:55:56:12:c0:56:c2:88:a7:d9:42:b7:28:
2b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F9:32:EC:8E:A4:25:5D:FC:46:CB:BB:83:19:C3:4E:5E:45:00:EE
X509v3 Authority Key Identifier:
keyid:FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/m_ky7I6kJV38Rsu7gxnDTl5FAO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/_JgxNwQvyMSSFwfU622l9sSnmls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:2e:3f:35:17:46:99:fd:37:0a:06:82:a1:48:c6:63:58:cb:
35:50:e6:a6:f5:e5:12:ca:fc:11:ef:c8:d4:62:c8:8f:dc:68:
b3:14:02:2e:75:d0:a2:ba:bb:87:82:98:78:3c:cd:35:07:4c:
51:9b:21:d8:d4:a0:f3:a7:34:6f:76:91:f0:3e:0d:55:7a:65:
59:73:49:51:2e:29:cd:d7:3b:aa:0a:f1:96:d5:6b:00:0d:3d:
bb:22:85:38:cc:4a:fd:28:43:31:fc:54:7e:12:0f:d9:c7:8b:
ca:77:21:27:cd:7a:ec:e1:07:70:d9:22:c5:2d:7a:2d:19:45:
3a:b9:1e:24:a0:b4:92:32:bb:c2:ad:5a:5a:41:b6:db:d9:ff:
88:cc:a8:c7:2c:b3:84:ae:de:6f:cd:9c:74:6f:27:bd:43:2e:
90:df:af:f7:69:65:e6:95:1a:4a:5f:8d:d9:9c:18:5d:c5:9f:
e5:8b:bb:66:0d:15:ab:c8:35:ea:6e:9f:d1:13:a3:1e:97:5e:
75:b2:a4:81:e5:71:b1:1d:94:48:6b:3f:6f:fe:a0:43:a4:77:
4a:8f:d3:83:ec:70:b3:9f:69:00:db:19:4c:f7:9d:de:25:83:
07:c8:ec:56:6f:e2:65:35:61:10:fa:ea:da:c1:56:a7:d5:1c:
21:b1:0d:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE6zHvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yzk4MzEzNzA0MmZjOGM0OTIxNzA3ZDRlYjZkYTVmNmM0YTc5YTViMB4XDTIyMDEy
MjIxMzgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJmOTMyZWM4ZWE0
MjU1ZGZjNDZjYmJiODMxOWMzNGU1ZTQ1MDBlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMI/sPWp+/BD+keIFOdL4w4bLPcD1fS+oWcmz0ejxk2U6GwK
U3pHvVb8PmaGNbDQVrAdq0nEdcch3lcfYVyMPYt2JjrUr2U8qIeezlpqp0E/wUj7
gB3U9wBpnBwhXj22xo6BvXyIvNi+jIYPS5k0jnonfAJ8zK5I1UzzjwuezJPog7gf
gV/KywEuwgwofTRVsk20J0LIZ31p3h7+seUwAfdGAiol/Qw1KgyBXTic6T86b2Lr
hOcTZ8jl0KINgp6aTbwBXZzE5Ax4RvhthkMMtyxyQ7FxJKmMWcbq9EUGTg/1x/Hu
wB8IqB3UmxfVYTOgxm8wVVYSwFbCiKfZQrcoK38CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSb+TLsjqQlXfxGy7uDGcNOXkUA7jAfBgNVHSMEGDAWgBT8mDE3BC/IxJIX
B9TrbaX2xKeaWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19KZ3hOd1F2eU1TU0Z3ZlU2MjJsOXNTbm1scy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNDIxYzgwLWVkM2EtNDdmZC04ZDJjLTIyNGYxMGE5ODFmZS8x
L21fa3k3STZrSlYzOFJzdTdneG5EVGw1RkFPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NDIxYzgwLWVkM2EtNDdmZC04ZDJjLTIyNGYxMGE5ODFmZS8xL19KZ3hOd1F2eU1T
U0Z3ZlU2MjJsOXNTbm1scy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl+FDANBgkqhkiG9w0BAQsFAAOC
AQEADy4/NRdGmf03CgaCoUjGY1jLNVDmpvXlEsr8Ee/I1GLIj9xosxQCLnXQorq7
h4KYeDzNNQdMUZsh2NSg86c0b3aR8D4NVXplWXNJUS4pzdc7qgrxltVrAA09uyKF
OMxK/ShDMfxUfhIP2ceLynchJ8167OEHcNkixS16LRlFOrkeJKC0kjK7wq1aWkG2
29n/iMyoxyyzhK7eb82cdG8nvUMukN+v92ll5pUaSl+N2ZwYXcWf5Yu7Zg0Vq8g1
6m6f0ROjHpdedbKkgeVxsR2USGs/b/6gQ6R3So/Tg+xws59pANsZTPed3iWDB8js
Vm/iZTVhEPrq2sFWp9UcIbEN8g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:11 2025 by rpki-client