Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/00a9f9-14a1-4c96-8223-eeb6fd32e92f/1/v9k46tAqjNBeplziAZO21wAoKPg.roa
File: v9k46tAqjNBeplziAZO21wAoKPg.roa (raw, json)
Hash identifier: ot5vzfZ6UMfjBKULzz57VyuluOb7GNKWVCbRHRTyeVo=
Subject key identifier: BF:D9:38:EA:D0:2A:8C:D0:5E:A6:5C:E2:01:93:B6:D7:00:28:28:F8
Certificate issuer: /CN=dec0f14fac8ddb348037280076cc36614da305ec
Certificate serial: 0925EEC6
Authority key identifier: DE:C0:F1:4F:AC:8D:DB:34:80:37:28:00:76:CC:36:61:4D:A3:05:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3sDxT6yN2zSANygAdsw2YU2jBew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/00a9f9-14a1-4c96-8223-eeb6fd32e92f/1/v9k46tAqjNBeplziAZO21wAoKPg.roa
Signing time: Sat 01 Jan 2022 14:59:10 +0000
ROA not before: Sat 01 Jan 2022 14:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209793
IP address blocks: 185.127.200.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153480902 (0x925eec6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dec0f14fac8ddb348037280076cc36614da305ec
Validity
Not Before: Jan 1 14:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfd938ead02a8cd05ea65ce20193b6d7002828f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:fd:e4:91:b4:9c:e6:96:f3:63:b2:47:c5:
c9:b7:15:e9:93:8d:cd:c6:a8:a7:5e:2c:5b:81:02:
36:08:4d:e0:fe:96:92:7d:f1:7c:04:ac:dc:56:c8:
aa:ac:72:f3:d2:c5:f9:2d:b2:06:cb:50:d7:22:3f:
b2:aa:23:e2:c0:62:4c:39:57:37:d4:22:4b:69:5e:
de:bc:73:8d:53:ad:82:ac:2e:7e:8a:02:0b:3b:d0:
3f:44:5c:6a:2b:3d:05:92:c2:cf:0d:35:97:4d:52:
df:c4:f4:20:ea:ee:3d:c9:e1:18:e0:00:23:e9:ae:
42:90:4f:a0:e4:7e:36:76:b7:8a:7e:19:79:2e:18:
8e:c6:65:04:04:b8:36:cd:3c:97:5c:fe:43:8f:8d:
09:f6:89:5d:1d:c3:e5:27:7e:7b:34:29:6f:04:e3:
15:45:85:46:b5:b4:a8:57:a7:7e:48:d8:0c:c9:8e:
26:89:89:f8:47:83:09:ec:26:0b:dc:1e:0c:01:e1:
4f:0e:f2:1c:8e:b2:ab:81:d6:e5:83:f4:ee:0e:0f:
f0:0a:1a:ff:e8:5c:e2:ae:35:c3:55:12:18:86:09:
38:4a:c7:62:eb:ff:83:37:2b:9b:5a:9b:15:22:a3:
85:c5:f2:91:b9:68:9b:1e:f8:5c:4d:81:1d:d6:87:
51:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D9:38:EA:D0:2A:8C:D0:5E:A6:5C:E2:01:93:B6:D7:00:28:28:F8
X509v3 Authority Key Identifier:
keyid:DE:C0:F1:4F:AC:8D:DB:34:80:37:28:00:76:CC:36:61:4D:A3:05:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3sDxT6yN2zSANygAdsw2YU2jBew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/00a9f9-14a1-4c96-8223-eeb6fd32e92f/1/v9k46tAqjNBeplziAZO21wAoKPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/00a9f9-14a1-4c96-8223-eeb6fd32e92f/1/3sDxT6yN2zSANygAdsw2YU2jBew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:1c:f8:05:c4:1d:08:01:a3:2e:19:3a:e3:95:9e:e0:0f:75:
9b:45:eb:42:8f:0f:76:7c:b3:2c:a3:57:0e:ff:0b:38:27:c5:
d0:87:55:2b:57:79:65:a6:95:39:24:c8:28:3e:ec:06:73:82:
bc:af:62:4b:db:64:34:fe:a8:c2:21:fb:2c:eb:3e:cc:ce:f6:
3f:28:f6:22:ca:eb:1d:49:d9:cd:3b:71:f8:cd:3f:56:d5:b0:
93:69:ab:ba:97:4b:d1:c7:65:e6:1c:5f:bb:6c:a7:01:25:18:
b2:f3:75:02:e3:f7:7e:9d:73:37:fc:ff:7f:d1:85:2b:67:cc:
14:dc:d0:58:b3:23:e5:67:cf:0b:53:f1:2d:ec:79:ea:76:6f:
9c:d3:d0:13:4a:9e:49:b6:23:d8:42:69:71:02:20:6a:31:75:
bc:7a:30:9c:87:4d:4c:86:ef:59:39:48:d4:3d:52:b7:9f:ce:
d3:e3:d9:08:55:de:46:66:ab:ee:db:e0:e0:db:3f:f9:83:68:
68:6b:52:0a:7b:92:f3:ee:27:a9:27:cd:5c:a5:e2:33:e0:67:
eb:dc:de:a1:b7:4b:5f:7b:e0:26:29:da:92:53:dd:eb:8e:f4:
78:c1:7e:16:a2:fe:53:69:53:1a:a5:21:cc:ee:1f:ca:62:e0:
ae:56:c7:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECSXuxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZWMwZjE0ZmFjOGRkYjM0ODAzNzI4MDA3NmNjMzY2MTRkYTMwNWVjMB4XDTIyMDEw
MTE0NTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkOTM4ZWFkMDJh
OGNkMDVlYTY1Y2UyMDE5M2I2ZDcwMDI4MjhmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7W/eSRtJzmlvNjskfFybcV6ZONzcaop14sW4ECNghN4P6W
kn3xfASs3FbIqqxy89LF+S2yBstQ1yI/sqoj4sBiTDlXN9QiS2le3rxzjVOtgqwu
fooCCzvQP0Rcais9BZLCzw01l01S38T0IOruPcnhGOAAI+muQpBPoOR+Nna3in4Z
eS4YjsZlBAS4Ns08l1z+Q4+NCfaJXR3D5Sd+ezQpbwTjFUWFRrW0qFenfkjYDMmO
JomJ+EeDCewmC9weDAHhTw7yHI6yq4HW5YP07g4P8Aoa/+hc4q41w1USGIYJOErH
Yuv/gzcrm1qbFSKjhcXykblomx74XE2BHdaHUQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/2Tjq0CqM0F6mXOIBk7bXACgo+DAfBgNVHSMEGDAWgBTewPFPrI3bNIA3
KAB2zDZhTaMF7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNzRHhUNnlOMnpTQU55Z0Fkc3cyWVUyakJldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMDBhOWY5LTE0YTEtNGM5Ni04MjIzLWVlYjZmZDMyZTkyZi8x
L3Y5azQ2dEFxak5CZXBsemlBWk8yMXdBb0tQZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
MDBhOWY5LTE0YTEtNGM5Ni04MjIzLWVlYjZmZDMyZTkyZi8xLzNzRHhUNnlOMnpT
QU55Z0Fkc3cyWVUyakJldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl/yDANBgkqhkiG9w0BAQsFAAOC
AQEAixz4BcQdCAGjLhk645We4A91m0XrQo8PdnyzLKNXDv8LOCfF0IdVK1d5ZaaV
OSTIKD7sBnOCvK9iS9tkNP6owiH7LOs+zM72Pyj2IsrrHUnZzTtx+M0/VtWwk2mr
updL0cdl5hxfu2ynASUYsvN1AuP3fp1zN/z/f9GFK2fMFNzQWLMj5WfPC1PxLex5
6nZvnNPQE0qeSbYj2EJpcQIgajF1vHownIdNTIbvWTlI1D1St5/O0+PZCFXeRmar
7tvg4Ns/+YNoaGtSCnuS8+4nqSfNXKXiM+Bn69zeobdLX3vgJinaklPd6470eMF+
FqL+U2lTGqUhzO4fymLgrlbHqQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:48 2025 by rpki-client