Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/CzYQMDHDdYte_Hw7cY5ghmsVxhw.roa
File: CzYQMDHDdYte_Hw7cY5ghmsVxhw.roa (raw, json)
Hash identifier: at3vxpGGM5aNSutDd3a0LJfonEJdLTqQHPS4N1dhH7U=
Subject key identifier: 0B:36:10:30:31:C3:75:8B:5E:FC:7C:3B:71:8E:60:86:6B:15:C6:1C
Certificate issuer: /CN=c9633fa6fc66b43639c056d02174f80c2426614b
Certificate serial: 0ACFBF36
Authority key identifier: C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/CzYQMDHDdYte_Hw7cY5ghmsVxhw.roa
Signing time: Sat 01 Jan 2022 04:53:19 +0000
ROA not before: Sat 01 Jan 2022 04:53:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133530
IP address blocks: 185.166.140.0/24 maxlen: 24
2a0a:ea00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181387062 (0xacfbf36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9633fa6fc66b43639c056d02174f80c2426614b
Validity
Not Before: Jan 1 04:53:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b36103031c3758b5efc7c3b718e60866b15c61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d4:3d:83:3f:75:a9:1b:d5:36:3c:17:17:79:
22:e8:77:e1:42:2a:c8:1f:87:79:5c:9f:ab:74:34:
e6:0d:f8:d8:37:a9:0a:06:77:96:8a:35:c6:c0:09:
92:44:c1:e1:75:37:5b:eb:f3:78:fb:c2:ad:5e:97:
a4:25:69:ce:9b:80:02:73:86:42:d6:67:ad:87:36:
b4:23:c6:8a:99:e8:ae:55:6d:90:2f:6a:f1:6e:44:
ec:b7:ff:27:7c:e5:ba:58:72:cd:96:31:f9:39:da:
3d:eb:27:f5:f7:90:a6:78:4a:28:a3:5e:4a:82:92:
d9:9c:a0:8a:c1:58:64:b8:6f:dd:97:4b:04:dc:b8:
94:5f:fa:a1:28:d5:5f:9d:d5:3b:0d:7a:df:02:d9:
1e:9c:2c:11:fe:0b:07:83:2f:12:ee:69:68:3e:a7:
41:b2:3d:2e:29:b2:f6:74:14:17:26:49:39:e7:66:
7c:e0:49:e0:46:7d:5c:14:51:9a:0a:1c:ba:71:9e:
c7:f3:1d:b1:ef:99:4f:5d:4e:4c:67:56:69:8b:bb:
8e:87:64:93:2d:be:a3:e7:7e:96:93:ea:04:19:69:
90:6d:85:ad:33:d7:ba:84:14:7d:e8:a6:fd:1b:ae:
3a:7b:b2:23:cc:ab:1e:c2:06:45:81:17:d9:23:e8:
54:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:36:10:30:31:C3:75:8B:5E:FC:7C:3B:71:8E:60:86:6B:15:C6:1C
X509v3 Authority Key Identifier:
keyid:C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/CzYQMDHDdYte_Hw7cY5ghmsVxhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/yWM_pvxmtDY5wFbQIXT4DCQmYUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.140.0/24
IPv6:
2a0a:ea00::/32
Signature Algorithm: sha256WithRSAEncryption
69:cc:92:03:3a:2e:60:77:65:59:72:e1:d7:14:03:06:cb:c5:
54:95:d4:2b:92:41:a3:f5:82:f9:35:2e:f3:18:71:49:03:2e:
84:18:84:4c:cf:31:53:5e:b7:da:4c:aa:01:6e:3a:f6:9a:51:
e9:01:70:33:22:e0:2e:41:f8:f3:7e:1a:0a:6a:c3:b4:38:0c:
ae:c8:12:c0:c6:50:ae:f2:c2:62:3a:7f:87:3d:9b:13:4c:f9:
e2:91:b5:2e:d8:a5:c7:b5:9c:60:d8:20:8b:82:0e:57:12:bd:
a8:c3:64:d1:68:1c:e8:74:e5:78:f2:a8:f8:fd:f4:70:e1:8f:
34:22:05:2d:6c:23:e0:fc:20:89:94:77:c7:d2:d7:57:09:fa:
02:be:5a:6a:63:f4:b9:7d:2b:80:b8:56:3b:c6:e2:9a:cb:6f:
f2:6b:e6:41:96:0b:db:98:18:9a:ba:d5:58:ab:7c:f9:54:0c:
87:4d:ec:b2:d6:2d:29:cb:46:21:1a:62:36:ac:6b:17:83:90:
e9:6c:88:29:a7:b6:35:cc:4c:03:eb:af:b4:60:a9:a8:a6:9c:
dd:ee:cf:5a:2b:80:b2:89:02:44:04:95:4e:57:42:bb:a6:32:
24:e2:94:9d:29:9e:ef:94:dc:1c:1d:c7:89:a5:84:bf:d1:68:
b1:f8:58:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECs+/NjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OTYzM2ZhNmZjNjZiNDM2MzljMDU2ZDAyMTc0ZjgwYzI0MjY2MTRiMB4XDTIyMDEw
MTA0NTMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIzNjEwMzAzMWMz
NzU4YjVlZmM3YzNiNzE4ZTYwODY2YjE1YzYxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPUPYM/dakb1TY8Fxd5Iuh34UIqyB+HeVyfq3Q05g342Dep
CgZ3loo1xsAJkkTB4XU3W+vzePvCrV6XpCVpzpuAAnOGQtZnrYc2tCPGipnorlVt
kC9q8W5E7Lf/J3zlulhyzZYx+TnaPesn9feQpnhKKKNeSoKS2ZygisFYZLhv3ZdL
BNy4lF/6oSjVX53VOw163wLZHpwsEf4LB4MvEu5paD6nQbI9Limy9nQUFyZJOedm
fOBJ4EZ9XBRRmgocunGex/Mdse+ZT11OTGdWaYu7jodkky2+o+d+lpPqBBlpkG2F
rTPXuoQUfeim/RuuOnuyI8yrHsIGRYEX2SPoVI0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQLNhAwMcN1i178fDtxjmCGaxXGHDAfBgNVHSMEGDAWgBTJYz+m/Ga0NjnA
VtAhdPgMJCZhSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lXTV9wdnhtdERZNXdGYlFJWFQ0RENRbVlVcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvOWNiMzI5LTBmZTktNGZmZS1iZTVmLTAzOGE1NGUzOTEyZi8x
L0N6WVFNREhEZFl0ZV9IdzdjWTVnaG1zVnhody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
OWNiMzI5LTBmZTktNGZmZS1iZTVmLTAzOGE1NGUzOTEyZi8xL3lXTV9wdnhtdERZ
NXdGYlFJWFQ0RENRbVlVcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALmmjDANBAIAAjAHAwUAKgrqADAN
BgkqhkiG9w0BAQsFAAOCAQEAacySAzouYHdlWXLh1xQDBsvFVJXUK5JBo/WC+TUu
8xhxSQMuhBiETM8xU1632kyqAW469ppR6QFwMyLgLkH4834aCmrDtDgMrsgSwMZQ
rvLCYjp/hz2bE0z54pG1Ltilx7WcYNggi4IOVxK9qMNk0Wgc6HTlePKo+P30cOGP
NCIFLWwj4PwgiZR3x9LXVwn6Ar5aamP0uX0rgLhWO8bimstv8mvmQZYL25gYmrrV
WKt8+VQMh03sstYtKctGIRpiNqxrF4OQ6WyIKae2NcxMA+uvtGCpqKac3e7PWiuA
sokCRASVTldCu6YyJOKUnSme75TcHB3HiaWEv9FosfhYig==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:00:37 2025 by rpki-client