Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/1VMzC-mdytIbquDaHBQaoX3CTYE.roa
File: 1VMzC-mdytIbquDaHBQaoX3CTYE.roa (raw, json)
Hash identifier: T/Mc1nV5nM4kqkRVwoOs3xuWiHlslybziy0qSwTFOTs=
Subject key identifier: D5:53:33:0B:E9:9D:CA:D2:1B:AA:E0:DA:1C:14:1A:A1:7D:C2:4D:81
Certificate issuer: /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial: 02F99B0C
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/1VMzC-mdytIbquDaHBQaoX3CTYE.roa
Signing time: Mon 04 Apr 2022 08:49:06 +0000
ROA not before: Mon 04 Apr 2022 08:49:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201942
IP address blocks: 217.67.164.0/22 maxlen: 22
217.67.172.0/22 maxlen: 24
217.67.168.0/21 maxlen: 21
185.159.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49912588 (0x2f99b0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Validity
Not Before: Apr 4 08:49:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d553330be99dcad21baae0da1c141aa17dc24d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:70:ae:45:d0:29:12:32:bf:18:4d:82:91:
31:a3:60:4e:93:19:92:16:53:2c:f9:ec:90:74:d3:
11:44:9e:7e:85:a2:96:c0:29:99:91:80:3c:ca:7c:
1e:88:94:8b:14:20:8b:78:5a:3e:12:6e:86:10:f8:
63:aa:bb:e3:08:d3:1f:8c:75:93:f0:94:53:d7:10:
d6:3a:4d:ec:98:a4:d7:40:6c:c6:40:4f:35:8f:c6:
91:31:e0:b0:cd:30:53:c1:44:7c:78:b7:e5:2d:6d:
7e:80:2f:31:c5:0e:cc:7a:18:3e:bc:0e:a8:81:24:
ec:2c:24:7e:50:41:7b:3a:cb:c3:5c:95:6d:bf:79:
33:05:f2:12:90:f8:37:86:a4:6b:27:a0:55:73:53:
5c:d7:af:7b:7f:aa:51:39:dd:b3:33:75:0c:f2:a5:
a4:82:71:5e:5b:4a:b0:75:d9:82:60:11:c8:0d:f2:
5d:62:d0:66:0f:a7:0f:0b:8a:ac:54:59:07:15:8e:
72:77:de:df:b9:7e:aa:77:79:3b:50:de:d3:a7:d2:
49:50:23:a8:ee:8a:40:38:44:3f:bd:25:aa:a9:79:
de:6f:83:15:b4:51:05:c0:03:50:8c:57:28:44:ac:
c0:37:f0:1f:20:96:0a:68:0d:94:b9:eb:6a:f3:4a:
26:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:53:33:0B:E9:9D:CA:D2:1B:AA:E0:DA:1C:14:1A:A1:7D:C2:4D:81
X509v3 Authority Key Identifier:
keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/1VMzC-mdytIbquDaHBQaoX3CTYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.40.0/22
217.67.164.0-217.67.175.255
Signature Algorithm: sha256WithRSAEncryption
41:fe:de:08:1d:33:27:c9:e7:96:1d:1a:6c:65:82:03:12:22:
a7:83:21:35:80:e6:55:a5:65:02:d8:b5:f7:78:30:5d:9c:dd:
f9:dd:0c:e7:e1:bf:1b:48:35:a7:16:7d:ec:80:a5:e4:37:43:
01:68:3c:5f:63:a2:8d:af:80:e5:f3:02:67:4b:68:bf:e3:e2:
de:4a:00:0d:18:0c:b1:81:16:c0:82:fa:f1:89:7f:bc:86:98:
a7:a9:75:c3:88:7e:e4:67:a1:7d:4a:28:a6:cb:c5:b1:35:2d:
40:c6:cb:5f:74:85:16:8a:22:dd:b7:bb:91:4a:3f:12:0c:c4:
8d:54:7b:65:15:84:53:a8:8d:ef:53:1e:2b:0e:1a:6e:5f:89:
3f:b5:b7:9f:f5:96:1f:b7:19:17:e7:0c:6c:55:7f:97:ef:f2:
b7:46:88:17:20:e5:12:f1:67:7f:49:2f:ae:c3:6c:c3:b3:84:
7f:6a:18:c0:54:30:fc:67:1a:6e:9b:ee:1c:8c:fa:a2:76:7d:
36:6a:ad:86:1d:35:c5:c3:af:12:fe:10:8b:6f:fd:b6:77:8c:
11:b4:1d:93:5d:9d:63:89:f8:73:ef:a9:93:85:57:c9:7a:ac:
2b:43:7a:1a:64:30:e4:06:f7:c4:9d:36:73:19:03:93:72:5c:
96:96:b9:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEAvmbDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2NlM2IxMTk3ZDBjZjk1MTE1NDA1NzJhNThmZDM3MmRjYzA3NDg5MB4XDTIyMDQw
NDA4NDkwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU1MzMzMGJlOTlk
Y2FkMjFiYWFlMGRhMWMxNDFhYTE3ZGMyNGQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzScK5F0CkSMr8YTYKRMaNgTpMZkhZTLPnskHTTEUSefoWi
lsApmZGAPMp8HoiUixQgi3haPhJuhhD4Y6q74wjTH4x1k/CUU9cQ1jpN7Jik10Bs
xkBPNY/GkTHgsM0wU8FEfHi35S1tfoAvMcUOzHoYPrwOqIEk7CwkflBBezrLw1yV
bb95MwXyEpD4N4akayegVXNTXNeve3+qUTndszN1DPKlpIJxXltKsHXZgmARyA3y
XWLQZg+nDwuKrFRZBxWOcnfe37l+qnd5O1De06fSSVAjqO6KQDhEP70lqql53m+D
FbRRBcADUIxXKESswDfwHyCWCmgNlLnravNKJiECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTVUzML6Z3K0huq4NocFBqhfcJNgTAfBgNVHSMEGDAWgBSczjsRl9DPlRFU
BXKlj9Ny3MB0iTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25NNDdFWmZRejVVUlZBVnlwWV9UY3R6QWRJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvNGYyMzY3LTczZjMtNDgxNi1iZWE4LWEwNDVmZjhlMmFjMC8x
LzFWTXpDLW1keXRJYnF1RGFIQlFhb1gzQ1RZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
NGYyMzY3LTczZjMtNDgxNi1iZWE4LWEwNDVmZjhlMmFjMC8xL25NNDdFWmZRejVV
UlZBVnlwWV9UY3R6QWRJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArmfKDAMAwQC2UOkAwQE2UOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBB/t4IHTMnyeeWHRpsZYIDEiKngyE1gOZVpWUC2LX3
eDBdnN353Qzn4b8bSDWnFn3sgKXkN0MBaDxfY6KNr4Dl8wJnS2i/4+LeSgANGAyx
gRbAgvrxiX+8hpinqXXDiH7kZ6F9Siimy8WxNS1AxstfdIUWiiLdt7uRSj8SDMSN
VHtlFYRTqI3vUx4rDhpuX4k/tbef9ZYftxkX5wxsVX+X7/K3RogXIOUS8Wd/SS+u
w2zDs4R/ahjAVDD8Zxpum+4cjPqidn02aq2GHTXFw68S/hCLb/22d4wRtB2TXZ1j
ifhz76mThVfJeqwrQ3oaZDDkBvfEnTZzGQOTclyWlrms
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:27 2025 by rpki-client