Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/ntOHwJU80IUaT68kjV6mFQGcLmM.roa
File: ntOHwJU80IUaT68kjV6mFQGcLmM.roa (raw, json)
Hash identifier: g55zJRhnpfcnd4wTQMzuj5wbtEkFYGZU9LB5ex1sTCc=
Subject key identifier: 9E:D3:87:C0:95:3C:D0:85:1A:4F:AF:24:8D:5E:A6:15:01:9C:2E:63
Certificate issuer: /CN=bf5bdc4106adde89e1ce9c32b807b2082ebb9944
Certificate serial: 06229785
Authority key identifier: BF:5B:DC:41:06:AD:DE:89:E1:CE:9C:32:B8:07:B2:08:2E:BB:99:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1vcQQat3onhzpwyuAeyCC67mUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/ntOHwJU80IUaT68kjV6mFQGcLmM.roa
Signing time: Sat 01 Jan 2022 04:01:01 +0000
ROA not before: Sat 01 Jan 2022 04:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62276
IP address blocks: 185.40.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102930309 (0x6229785)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5bdc4106adde89e1ce9c32b807b2082ebb9944
Validity
Not Before: Jan 1 04:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ed387c0953cd0851a4faf248d5ea615019c2e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3e:4b:9a:40:61:0a:59:f0:18:a6:4b:de:4d:
eb:02:bf:bf:c3:e8:cc:52:cb:a5:98:7b:28:9b:cc:
45:c2:89:62:f6:da:27:bf:e4:bc:a0:20:ae:f2:7b:
23:1c:4b:b2:8f:f4:62:a4:36:f9:8c:28:a9:fd:38:
9f:db:5c:05:27:6b:08:1c:c8:10:4e:01:fe:8b:ba:
79:79:33:3e:96:e1:e9:47:0a:55:10:8d:56:4c:25:
d6:14:15:93:11:c0:2c:3d:36:44:d8:b5:7e:08:4c:
40:b4:04:b9:77:6c:f7:13:3c:b1:3e:5c:c8:36:44:
32:c4:db:18:e6:d2:f2:ec:eb:a8:17:87:80:c4:9b:
3d:85:3d:bd:cb:eb:1e:a6:6a:8c:f6:8b:a2:76:40:
04:75:33:9c:cc:d0:de:ef:a4:d5:ae:86:df:ed:7f:
1c:2f:2f:bd:a1:20:e5:e2:6c:3d:9f:0f:47:d2:91:
33:40:1c:d0:d4:5d:8d:ca:df:02:99:fe:72:72:ba:
80:87:3f:5b:da:71:23:e0:e9:18:e1:eb:cb:67:d4:
f8:49:1e:0e:35:91:36:3f:1e:75:a9:49:68:fe:87:
4b:f5:03:2f:c9:e7:4b:4d:2e:7b:0b:ea:02:6e:66:
ff:08:c4:7c:2e:34:f0:a8:0d:e9:a2:8d:8d:20:59:
bd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D3:87:C0:95:3C:D0:85:1A:4F:AF:24:8D:5E:A6:15:01:9C:2E:63
X509v3 Authority Key Identifier:
keyid:BF:5B:DC:41:06:AD:DE:89:E1:CE:9C:32:B8:07:B2:08:2E:BB:99:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1vcQQat3onhzpwyuAeyCC67mUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/ntOHwJU80IUaT68kjV6mFQGcLmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/v1vcQQat3onhzpwyuAeyCC67mUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.168.0/22
Signature Algorithm: sha256WithRSAEncryption
78:0a:b3:c5:8a:18:f9:27:3d:bf:2c:1b:cd:32:15:e3:13:f8:
b1:29:59:f9:9e:be:3e:92:cd:ca:30:c9:7e:df:ec:7f:9e:c4:
15:f0:b7:ea:fa:1c:b5:21:d3:83:4a:ab:3b:1e:f0:f5:d0:15:
0b:ab:ca:f7:6a:70:67:8b:0f:48:30:68:48:7c:30:82:d3:72:
87:a8:08:8f:5a:e7:d1:1f:18:e2:f0:22:ec:6c:fc:5c:11:cc:
63:01:db:5d:6b:85:25:78:28:45:fc:2f:c9:2a:14:0f:f0:6f:
4a:cf:4a:00:3a:a4:e7:de:0b:4a:b8:3e:ad:31:40:0c:2f:52:
83:cb:ad:88:ab:bb:19:85:f0:c4:c4:e1:e7:f2:4f:60:b6:62:
79:ad:1e:d6:c9:b0:d3:68:f4:04:74:a1:a9:d9:fa:57:49:66:
4c:24:f2:72:ea:7a:ea:24:b4:13:07:99:5b:12:68:df:ad:a1:
b9:89:c0:89:2b:87:c7:1b:60:a0:f5:ba:70:58:09:c9:84:f5:
fa:3e:cc:9b:8a:62:22:a7:10:eb:b3:e9:74:8e:50:57:87:c3:
31:53:00:62:3f:60:de:46:d3:fb:b1:4c:ed:4a:b0:73:4d:9d:
46:d3:dc:86:8a:e7:ac:19:0c:87:1e:ea:23:fa:67:9c:d4:d9:
6a:7a:55:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBiKXhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjViZGM0MTA2YWRkZTg5ZTFjZTljMzJiODA3YjIwODJlYmI5OTQ0MB4XDTIyMDEw
MTA0MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVkMzg3YzA5NTNj
ZDA4NTFhNGZhZjI0OGQ1ZWE2MTUwMTljMmU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANo+S5pAYQpZ8BimS95N6wK/v8PozFLLpZh7KJvMRcKJYvba
J7/kvKAgrvJ7IxxLso/0YqQ2+Ywoqf04n9tcBSdrCBzIEE4B/ou6eXkzPpbh6UcK
VRCNVkwl1hQVkxHALD02RNi1fghMQLQEuXds9xM8sT5cyDZEMsTbGObS8uzrqBeH
gMSbPYU9vcvrHqZqjPaLonZABHUznMzQ3u+k1a6G3+1/HC8vvaEg5eJsPZ8PR9KR
M0Ac0NRdjcrfApn+cnK6gIc/W9pxI+DpGOHry2fU+EkeDjWRNj8edalJaP6HS/UD
L8nnS00uewvqAm5m/wjEfC408KgN6aKNjSBZvQ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSe04fAlTzQhRpPrySNXqYVAZwuYzAfBgNVHSMEGDAWgBS/W9xBBq3eieHO
nDK4B7IILruZRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YxdmNRUWF0M29uaHpwd3l1QWV5Q0M2N21VUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvMmQxYTBhLTcxY2MtNGY1Ny1hYTYzLWJlZGFjMTBhYWNkYy8x
L250T0h3SlU4MElVYVQ2OGtqVjZtRlFHY0xtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
MmQxYTBhLTcxY2MtNGY1Ny1hYTYzLWJlZGFjMTBhYWNkYy8xL3YxdmNRUWF0M29u
aHpwd3l1QWV5Q0M2N21VUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkoqDANBgkqhkiG9w0BAQsFAAOC
AQEAeAqzxYoY+Sc9vywbzTIV4xP4sSlZ+Z6+PpLNyjDJft/sf57EFfC36voctSHT
g0qrOx7w9dAVC6vK92pwZ4sPSDBoSHwwgtNyh6gIj1rn0R8Y4vAi7Gz8XBHMYwHb
XWuFJXgoRfwvySoUD/BvSs9KADqk594LSrg+rTFADC9Sg8utiKu7GYXwxMTh5/JP
YLZiea0e1smw02j0BHShqdn6V0lmTCTycup66iS0EweZWxJo362huYnAiSuHxxtg
oPW6cFgJyYT1+j7Mm4piIqcQ67PpdI5QV4fDMVMAYj9g3kbT+7FM7Uqwc02dRtPc
hornrBkMhx7qI/pnnNTZanpV5A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:03:50 2025 by rpki-client