Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/2fqbBCrvug4MLFWl92f6h79GmdE.roa
File: 2fqbBCrvug4MLFWl92f6h79GmdE.roa (raw, json)
Hash identifier: 2I4zOr3og/awvt+WLbxr72Kg9Io6htnYvjtO4RhXVco=
Subject key identifier: D9:FA:9B:04:2A:EF:BA:0E:0C:2C:55:A5:F7:67:FA:87:BF:46:99:D1
Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial: 01863A9F10B1A0CAD7F9EFF521DF327BF0EC
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/2fqbBCrvug4MLFWl92f6h79GmdE.roa
Signing time: Fri 10 Feb 2023 09:19:08 +0000
ROA not before: Fri 10 Feb 2023 09:19:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 37.9.176.0/21 maxlen: 24
185.20.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:9f:10:b1:a0:ca:d7:f9:ef:f5:21:df:32:7b:f0:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Validity
Not Before: Feb 10 09:19:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9fa9b042aefba0e0c2c55a5f767fa87bf4699d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:16:4d:4d:d6:98:95:55:87:02:8c:45:5a:
1e:36:24:2b:f3:bf:ff:63:81:de:bf:70:ad:16:4c:
63:b8:13:10:3c:d7:5a:ab:4b:2d:24:f0:4d:49:25:
d9:bf:09:16:5c:62:30:ed:62:04:ab:78:d2:16:45:
50:a9:6d:d6:09:26:e2:50:6c:d3:e8:d2:07:c3:b3:
3e:8a:02:1e:f2:b4:10:61:96:34:b5:99:7e:b4:98:
0d:8f:44:73:89:c7:a9:71:83:1d:bf:69:4d:3d:9f:
3e:99:dd:93:f4:2f:96:7f:3d:a5:c6:b7:f0:e0:6f:
07:30:84:a5:55:82:8b:9c:bb:2e:46:12:3a:c1:4c:
bb:41:2f:a9:25:f3:89:64:68:eb:83:77:e2:af:50:
aa:0e:24:a5:ff:1e:81:a3:50:dd:f1:53:07:fb:1f:
63:61:1f:ce:e9:05:a1:5d:ec:98:ea:74:b5:c6:48:
05:eb:f7:72:f7:bb:d3:fa:5b:d8:a3:2c:f8:2b:30:
7b:55:a9:f6:ff:53:41:4f:3f:b1:56:74:bf:84:79:
cd:2d:5a:b3:f8:f2:12:44:d4:61:1f:a7:7f:e9:5f:
03:78:85:f6:c4:2b:ac:d5:56:c9:5a:3b:a6:e2:9d:
7c:e6:90:dc:7a:64:a7:b2:2b:bc:b0:e7:0e:c5:79:
25:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FA:9B:04:2A:EF:BA:0E:0C:2C:55:A5:F7:67:FA:87:BF:46:99:D1
X509v3 Authority Key Identifier:
keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/2fqbBCrvug4MLFWl92f6h79GmdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.176.0/21
185.20.212.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:9b:3e:54:47:58:62:3e:0f:52:10:81:13:4a:f3:1e:27:f5:
44:1b:02:75:f4:d5:d2:4e:27:58:e5:c8:22:97:8d:ec:cb:e5:
b2:4b:17:4c:86:d0:32:f7:a8:30:cd:3a:e7:0c:30:22:13:ff:
a2:d7:9f:7a:49:c1:20:bc:d7:cc:27:34:97:7a:d6:a8:24:fd:
d9:69:8a:da:16:a6:1f:df:ae:8a:b0:c1:6f:ad:0e:60:8f:71:
eb:0d:38:b0:45:93:c0:a9:2b:6b:1c:3a:50:a4:e3:90:6a:17:
d9:b9:63:e3:aa:53:f7:0c:e0:8d:40:22:09:6c:e3:e4:c5:c2:
2a:45:4a:16:ea:28:c5:4e:16:7e:8a:8d:fc:ca:0c:dc:be:c6:
c6:df:d5:4f:78:80:b0:51:69:af:50:98:e4:71:4b:4b:c0:b2:
f2:db:9b:ec:7c:05:27:94:f7:53:13:af:10:ab:6c:0a:f0:ea:
68:ab:7b:70:0d:ed:b8:5a:e2:9d:9c:35:9a:b6:34:26:64:f4:
9e:dd:81:6f:18:73:62:2d:77:36:6e:60:de:e3:21:df:a8:68:
b2:7f:9c:8c:e0:6d:d5:60:2a:91:ec:18:82:fe:e1:07:7a:9d:
24:07:e7:23:c5:14:de:33:a4:32:78:05:fb:ca:dd:4e:1d:9c:
2b:04:9f:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY6nxCxoMrX+e/1Id8ye/DsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVk
MTZkYjMwHhcNMjMwMjEwMDkxOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZhOWIwNDJhZWZiYTBlMGMyYzU1YTVmNzY3ZmE4N2JmNDY5OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf4WTU3WmJVVhwKMRVoeNiQr87//
Y4Hev3CtFkxjuBMQPNdaq0stJPBNSSXZvwkWXGIw7WIEq3jSFkVQqW3WCSbiUGzT
6NIHw7M+igIe8rQQYZY0tZl+tJgNj0RzicepcYMdv2lNPZ8+md2T9C+Wfz2lxrfw
4G8HMISlVYKLnLsuRhI6wUy7QS+pJfOJZGjrg3fir1CqDiSl/x6Bo1Dd8VMH+x9j
YR/O6QWhXeyY6nS1xkgF6/dy97vT+lvYoyz4KzB7Van2/1NBTz+xVnS/hHnNLVqz
+PISRNRhH6d/6V8DeIX2xCus1VbJWjum4p185pDcemSnsiu8sOcOxXklIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNn6mwQq77oODCxVpfdn+oe/RpnRMB8GA1UdIwQY
MBaAFA9nH+w48AxALzBm8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTIt
OTc3MzA1YzcwMDUxLzEvMmZxYkJDcnZ1ZzRNTEZXbDkyZjZoNzlHbWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUx
LzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJQmwAwQC
uRTUMA0GCSqGSIb3DQEBCwUAA4IBAQALmz5UR1hiPg9SEIETSvMeJ/VEGwJ19NXS
TidY5cgil43sy+WySxdMhtAy96gwzTrnDDAiE/+i1596ScEgvNfMJzSXetaoJP3Z
aYraFqYf366KsMFvrQ5gj3HrDTiwRZPAqStrHDpQpOOQahfZuWPjqlP3DOCNQCIJ
bOPkxcIqRUoW6ijFThZ+io38ygzcvsbG39VPeICwUWmvUJjkcUtLwLLy25vsfAUn
lPdTE68Qq2wK8Opoq3twDe24WuKdnDWatjQmZPSe3YFvGHNiLXc2bmDe4yHfqGiy
f5yM4G3VYCqR7BiC/uEHep0kB+cjxRTeM6QyeAX7yt1OHZwrBJ9X
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:43:46 2025 by rpki-client