Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/G9o_y19iJM7_uYgCouWAPpitotA.roa
File: G9o_y19iJM7_uYgCouWAPpitotA.roa (raw, json)
Hash identifier: cCYebMl9dmAc0UBLeCDJzCO3XlD7bowVoka1Lpb1wPs=
Subject key identifier: 1B:DA:3F:CB:5F:62:24:CE:FF:B9:88:02:A2:E5:80:3E:98:AD:A2:D0
Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial: D11C26
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/G9o_y19iJM7_uYgCouWAPpitotA.roa
Signing time: Wed 16 Mar 2022 16:06:21 +0000
ROA not before: Wed 16 Mar 2022 16:06:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.9.178.0/24 maxlen: 24
37.9.176.0/24 maxlen: 24
37.9.179.0/24 maxlen: 24
37.9.176.0/21 maxlen: 21
37.9.183.0/24 maxlen: 24
37.9.180.0/23 maxlen: 24
185.20.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13704230 (0xd11c26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Validity
Not Before: Mar 16 16:06:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bda3fcb5f6224ceffb98802a2e5803e98ada2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:50:47:61:d9:36:99:98:e3:22:87:7c:4d:3b:
63:68:3b:53:0b:59:47:4e:48:7a:55:ec:25:5e:38:
f3:eb:9b:a7:ee:0e:1b:bd:19:6e:5a:81:2f:34:44:
58:29:88:ab:b3:bf:dc:e7:41:87:dd:7d:5e:99:26:
56:29:e6:a6:3e:3d:59:b8:05:53:c3:5a:a5:97:51:
d5:5f:cf:29:67:d4:81:00:8f:ec:5f:df:58:da:3e:
4a:58:70:86:bc:c8:9e:19:11:60:5d:c0:f2:7c:de:
5e:c1:ad:91:21:bf:5e:1c:24:aa:cc:a0:29:94:ad:
1c:d1:f1:08:d1:1b:3a:c5:a8:7e:27:c4:f6:a4:90:
c9:46:e5:ca:9f:9e:ca:45:9a:49:99:92:c2:f4:cf:
33:fa:39:77:cc:f1:f6:d2:dc:0d:1c:5d:81:ca:89:
14:fd:58:b0:d2:41:24:ea:23:e1:70:79:fd:53:be:
8c:2a:87:3e:e2:81:00:45:2c:31:8a:2e:ba:eb:81:
23:26:e0:bd:ef:51:bd:28:43:5c:89:cc:ca:1e:8b:
87:53:59:07:15:9b:f3:3b:30:76:12:dd:e5:74:08:
d9:00:2b:01:f1:d3:cb:96:71:66:e3:42:59:0a:a2:
55:f6:b2:8a:c4:3d:07:f9:cf:e4:8d:c5:9d:3a:a1:
46:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DA:3F:CB:5F:62:24:CE:FF:B9:88:02:A2:E5:80:3E:98:AD:A2:D0
X509v3 Authority Key Identifier:
keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/G9o_y19iJM7_uYgCouWAPpitotA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.176.0/21
185.20.212.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:37:33:96:25:6f:08:f7:a6:cb:50:4f:5a:83:ec:51:2c:a3:
39:05:ce:d4:c5:66:bb:33:86:c9:11:d8:17:1b:61:04:c5:a0:
49:9b:8b:74:74:ef:bd:63:6e:39:85:e8:5d:f1:a7:7d:b6:3b:
20:37:5b:04:b7:64:61:58:67:73:d2:a4:d1:67:59:02:cf:c6:
f7:a2:45:cc:6d:63:ba:19:1f:7f:76:f3:b4:87:f0:0c:d1:9b:
05:86:27:95:b3:59:27:2f:67:5f:5b:66:f4:47:bb:e2:70:ce:
81:8d:a0:c8:f7:1d:d6:96:76:19:f3:7f:95:08:22:fd:79:70:
d4:b5:eb:bf:d7:49:77:90:0e:1a:a9:68:32:b0:da:fa:5f:c6:
6d:f1:5c:06:23:fa:b4:b4:56:ec:55:69:4f:93:1d:7b:4f:5f:
34:01:82:8b:94:04:e9:6a:bc:1b:06:ca:d0:03:d7:87:09:92:
ac:61:d3:68:e9:ac:e0:3f:8f:b1:e3:50:d4:1e:bf:bd:97:a9:
ce:22:ff:e8:df:c6:3e:c3:05:62:c6:82:5d:fb:97:4c:b3:de:
a8:54:dd:fc:a0:0d:35:89:1c:ce:aa:e3:e4:49:93:22:b6:28:
cf:7d:4c:60:92:57:f1:a4:fd:82:e6:25:ce:3c:7d:8b:92:3c:
9b:3c:a7:9a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEANEcJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDMx
NjE2MDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJkYTNmY2I1ZjYy
MjRjZWZmYjk4ODAyYTJlNTgwM2U5OGFkYTJkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5QR2HZNpmY4yKHfE07Y2g7UwtZR05IelXsJV448+ubp+4O
G70ZblqBLzREWCmIq7O/3OdBh919XpkmVinmpj49WbgFU8NapZdR1V/PKWfUgQCP
7F/fWNo+SlhwhrzInhkRYF3A8nzeXsGtkSG/XhwkqsygKZStHNHxCNEbOsWofifE
9qSQyUblyp+eykWaSZmSwvTPM/o5d8zx9tLcDRxdgcqJFP1YsNJBJOoj4XB5/VO+
jCqHPuKBAEUsMYouuuuBIybgve9RvShDXInMyh6Lh1NZBxWb8zswdhLd5XQI2QAr
AfHTy5ZxZuNCWQqiVfayisQ9B/nP5I3FnTqhRgECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQb2j/LX2Ikzv+5iAKi5YA+mK2i0DAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
L0c5b195MTlpSk03X3VZZ0NvdVdBUHBpdG90QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8xL0QyY2Y3RGp3REVB
dk1HYnhQSGt1R2c3UmJiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyUJsAMEArkU1DANBgkqhkiG9w0B
AQsFAAOCAQEAnTczliVvCPemy1BPWoPsUSyjOQXO1MVmuzOGyRHYFxthBMWgSZuL
dHTvvWNuOYXoXfGnfbY7IDdbBLdkYVhnc9Kk0WdZAs/G96JFzG1juhkff3bztIfw
DNGbBYYnlbNZJy9nX1tm9Ee74nDOgY2gyPcd1pZ2GfN/lQgi/Xlw1LXrv9dJd5AO
GqloMrDa+l/GbfFcBiP6tLRW7FVpT5Mde09fNAGCi5QE6Wq8GwbK0APXhwmSrGHT
aOms4D+PseNQ1B6/vZepziL/6N/GPsMFYsaCXfuXTLPeqFTd/KANNYkczqrj5EmT
IrYoz31MYJJX8aT9guYlzjx9i5I8mzynmg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:43:53 2025 by rpki-client