Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa
File: c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa (raw, json)
Hash identifier: 70aSh3QjnpgplKu7dW5SkRFcKs7+dAH/qEv4aaGyB60=
Subject key identifier: 73:D5:D0:48:EC:49:6F:3A:A2:B9:CF:B2:6A:F2:68:AB:D6:77:08:8B
Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial: 1D2DA7
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa
Signing time: Sat 01 Jan 2022 01:03:08 +0000
ROA not before: Sat 01 Jan 2022 01:03:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.9.176.0/21 maxlen: 21
185.20.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1912231 (0x1d2da7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Validity
Not Before: Jan 1 01:03:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73d5d048ec496f3aa2b9cfb26af268abd677088b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:81:4e:1d:63:65:46:f0:c7:18:67:ab:dc:88:
18:26:12:60:87:e0:a9:0c:d1:27:66:27:d5:e1:e0:
1b:b8:69:db:f5:23:0d:d2:5a:06:d8:a0:6d:b9:94:
05:c8:96:97:49:93:ef:c4:2f:81:81:6a:97:ae:7b:
a7:a1:a3:16:19:89:c0:7e:46:8d:72:86:37:20:a4:
cb:6b:0e:4e:31:26:04:75:2d:5e:b7:b7:87:7b:ab:
20:29:5c:9d:64:89:6c:22:8d:96:6e:d2:e3:17:0f:
9e:41:e0:cf:dd:e5:24:60:bc:4c:5a:74:7b:f8:f1:
7c:0c:32:27:8e:2b:2f:9a:62:49:75:e1:05:ef:25:
a1:75:79:d8:80:2d:c6:99:8c:8d:d2:a6:07:4c:c0:
bc:48:d9:5d:d6:37:2b:d3:9a:85:65:f0:a5:1d:0f:
e6:9a:90:d7:e8:13:2e:f6:cd:96:e4:8d:45:cf:f5:
d9:e0:ee:76:ab:ee:17:1e:d7:79:48:4f:15:9f:27:
fd:d0:bb:6f:e0:88:66:42:98:30:6b:01:9d:6f:a9:
89:4b:e0:b3:d3:e3:79:5d:ee:85:9d:b0:45:54:e3:
b6:5b:87:e6:85:e5:15:9e:fa:da:0e:03:7d:45:e1:
ac:da:bf:d5:5c:9e:70:9c:ae:e1:72:d9:fa:95:71:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D5:D0:48:EC:49:6F:3A:A2:B9:CF:B2:6A:F2:68:AB:D6:77:08:8B
X509v3 Authority Key Identifier:
keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.176.0/21
185.20.212.0/22
Signature Algorithm: sha256WithRSAEncryption
95:47:27:45:91:92:c3:36:5e:31:19:32:f5:1c:78:0a:68:2b:
e0:f6:19:a4:27:78:8f:a3:f2:a9:a0:83:ec:7d:9c:86:1a:a1:
00:e9:31:cf:dc:45:8d:be:2d:1f:f9:88:03:80:01:0f:ea:47:
95:a1:22:b7:b6:e1:21:df:a5:2e:40:f2:87:72:15:14:b3:5e:
f4:4f:6c:c6:26:64:80:cd:06:5c:fc:e8:1c:11:55:80:55:c1:
7a:76:43:03:f7:13:f1:74:71:6e:17:51:fe:41:6a:a3:54:d0:
ab:a2:08:a1:03:d3:1f:ea:0b:53:b2:8e:3c:d0:57:61:32:16:
f3:e7:4a:e1:35:56:e5:ec:d6:34:74:d5:a2:bf:84:ec:15:4c:
21:f4:93:e7:fa:19:0d:7a:53:9b:ac:2d:3a:b5:87:1b:57:16:
6e:43:9a:0f:08:90:e4:fe:8c:41:a9:35:dc:04:7b:ec:34:5d:
d0:cf:aa:2f:12:a2:82:20:90:0e:5c:61:63:5a:2d:78:de:87:
62:db:bb:02:24:dd:7b:02:4f:b7:8f:d4:bf:ef:bd:20:0b:c4:
b9:9d:46:a9:e1:bf:9f:d8:9d:6f:28:0b:a0:7e:11:03:52:92:
a7:74:b1:07:68:f6:82:a5:c0:49:71:37:c5:2c:b0:f7:fc:61:
16:61:cb:33
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDHS2nMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBm
NjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVkMTZkYjMwHhcNMjIwMTAx
MDEwMzA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3M2Q1ZDA0OGVjNDk2
ZjNhYTJiOWNmYjI2YWYyNjhhYmQ2NzcwODhiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuoFOHWNlRvDHGGer3IgYJhJgh+CpDNEnZifV4eAbuGnb9SMN
0loG2KBtuZQFyJaXSZPvxC+BgWqXrnunoaMWGYnAfkaNcoY3IKTLaw5OMSYEdS1e
t7eHe6sgKVydZIlsIo2WbtLjFw+eQeDP3eUkYLxMWnR7+PF8DDInjisvmmJJdeEF
7yWhdXnYgC3GmYyN0qYHTMC8SNld1jcr05qFZfClHQ/mmpDX6BMu9s2W5I1Fz/XZ
4O52q+4XHtd5SE8Vnyf90Ltv4IhmQpgwawGdb6mJS+Cz0+N5Xe6FnbBFVOO2W4fm
heUVnvraDgN9ReGs2r/VXJ5wnK7hctn6lXGYAwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFHPV0EjsSW86ornPsmryaKvWdwiLMB8GA1UdIwQYMBaAFA9nH+w48AxALzBm
8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUxLzEv
YzlYUVNPeEpienFpdWMteWF2Sm9xOVozQ0lzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80
OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUxLzEvRDJjZjdEandERUF2
TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJQmwAwQCuRTUMA0GCSqGSIb3DQEB
CwUAA4IBAQCVRydFkZLDNl4xGTL1HHgKaCvg9hmkJ3iPo/KpoIPsfZyGGqEA6THP
3EWNvi0f+YgDgAEP6keVoSK3tuEh36UuQPKHchUUs170T2zGJmSAzQZc/OgcEVWA
VcF6dkMD9xPxdHFuF1H+QWqjVNCrogihA9Mf6gtTso480FdhMhbz50rhNVbl7NY0
dNWiv4TsFUwh9JPn+hkNelObrC06tYcbVxZuQ5oPCJDk/oxBqTXcBHvsNF3Qz6ov
EqKCIJAOXGFjWi143odi27sCJN17Ak+3j9S/770gC8S5nUap4b+f2J1vKAugfhED
UpKndLEHaPaCpcBJcTfFLLD3/GEWYcsz
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:51:50 2025 by rpki-client