Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/1-yz946TbROEnEMrw7C9PtC3Zfg4.roa
File: 1-yz946TbROEnEMrw7C9PtC3Zfg4.roa (raw, json)
Hash identifier: /xcEq/WZs0ArqyyTnTsJkTOv6bSSBCVQ1VB+sUWm8Kg=
Subject key identifier: FB:2C:FD:E3:A4:DB:44:E1:27:10:CA:F0:EC:2F:4F:B4:2D:D9:7E:0E
Certificate issuer: /CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Certificate serial: 0A7B53C2
Authority key identifier: 8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/1-yz946TbROEnEMrw7C9PtC3Zfg4.roa
Signing time: Sat 01 Jan 2022 13:01:05 +0000
ROA not before: Sat 01 Jan 2022 13:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205961
IP address blocks: 185.200.20.0/22 maxlen: 22
2a0b:24c1::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175854530 (0xa7b53c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Validity
Not Before: Jan 1 13:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb2cfde3a4db44e12710caf0ec2f4fb42dd97e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:60:89:6d:82:b8:1a:e4:94:7e:4a:09:ac:3f:
fc:af:94:39:a3:e9:ae:a1:b4:22:51:80:e0:ec:bb:
5a:a7:d3:e7:04:fa:1f:78:25:27:c5:d3:e6:e5:3c:
e8:f0:e0:a9:67:e7:5b:ac:81:87:29:58:04:b6:2e:
5f:7b:da:8c:17:de:8c:80:6f:e3:e1:c3:24:c8:6b:
5f:92:73:2b:aa:ec:22:e9:ca:a8:2b:58:cb:34:2b:
60:5a:b2:81:f0:d7:02:93:63:91:9d:2f:fb:5e:59:
64:4a:c5:aa:8a:5b:74:1b:6f:3b:0c:78:7d:b2:db:
95:14:7b:6b:67:55:36:5b:55:fc:a1:9a:58:dd:3f:
19:5f:b6:c3:44:c6:b7:01:f6:c9:59:33:c5:81:e4:
f9:cf:c8:fa:e8:7e:f1:ed:6e:19:db:c6:dd:46:e1:
13:39:75:3e:7a:df:70:4a:33:4a:7f:d3:9b:24:5c:
ad:06:68:d1:4f:1d:1e:7b:99:99:35:c3:ce:a7:30:
29:2e:bd:51:9d:ea:ec:e8:ad:4f:53:eb:93:77:e7:
e5:38:6a:92:5b:34:f9:69:d5:80:3e:20:ba:ad:c8:
37:1b:34:76:74:10:7b:88:0b:e0:18:d2:40:2a:0a:
d0:13:e9:65:88:f5:5a:ff:d5:23:ff:ba:65:d1:26:
21:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2C:FD:E3:A4:DB:44:E1:27:10:CA:F0:EC:2F:4F:B4:2D:D9:7E:0E
X509v3 Authority Key Identifier:
keyid:8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/1-yz946TbROEnEMrw7C9PtC3Zfg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.20.0/22
IPv6:
2a0b:24c1::/33
Signature Algorithm: sha256WithRSAEncryption
1d:00:df:34:3c:6a:a0:7a:ae:64:4c:6d:e6:f2:bd:38:5d:20:
8c:e0:80:41:99:eb:48:c8:79:a5:74:fc:73:a6:41:e0:a4:a7:
c6:38:29:cf:68:d0:df:40:43:d1:c4:b1:75:66:8b:9a:e3:46:
da:22:6c:80:88:36:bb:a9:67:65:63:83:a4:6a:07:65:7e:5a:
d0:14:83:30:a7:e5:d1:82:c9:41:d6:00:65:1a:5f:06:45:6b:
76:6a:a3:5b:ca:f4:9b:e9:d9:4c:14:1d:50:6c:ed:63:ee:94:
78:d0:f9:0c:1b:17:78:ff:f6:58:bd:65:99:f5:d3:b7:af:62:
2d:2f:93:fe:42:53:15:fd:56:35:6a:48:9f:61:5d:4f:76:2d:
42:b8:3d:d1:24:7a:46:5d:30:a2:12:a3:71:f7:83:2c:55:81:
bc:b7:ba:d5:c0:49:35:36:cf:7c:88:1b:5f:53:9d:b5:e4:25:
15:a1:8a:fd:04:10:e6:23:86:71:53:db:45:03:b0:45:71:82:
ef:1f:27:0e:18:a7:f8:fb:92:1a:b8:95:ed:ae:e5:c7:8b:ed:
a9:33:ab:76:99:7f:65:d7:7d:45:71:87:8f:a1:b8:85:87:ea:
78:3c:b8:c7:1f:34:85:49:f8:e2:48:d1:22:66:13:78:f7:5d:
24:9e:68:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECntTwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjdiNDk2ZWE3Y2Y3NjNkMDU4MzA4MzcxZTFiZjY3ZTUzYmM3YmEzMB4XDTIyMDEw
MTEzMDEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIyY2ZkZTNhNGRi
NDRlMTI3MTBjYWYwZWMyZjRmYjQyZGQ5N2UwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpgiW2CuBrklH5KCaw//K+UOaPprqG0IlGA4Oy7WqfT5wT6
H3glJ8XT5uU86PDgqWfnW6yBhylYBLYuX3vajBfejIBv4+HDJMhrX5JzK6rsIunK
qCtYyzQrYFqygfDXApNjkZ0v+15ZZErFqopbdBtvOwx4fbLblRR7a2dVNltV/KGa
WN0/GV+2w0TGtwH2yVkzxYHk+c/I+uh+8e1uGdvG3UbhEzl1PnrfcEozSn/TmyRc
rQZo0U8dHnuZmTXDzqcwKS69UZ3q7OitT1Prk3fn5Thqkls0+WnVgD4guq3INxs0
dnQQe4gL4BjSQCoK0BPpZYj1Wv/VI/+6ZdEmIY0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT7LP3jpNtE4ScQyvDsL0+0Ldl+DjAfBgNVHSMEGDAWgBSPe0lup892PQWD
CDceG/Z+U7x7ozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ozdEpicWZQZGowRmd3ZzNIaHYyZmxPOGU2TS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvOWVmZDk0LTA1MTYtNGU2Ni05OGQ1LTI1MWIwMTlkNTFhOC8x
LzEteXo5NDZUYlJPRW5FTXJ3N0M5UHRDM1pmZzQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdl
LzllZmQ5NC0wNTE2LTRlNjYtOThkNS0yNTFiMDE5ZDUxYTgvMS9qM3RKYnFmUGRq
MEZnd2czSGh2MmZsTzhlNk0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBAK5yBQwDgQCAAIwCAMGByoLJMEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdAN80PGqgeq5kTG3m8r04XSCM4IBBmetIyHml
dPxzpkHgpKfGOCnPaNDfQEPRxLF1Zoua40baImyAiDa7qWdlY4OkagdlflrQFIMw
p+XRgslB1gBlGl8GRWt2aqNbyvSb6dlMFB1QbO1j7pR40PkMGxd4//ZYvWWZ9dO3
r2ItL5P+QlMV/VY1akifYV1Pdi1CuD3RJHpGXTCiEqNx94MsVYG8t7rVwEk1Ns98
iBtfU5215CUVoYr9BBDmI4ZxU9tFA7BFcYLvHycOGKf4+5IauJXtruXHi+2pM6t2
mX9l131FcYePobiFh+p4PLjHHzSFSfjiSNEiZhN4910knmjJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:03 2025 by rpki-client