Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/nJVjuUJ46Ckg9Unpq15dp4PMAW8.roa
File: nJVjuUJ46Ckg9Unpq15dp4PMAW8.roa (raw, json)
Hash identifier: Hr6LRdn4pdivZOgP84Y3XxfOx8BFQerEKjdMByONCIE=
Subject key identifier: 9C:95:63:B9:42:78:E8:29:20:F5:49:E9:AB:5E:5D:A7:83:CC:01:6F
Certificate issuer: /CN=b025bac132e479a28df33573dd1096a9b7b78d32
Certificate serial: 01856E2FC20C08E207E8228B82FC754A5F48
Authority key identifier: B0:25:BA:C1:32:E4:79:A2:8D:F3:35:73:DD:10:96:A9:B7:B7:8D:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCW6wTLkeaKN8zVz3RCWqbe3jTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/nJVjuUJ46Ckg9Unpq15dp4PMAW8.roa
Signing time: Sun 01 Jan 2023 16:35:01 +0000
ROA not before: Sun 01 Jan 2023 16:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203489
IP address blocks: 185.132.68.0/22 maxlen: 22
185.214.0.0/22 maxlen: 22
2a0b:91c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:c2:0c:08:e2:07:e8:22:8b:82:fc:75:4a:5f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b025bac132e479a28df33573dd1096a9b7b78d32
Validity
Not Before: Jan 1 16:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c9563b94278e82920f549e9ab5e5da783cc016f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:0a:76:1c:4e:da:68:7e:3d:b8:7a:64:1b:
e3:b1:b9:1e:0f:f5:77:3c:6f:73:1d:6a:95:35:95:
bd:9c:6c:60:fe:14:7e:71:94:55:ef:ef:46:16:6e:
35:3b:87:b1:a8:b0:38:34:63:5c:cd:15:4c:0b:21:
2d:1a:2a:5f:02:8b:0e:05:d9:20:88:e8:4a:2b:a6:
1f:e6:5c:5e:3e:20:c7:a3:75:cf:a8:2d:e3:72:09:
5f:89:41:87:0e:38:5f:89:33:84:6e:ca:8a:91:9b:
3f:84:97:91:fe:e0:32:74:47:6c:fb:e4:23:10:11:
73:15:dd:2b:e3:5c:fc:08:43:a9:f8:bf:b0:83:0a:
f1:87:99:79:7d:ba:f0:4a:5d:bd:af:4d:38:23:08:
50:1e:c3:46:4d:2f:64:ce:5c:84:2b:7a:e1:b3:55:
54:4c:7f:a4:6f:46:d7:f6:ea:f5:d9:99:77:7e:66:
b2:95:2a:0b:fd:d6:df:98:0c:75:50:ac:72:ba:fa:
37:05:17:48:28:49:75:73:c6:e6:b3:a0:42:e1:6d:
23:45:e2:9a:7e:63:f5:a1:b1:d8:5a:e9:28:ad:1a:
1c:e3:0f:63:2c:c5:68:26:ce:24:33:ee:d6:4e:84:
34:4c:a7:87:61:d9:bf:ca:f8:0d:69:7a:96:1b:f7:
6c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:95:63:B9:42:78:E8:29:20:F5:49:E9:AB:5E:5D:A7:83:CC:01:6F
X509v3 Authority Key Identifier:
keyid:B0:25:BA:C1:32:E4:79:A2:8D:F3:35:73:DD:10:96:A9:B7:B7:8D:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCW6wTLkeaKN8zVz3RCWqbe3jTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/nJVjuUJ46Ckg9Unpq15dp4PMAW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/sCW6wTLkeaKN8zVz3RCWqbe3jTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.68.0/22
185.214.0.0/22
IPv6:
2a0b:91c0::/29
Signature Algorithm: sha256WithRSAEncryption
be:40:d4:ba:a9:74:6d:f0:00:f3:0b:db:73:04:fa:67:eb:12:
9d:48:1e:4d:39:e6:a3:98:f5:80:1e:d0:21:46:de:52:39:02:
cd:ce:2d:77:d5:f5:06:78:b5:9f:ad:c8:3b:5c:71:cb:fc:77:
4f:2c:54:f7:24:3e:e2:b5:36:67:4a:5d:de:78:28:ec:cd:3f:
7e:d1:71:03:10:5a:d5:cb:ca:dd:c8:6c:fa:55:00:33:77:f9:
c7:d6:fa:3f:4f:c3:7f:c0:61:90:01:4f:13:51:64:e2:d5:73:
55:96:19:35:b0:ba:a3:84:b5:d2:d3:7c:3d:0f:42:2e:70:eb:
d9:56:e0:3c:13:a5:22:24:59:8d:d2:3f:9b:43:db:53:ce:78:
27:f3:c5:70:65:59:ef:b8:71:0c:82:b7:74:46:08:ab:c6:dc:
c3:ff:4c:fd:fd:8c:67:92:b9:65:9b:94:3e:40:75:dc:70:75:
ea:9b:70:14:ea:26:8b:c4:96:22:da:ca:7e:20:b6:15:3a:4a:
00:e7:01:00:64:ea:fe:5d:c8:09:cc:ef:c1:80:5e:a6:5b:26:
20:e1:5d:03:4d:d3:ba:39:ec:c6:77:15:4d:35:20:33:ea:66:
e9:5d:64:92:35:3e:3a:90:11:e6:62:c3:2e:93:78:85:c3:ea:
be:d5:24:03
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuL8IMCOIH6CKLgvx1Sl9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjViYWMxMzJlNDc5YTI4ZGYzMzU3M2RkMTA5NmE5Yjdi
NzhkMzIwHhcNMjMwMTAxMTYzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk1NjNiOTQyNzhlODI5MjBmNTQ5ZTlhYjVlNWRhNzgzY2MwMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN0KdhxO2mh+Pbh6ZBvjsbkeD/V3
PG9zHWqVNZW9nGxg/hR+cZRV7+9GFm41O4exqLA4NGNczRVMCyEtGipfAosOBdkg
iOhKK6Yf5lxePiDHo3XPqC3jcglfiUGHDjhfiTOEbsqKkZs/hJeR/uAydEds++Qj
EBFzFd0r41z8CEOp+L+wgwrxh5l5fbrwSl29r004IwhQHsNGTS9kzlyEK3rhs1VU
TH+kb0bX9ur12Zl3fmaylSoL/dbfmAx1UKxyuvo3BRdIKEl1c8bms6BC4W0jReKa
fmP1obHYWukorRoc4w9jLMVoJs4kM+7WToQ0TKeHYdm/yvgNaXqWG/dsGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJyVY7lCeOgpIPVJ6ateXaeDzAFvMB8GA1UdIwQY
MBaAFLAlusEy5HmijfM1c90Qlqm3t40yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NXNndUTGtlYUtOOHpWejNSQ1dxYmUzalRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMmQ5ZjMtOGQ1Ni00ODFjLThiYzQt
N2M4ZjNmZWNkYjJjLzEvbkpWanVVSjQ2Q2tnOVVucHExNWRwNFBNQVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMmQ5ZjMtOGQ1Ni00ODFjLThiYzQtN2M4ZjNmZWNkYjJj
LzEvc0NXNndUTGtlYUtOOHpWejNSQ1dxYmUzalRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYREAwQC
udYAMA0EAgACMAcDBQMqC5HAMA0GCSqGSIb3DQEBCwUAA4IBAQC+QNS6qXRt8ADz
C9tzBPpn6xKdSB5NOeajmPWAHtAhRt5SOQLNzi131fUGeLWfrcg7XHHL/HdPLFT3
JD7itTZnSl3eeCjszT9+0XEDEFrVy8rdyGz6VQAzd/nH1vo/T8N/wGGQAU8TUWTi
1XNVlhk1sLqjhLXS03w9D0IucOvZVuA8E6UiJFmN0j+bQ9tTzngn88VwZVnvuHEM
grd0RgirxtzD/0z9/Yxnkrllm5Q+QHXccHXqm3AU6iaLxJYi2sp+ILYVOkoA5wEA
ZOr+XcgJzO/BgF6mWyYg4V0DTdO6OezGdxVNNSAz6mbpXWSSNT46kBHmYsMuk3iF
w+q+1SQD
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:58:42 2025 by rpki-client