Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/9mcAkuYpRBWPAv0G4Qs0neBbL60.roa
File: 9mcAkuYpRBWPAv0G4Qs0neBbL60.roa (raw, json)
Hash identifier: A8doRsaovxn8v5/zWnJTibzJxIydUSOYtDkX4HFPvhE=
Subject key identifier: F6:67:00:92:E6:29:44:15:8F:02:FD:06:E1:0B:34:9D:E0:5B:2F:AD
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 09F1A4B9
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/9mcAkuYpRBWPAv0G4Qs0neBbL60.roa
Signing time: Sat 01 Jan 2022 05:02:08 +0000
ROA not before: Sat 01 Jan 2022 05:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38983
IP address blocks: 5.172.216.0/21 maxlen: 24
185.64.192.0/22 maxlen: 24
188.126.96.0/19 maxlen: 24
185.122.152.0/22 maxlen: 22
188.126.108.0/23 maxlen: 23
188.126.112.0/21 maxlen: 22
2a09:f400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166831289 (0x9f1a4b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 05:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6670092e62944158f02fd06e10b349de05b2fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:33:c7:78:80:df:f8:e4:20:25:c4:56:19:c5:
71:df:8e:37:54:4b:59:5a:3f:14:ed:d8:4c:ce:13:
86:cc:a0:3c:c3:d0:7c:33:0b:b8:51:2f:a3:a0:54:
16:e3:74:e4:ee:75:10:f5:a0:35:fe:ce:c0:e0:2a:
1b:d8:0b:3e:71:10:c7:53:f2:00:69:e3:5f:79:4c:
d1:81:81:8d:e7:ac:ad:f5:cb:83:d2:da:80:8c:50:
05:ec:09:3a:14:ad:f2:64:02:5c:25:83:05:fd:8a:
89:e6:ab:cc:60:2f:08:81:c4:46:af:32:ac:74:ad:
b5:6b:49:11:b5:5e:cd:10:1c:a7:f6:4a:3f:dd:0b:
bf:c7:c0:76:f0:9d:dd:ec:e6:1c:3b:a0:a5:a7:4b:
9f:94:df:5c:ba:4e:d5:36:ef:3c:87:ec:db:99:ab:
db:ce:a6:36:b4:89:4d:0a:e9:1a:7e:28:cc:e3:02:
e6:67:99:ba:e9:2e:36:8f:04:2b:6b:94:0f:39:b3:
e5:52:dc:11:74:9d:5a:25:de:1b:70:56:07:73:f0:
2c:e1:a5:da:0b:35:c7:ba:97:06:c4:83:f3:af:fc:
38:1e:be:e5:c6:2f:cf:40:69:29:e3:e6:9b:5d:f8:
6c:57:40:c6:cf:f8:fd:f5:5b:1d:4f:f9:86:01:45:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:67:00:92:E6:29:44:15:8F:02:FD:06:E1:0B:34:9D:E0:5B:2F:AD
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/9mcAkuYpRBWPAv0G4Qs0neBbL60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.216.0/21
185.64.192.0/22
185.122.152.0/22
188.126.96.0/19
IPv6:
2a09:f400::/29
Signature Algorithm: sha256WithRSAEncryption
11:54:a4:f1:7d:37:19:72:c9:2d:c7:11:57:f8:09:bc:0a:a1:
f3:0b:48:10:5d:58:2c:1f:16:23:0e:38:d8:38:15:40:1d:ac:
2f:ba:9d:71:e7:5e:9e:a3:fc:71:13:6b:f7:ab:dd:0d:f2:71:
02:ef:2b:d4:0b:a8:c4:d2:0a:30:b6:f8:b4:6f:ef:74:6a:b8:
fc:40:fb:72:28:12:2e:0c:8f:16:e9:ad:b5:ee:1a:bb:76:b2:
3c:dc:44:0b:7a:f6:c1:f0:04:e1:ea:74:67:e8:6a:93:38:9d:
cf:6c:21:38:f5:83:ec:0a:d2:dc:5f:78:38:28:f0:7d:c2:b1:
25:53:26:cf:70:c0:69:1f:84:2a:c5:1e:80:a5:69:0b:20:d6:
79:bf:54:51:b0:ec:60:72:d2:2d:c9:0b:05:b9:ea:af:a0:f6:
56:21:96:44:c8:f5:ae:40:c1:17:b8:11:f4:c2:8f:e8:00:df:
a8:8f:a2:3d:6e:dc:a1:05:56:42:5e:f8:ca:06:12:bb:1c:2b:
82:3e:04:3a:fb:e2:da:f6:5a:44:24:76:2c:27:50:37:63:eb:
56:03:f4:7d:37:e4:ac:1e:b7:20:68:0a:c8:14:58:6b:b9:35:
d7:0c:c1:a9:01:3a:2c:f3:a5:3d:44:95:7a:8d:59:e1:ad:65:
4f:9d:77:d8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECfGkuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjNhYjViYTk4YmVmNWQwZDliZDBjZWEwMzFhMWZlMTM3NzdhNDg2MB4XDTIyMDEw
MTA1MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY2NzAwOTJlNjI5
NDQxNThmMDJmZDA2ZTEwYjM0OWRlMDViMmZhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIwzx3iA3/jkICXEVhnFcd+ON1RLWVo/FO3YTM4ThsygPMPQ
fDMLuFEvo6BUFuN05O51EPWgNf7OwOAqG9gLPnEQx1PyAGnjX3lM0YGBjeesrfXL
g9LagIxQBewJOhSt8mQCXCWDBf2KiearzGAvCIHERq8yrHSttWtJEbVezRAcp/ZK
P90Lv8fAdvCd3ezmHDugpadLn5TfXLpO1TbvPIfs25mr286mNrSJTQrpGn4ozOMC
5meZuukuNo8EK2uUDzmz5VLcEXSdWiXeG3BWB3PwLOGl2gs1x7qXBsSD86/8OB6+
5cYvz0BpKePmm134bFdAxs/4/fVbHU/5hgFFuCkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBT2ZwCS5ilEFY8C/QbhCzSd4FsvrTAfBgNVHSMEGDAWgBQyOrW6mL710Nm9
DOoDGh/hN3ekhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01qcTF1cGktOWREWnZRenFBeG9mNFRkM3BJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8x
LzltY0FrdVlwUkJXUEF2MEc0UXMwbmVCYkw2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8xL01qcTF1cGktOWRE
WnZRenFBeG9mNFRkM3BJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAwWs2AMEArlAwAMEArl6mAMEBbx+
YDANBAIAAjAHAwUDKgn0ADANBgkqhkiG9w0BAQsFAAOCAQEAEVSk8X03GXLJLccR
V/gJvAqh8wtIEF1YLB8WIw442DgVQB2sL7qdcedenqP8cRNr96vdDfJxAu8r1Auo
xNIKMLb4tG/vdGq4/ED7cigSLgyPFumtte4au3ayPNxEC3r2wfAE4ep0Z+hqkzid
z2whOPWD7ArS3F94OCjwfcKxJVMmz3DAaR+EKsUegKVpCyDWeb9UUbDsYHLSLckL
Bbnqr6D2ViGWRMj1rkDBF7gR9MKP6ADfqI+iPW7coQVWQl74ygYSuxwrgj4EOvvi
2vZaRCR2LCdQN2PrVgP0fTfkrB63IGgKyBRYa7k11wzBqQE6LPOlPUSVeo1Z4a1l
T5132A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:50 2025 by rpki-client