Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/R7vF7q2DOGXfDFilE6XW0tiZjqI.roa
File: R7vF7q2DOGXfDFilE6XW0tiZjqI.roa (raw, json)
Hash identifier: Bs8TlkuhtzeZ0BVywPRGKDSQ+2m8nH8ajw6/DCwzTTo=
Subject key identifier: 47:BB:C5:EE:AD:83:38:65:DF:0C:58:A5:13:A5:D6:D2:D8:99:8E:A2
Certificate issuer: /CN=cb2d9ff86e363db34d0556ec16451f2f7f303d24
Certificate serial: 089AC026
Authority key identifier: CB:2D:9F:F8:6E:36:3D:B3:4D:05:56:EC:16:45:1F:2F:7F:30:3D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/R7vF7q2DOGXfDFilE6XW0tiZjqI.roa
Signing time: Sat 01 Jan 2022 09:58:56 +0000
ROA not before: Sat 01 Jan 2022 09:58:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.120.0/22 maxlen: 22
5.153.112.0/20 maxlen: 20
2a00:d3a0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144359462 (0x89ac026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb2d9ff86e363db34d0556ec16451f2f7f303d24
Validity
Not Before: Jan 1 09:58:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47bbc5eead833865df0c58a513a5d6d2d8998ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:32:9f:f9:dd:65:e3:a5:5e:65:6e:bc:59:4e:
36:02:6a:e2:6a:14:94:95:70:29:ae:ea:43:73:c3:
ab:fe:69:d0:cb:20:46:7e:cb:8c:91:7b:cc:d9:04:
1e:87:3c:59:d3:c1:a4:36:6c:aa:60:60:21:3c:4f:
ed:db:88:96:78:a4:36:95:64:81:48:aa:64:48:e1:
e6:a0:ac:72:42:42:0b:a5:cf:3a:9f:54:52:33:6f:
3b:4f:28:26:06:df:45:e9:da:c9:de:05:b2:07:c2:
2d:98:3c:d1:19:d8:4e:4a:fd:36:3a:23:f9:13:64:
fd:be:43:c8:bc:1d:c7:db:a5:ff:e2:f4:6b:34:73:
79:fd:68:42:ed:3e:1c:e8:d0:68:cf:6a:0e:b3:a4:
fd:e8:aa:46:78:c3:55:50:76:3f:36:7e:1a:66:7b:
d4:74:b6:ee:4e:e9:29:ed:ca:7a:2c:aa:74:bd:d9:
5b:32:b0:ba:54:d5:4f:2f:83:44:c1:05:bb:ed:00:
78:a4:ac:d7:da:1e:eb:f2:94:6f:92:a2:fe:07:c8:
8e:41:ce:08:99:45:75:84:18:f7:8f:44:ba:08:39:
51:aa:60:86:4d:ea:ac:77:3d:dd:4c:18:7b:05:f1:
1b:31:cb:88:2a:be:85:31:61:aa:21:1c:a3:a2:ae:
89:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:BB:C5:EE:AD:83:38:65:DF:0C:58:A5:13:A5:D6:D2:D8:99:8E:A2
X509v3 Authority Key Identifier:
keyid:CB:2D:9F:F8:6E:36:3D:B3:4D:05:56:EC:16:45:1F:2F:7F:30:3D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/R7vF7q2DOGXfDFilE6XW0tiZjqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.112.0/20
185.74.120.0/22
IPv6:
2a00:d3a0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:d3:9e:c2:66:86:03:e3:46:6f:64:8f:9f:4d:0b:b1:b3:6d:
e0:44:6e:e6:0f:7a:02:11:41:a3:60:d1:b4:01:28:09:dd:40:
1c:08:4a:e0:e1:17:2e:c5:ec:15:49:6a:9e:62:fe:d2:d8:72:
26:16:da:a3:d1:32:79:5d:c1:0a:ca:d4:4e:77:91:a0:6a:c0:
c1:a9:d9:86:d9:ab:db:29:dd:9e:84:b0:05:4f:54:f5:4a:06:
3e:5e:e2:aa:92:f7:fc:f4:72:91:85:07:42:3d:ae:71:b8:97:
e8:84:15:24:9a:a1:1e:79:4a:df:36:98:92:38:27:80:35:5c:
03:a5:06:53:a0:1c:c8:fe:92:b8:ee:29:11:4f:93:dd:b4:40:
59:a8:78:fa:8e:be:fe:d4:a0:6a:9e:7c:89:cc:44:df:f3:0c:
22:dc:be:42:84:4f:fd:47:b1:39:90:cb:60:7f:12:5f:53:5b:
0b:d4:94:09:f3:aa:f1:ab:44:ee:ff:55:89:cb:85:20:07:95:
28:9e:cc:ce:5c:80:53:2b:41:bd:06:67:9a:d3:07:e4:bd:5f:
f0:37:68:7c:f1:64:48:4f:58:8b:da:27:bc:f1:f9:7c:f7:ba:
7b:2d:93:ae:35:24:8f:b9:ab:ae:c6:43:8c:0d:86:81:07:72:
e1:0c:9f:4b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECJrAJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjJkOWZmODZlMzYzZGIzNGQwNTU2ZWMxNjQ1MWYyZjdmMzAzZDI0MB4XDTIyMDEw
MTA5NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdiYmM1ZWVhZDgz
Mzg2NWRmMGM1OGE1MTNhNWQ2ZDJkODk5OGVhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQyn/ndZeOlXmVuvFlONgJq4moUlJVwKa7qQ3PDq/5p0Msg
Rn7LjJF7zNkEHoc8WdPBpDZsqmBgITxP7duIlnikNpVkgUiqZEjh5qCsckJCC6XP
Op9UUjNvO08oJgbfRenayd4FsgfCLZg80RnYTkr9Njoj+RNk/b5DyLwdx9ul/+L0
azRzef1oQu0+HOjQaM9qDrOk/eiqRnjDVVB2PzZ+GmZ71HS27k7pKe3KeiyqdL3Z
WzKwulTVTy+DRMEFu+0AeKSs19oe6/KUb5Ki/gfIjkHOCJlFdYQY949Eugg5Uapg
hk3qrHc93UwYewXxGzHLiCq+hTFhqiEco6KuiS0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRHu8XurYM4Zd8MWKUTpdbS2JmOojAfBgNVHSMEGDAWgBTLLZ/4bjY9s00F
VuwWRR8vfzA9JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l5MmYtRzQyUGJOTkJWYnNGa1VmTDM4d1BTUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvYjFhZjViLTA4OWUtNGNiZS1iYmU5LTQyNWVlOTY4ZGYwYi8x
L1I3dkY3cTJET0dYZkRGaWxFNlhXMHRpWmpxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
YjFhZjViLTA4OWUtNGNiZS1iYmU5LTQyNWVlOTY4ZGYwYi8xL3l5MmYtRzQyUGJO
TkJWYnNGa1VmTDM4d1BTUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBAWZcAMEArlKeDANBAIAAjAHAwUD
KgDToDANBgkqhkiG9w0BAQsFAAOCAQEAotOewmaGA+NGb2SPn00LsbNt4ERu5g96
AhFBo2DRtAEoCd1AHAhK4OEXLsXsFUlqnmL+0thyJhbao9EyeV3BCsrUTneRoGrA
wanZhtmr2yndnoSwBU9U9UoGPl7iqpL3/PRykYUHQj2ucbiX6IQVJJqhHnlK3zaY
kjgngDVcA6UGU6AcyP6SuO4pEU+T3bRAWah4+o6+/tSgap58icxE3/MMIty+QoRP
/UexOZDLYH8SX1NbC9SUCfOq8atE7v9VicuFIAeVKJ7MzlyAUytBvQZnmtMH5L1f
8DdofPFkSE9Yi9onvPH5fPe6ey2TrjUkj7mrrsZDjA2GgQdy4QyfSw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:58 2025 by rpki-client