Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/T9jmfAwJRRI5y1-hUnuCre8om5w.roa
File: T9jmfAwJRRI5y1-hUnuCre8om5w.roa (raw, json)
Hash identifier: pf9Bns3mKTQtoCwrzUpE7KK/KlyJ4I9u/RqW+JKGNAY=
Subject key identifier: 4F:D8:E6:7C:0C:09:45:12:39:CB:5F:A1:52:7B:82:AD:EF:28:9B:9C
Certificate issuer: /CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Certificate serial: 025A8F9C
Authority key identifier: F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/T9jmfAwJRRI5y1-hUnuCre8om5w.roa
Signing time: Sat 01 Jan 2022 04:03:51 +0000
ROA not before: Sat 01 Jan 2022 04:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42277
IP address blocks: 37.188.0.0/18 maxlen: 18
77.241.16.0/21 maxlen: 21
178.249.240.0/21 maxlen: 21
94.247.248.0/24 maxlen: 24
94.247.252.0/22 maxlen: 22
94.247.248.0/22 maxlen: 24
176.241.192.0/19 maxlen: 19
5.249.192.0/19 maxlen: 19
46.62.0.0/17 maxlen: 17
2a02:51c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39489436 (0x25a8f9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Validity
Not Before: Jan 1 04:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fd8e67c0c09451239cb5fa1527b82adef289b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7e:1d:d6:cf:80:0d:8c:fe:2a:52:ff:a8:17:
38:1f:40:56:80:5a:dc:2e:f4:5c:6d:5f:84:5f:89:
f3:09:29:49:f3:cb:ff:1b:ce:4d:52:69:28:a1:50:
28:e3:f9:6b:0f:b2:a1:9c:3d:8f:1e:4f:d3:73:31:
2d:bb:72:e6:ea:75:ef:17:3e:b7:ea:1b:6b:35:ac:
04:1a:eb:89:e0:a9:bd:bc:c4:58:d8:37:da:d7:63:
a4:3c:63:f2:fa:a6:ca:6a:31:8b:70:54:fc:ac:1a:
21:11:45:b2:bb:d7:6c:fa:cc:08:8d:e8:31:28:12:
6a:d2:64:ef:67:33:0e:3e:bf:f4:20:6f:8e:cf:f5:
c6:c6:85:df:a7:23:35:ca:75:fc:43:6c:b8:3d:d4:
f0:31:23:65:d9:24:d5:c4:bc:7a:0e:64:c0:a3:a3:
f0:f0:08:65:5f:db:c0:44:3c:fb:59:80:8f:af:1e:
95:16:98:b0:1b:99:1c:86:8c:03:10:ff:ca:33:f0:
1c:31:32:d7:f9:8d:de:81:fb:8a:e6:70:af:24:77:
87:12:9e:6a:18:1e:c2:1c:7f:db:c1:11:56:8e:13:
ba:2e:54:50:45:27:27:e6:73:5a:14:7e:b9:15:f3:
8a:48:0d:63:40:44:fe:df:ca:74:46:a9:84:cf:03:
35:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D8:E6:7C:0C:09:45:12:39:CB:5F:A1:52:7B:82:AD:EF:28:9B:9C
X509v3 Authority Key Identifier:
keyid:F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/T9jmfAwJRRI5y1-hUnuCre8om5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.192.0/19
37.188.0.0/18
46.62.0.0/17
77.241.16.0/21
94.247.248.0/21
176.241.192.0/19
178.249.240.0/21
IPv6:
2a02:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:99:22:6d:0f:93:fc:99:cf:0e:77:1e:0e:4b:cb:08:be:78:
ae:7a:35:36:3a:fb:80:34:ab:58:88:6c:cc:85:e7:4b:94:da:
3d:c2:a7:4f:23:a7:7f:d2:d2:36:ed:ff:8c:d0:b6:2c:9b:21:
f6:67:63:09:03:c3:81:fa:ad:8e:6c:95:88:0c:ad:e7:5b:fa:
a9:b1:5c:5f:d1:e9:61:1d:0a:15:9b:39:db:0e:e6:16:cb:2f:
1a:68:30:12:99:46:02:f6:27:12:a3:9d:d0:ac:18:2a:8c:70:
b6:56:5e:b7:ed:4e:57:c6:a4:7d:ce:61:3a:b9:da:59:eb:aa:
45:7c:4a:56:1a:47:9c:60:83:f2:36:d8:3f:71:83:7b:cb:83:
a1:2d:b9:b6:eb:1b:2e:d4:e5:2e:e5:de:eb:a7:95:14:c5:cb:
22:12:48:9a:e1:7f:f1:3b:69:3e:15:2c:77:f6:26:f8:40:bd:
cb:5d:85:33:ef:e9:53:e7:b4:28:f0:85:75:5c:cb:17:26:0f:
c1:e1:6b:21:ac:32:18:51:d3:5b:b9:f3:ed:6e:ae:a6:6a:8b:
0f:ba:11:60:44:cd:ac:73:f2:7b:c6:6a:b7:6c:de:d4:4d:af:
16:2c:55:91:c7:2e:f2:94:3e:69:26:69:44:16:d6:66:8d:29:
ff:c9:ae:b5
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEAlqPnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2NhYjY4ZmJiMGM5Nzk0NzY1OTRiZGZjNTZjMTkyMDQyYjhkZWRmMB4XDTIyMDEw
MTA0MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZkOGU2N2MwYzA5
NDUxMjM5Y2I1ZmExNTI3YjgyYWRlZjI4OWI5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOB+HdbPgA2M/ipS/6gXOB9AVoBa3C70XG1fhF+J8wkpSfPL
/xvOTVJpKKFQKOP5aw+yoZw9jx5P03MxLbty5up17xc+t+obazWsBBrrieCpvbzE
WNg32tdjpDxj8vqmymoxi3BU/KwaIRFFsrvXbPrMCI3oMSgSatJk72czDj6/9CBv
js/1xsaF36cjNcp1/ENsuD3U8DEjZdkk1cS8eg5kwKOj8PAIZV/bwEQ8+1mAj68e
lRaYsBuZHIaMAxD/yjPwHDEy1/mN3oH7iuZwryR3hxKeahgewhx/28ERVo4Tui5U
UEUnJ+ZzWhR+uRXzikgNY0BE/t/KdEaphM8DNQ8CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBRP2OZ8DAlFEjnLX6FSe4Kt7yibnDAfBgNVHSMEGDAWgBTzyraPuwyXlHZZ
S9/FbBkgQrje3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg4cTJqN3NNbDVSMldVdmZ4V3daSUVLNDN0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvYTQ0MzM1LTQxNGYtNDQ3OS1hN2ZlLWFhNGE4MWEyZWIyMy8x
L1Q5am1mQXdKUlJJNXkxLWhVbnVDcmU4b201dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
YTQ0MzM1LTQxNGYtNDQ3OS1hN2ZlLWFhNGE4MWEyZWIyMy8xLzg4cTJqN3NNbDVS
MldVdmZ4V3daSUVLNDN0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBQX5wAMEBiW8AAMEBy4+AAMEA03x
EAMEA173+AMEBbDxwAMEA7L58DANBAIAAjAHAwUAKgJRwDANBgkqhkiG9w0BAQsF
AAOCAQEACpkibQ+T/JnPDnceDkvLCL54rno1Njr7gDSrWIhszIXnS5TaPcKnTyOn
f9LSNu3/jNC2LJsh9mdjCQPDgfqtjmyViAyt51v6qbFcX9HpYR0KFZs52w7mFssv
GmgwEplGAvYnEqOd0KwYKoxwtlZet+1OV8akfc5hOrnaWeuqRXxKVhpHnGCD8jbY
P3GDe8uDoS25tusbLtTlLuXe66eVFMXLIhJImuF/8TtpPhUsd/Ym+EC9y12FM+/p
U+e0KPCFdVzLFyYPweFrIawyGFHTW7nz7W6upmqLD7oRYETNrHPye8Zqt2ze1E2v
FixVkccu8pQ+aSZpRBbWZo0p/8mutQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:37 2025 by rpki-client