Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/D7I9zrOz9PXm45ugZ_pmnw6blYQ.roa
File: D7I9zrOz9PXm45ugZ_pmnw6blYQ.roa (raw, json)
Hash identifier: gaKrU0sAKRrwZf8eauZnK343HzqFO3napVhM3gg9vi0=
Subject key identifier: 0F:B2:3D:CE:B3:B3:F4:F5:E6:E3:9B:A0:67:FA:66:9F:0E:9B:95:84
Certificate issuer: /CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Certificate serial: 044ED1A6
Authority key identifier: 28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/D7I9zrOz9PXm45ugZ_pmnw6blYQ.roa
Signing time: Sat 01 Jan 2022 15:00:54 +0000
ROA not before: Sat 01 Jan 2022 15:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 188.241.145.0/24 maxlen: 24
2a00:a900:7afe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72274342 (0x44ed1a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Validity
Not Before: Jan 1 15:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fb23dceb3b3f4f5e6e39ba067fa669f0e9b9584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f1:c8:57:92:8d:ec:07:12:ed:9c:1b:c5:5d:
bf:30:ef:ee:f1:16:7f:57:a9:e4:73:53:8e:a6:40:
47:50:d8:04:f4:cb:e7:2f:d2:af:70:3f:d7:fb:e1:
3f:a9:7a:de:d5:eb:ce:80:ec:5b:8e:df:73:e5:01:
cb:c7:d9:3f:dc:72:24:bc:d2:9b:75:1f:7d:40:a8:
6f:f9:87:bc:ff:c3:d5:8c:47:bb:11:93:7f:5d:ee:
e2:ec:42:e1:72:2c:e0:25:c5:ac:e9:47:49:04:39:
fa:90:ce:27:25:bf:ee:08:77:c8:78:f2:fe:f3:34:
a1:12:d2:71:fa:4c:6c:f1:5c:c8:6c:f8:48:c7:bb:
39:a4:f2:a3:4f:34:0f:d8:a5:aa:d3:44:fd:c4:0b:
4b:94:18:f3:19:de:1a:93:fc:87:4f:7f:a2:85:8c:
f7:a0:7a:e5:a1:5d:10:57:af:2e:6b:ae:c6:b5:e8:
d0:43:42:c9:bc:13:96:dd:59:24:3c:45:86:6a:72:
e4:9b:b0:7e:8b:63:c6:c5:a3:cf:4f:ff:8a:f3:ed:
be:fa:74:bb:05:04:4a:db:ed:3a:4c:a0:42:96:07:
6c:b2:1e:c1:57:ae:5a:8a:d5:99:80:89:bc:03:e6:
b6:45:3e:18:a8:3d:a2:6c:37:38:ae:38:87:00:c9:
0f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B2:3D:CE:B3:B3:F4:F5:E6:E3:9B:A0:67:FA:66:9F:0E:9B:95:84
X509v3 Authority Key Identifier:
keyid:28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/D7I9zrOz9PXm45ugZ_pmnw6blYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.145.0/24
IPv6:
2a00:a900:7afe::/48
Signature Algorithm: sha256WithRSAEncryption
03:5e:d9:84:5b:7f:c8:87:63:7f:3b:ed:e8:45:80:01:38:11:
47:0f:d3:08:71:5b:5d:a1:6f:3e:82:cd:0e:f4:90:39:79:2e:
e6:c1:83:93:e7:d7:05:9c:8b:5f:f2:e1:57:39:15:a9:a4:ec:
d2:1e:92:9e:78:0b:9b:ef:05:2b:8a:00:76:7d:5a:39:e7:ec:
29:1d:4d:bd:1a:d8:5e:f9:66:be:f4:0f:db:10:c7:7c:83:95:
5c:bb:c2:0d:09:f3:dd:8f:b5:ec:2f:a9:19:3e:19:f3:36:d9:
84:70:ff:35:89:51:92:f6:a4:43:27:90:61:13:0a:84:6c:d5:
e4:25:60:71:c4:a2:17:a1:40:52:4e:3b:35:e7:f7:d4:bb:6a:
6d:82:3a:b3:2b:49:08:61:b4:33:91:81:a3:f7:7e:76:36:df:
66:76:86:22:f3:44:d2:c1:f1:07:b1:32:a7:b1:2c:84:f1:78:
a9:33:61:58:24:0e:e4:c5:a7:d7:a9:b7:85:c1:92:64:87:ce:
93:da:f4:a7:78:f7:0e:ac:af:33:e0:61:39:24:42:cd:f9:11:
f3:95:63:5b:cd:dd:19:57:48:81:83:24:da:94:53:9a:c2:e5:
90:85:24:95:b3:66:ca:75:f1:55:37:8c:d5:d8:55:29:e8:a2:
4f:77:a0:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBE7RpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1MWM2ZmM2ZWIzODE2ZTExNmM4YTRhODUxZDBkMTc4YzkwZjMxMB4XDTIyMDEw
MTE1MDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZiMjNkY2ViM2Iz
ZjRmNWU2ZTM5YmEwNjdmYTY2OWYwZTliOTU4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjxyFeSjewHEu2cG8VdvzDv7vEWf1ep5HNTjqZAR1DYBPTL
5y/Sr3A/1/vhP6l63tXrzoDsW47fc+UBy8fZP9xyJLzSm3UffUCob/mHvP/D1YxH
uxGTf13u4uxC4XIs4CXFrOlHSQQ5+pDOJyW/7gh3yHjy/vM0oRLScfpMbPFcyGz4
SMe7OaTyo080D9ilqtNE/cQLS5QY8xneGpP8h09/ooWM96B65aFdEFevLmuuxrXo
0ENCybwTlt1ZJDxFhmpy5JuwfotjxsWjz0//ivPtvvp0uwUEStvtOkygQpYHbLIe
wVeuWorVmYCJvAPmtkU+GKg9omw3OK44hwDJD2sCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQPsj3Os7P09ebjm6Bn+mafDpuVhDAfBgNVHSMEGDAWgBQohRxvxus4FuEW
yKSoUdDReMkPMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVWNiOGJyT0JiaEZzaWtxRkhRMFhqSkR6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvYjllNmRmLWRhOGYtNDQ5MS04ZmU0LTUyNDViMTM1MjIxYi8x
L0Q3STl6ck96OVBYbTQ1dWdaX3Btbnc2YmxZUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
YjllNmRmLWRhOGYtNDQ5MS04ZmU0LTUyNDViMTM1MjIxYi8xL0tJVWNiOGJyT0Ji
aEZzaWtxRkhRMFhqSkR6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALzxkTAPBAIAAjAJAwcAKgCpAHr+
MA0GCSqGSIb3DQEBCwUAA4IBAQADXtmEW3/Ih2N/O+3oRYABOBFHD9MIcVtdoW8+
gs0O9JA5eS7mwYOT59cFnItf8uFXORWppOzSHpKeeAub7wUrigB2fVo55+wpHU29
Gthe+Wa+9A/bEMd8g5Vcu8INCfPdj7XsL6kZPhnzNtmEcP81iVGS9qRDJ5BhEwqE
bNXkJWBxxKIXoUBSTjs15/fUu2ptgjqzK0kIYbQzkYGj9352Nt9mdoYi80TSwfEH
sTKnsSyE8XipM2FYJA7kxafXqbeFwZJkh86T2vSnePcOrK8z4GE5JELN+RHzlWNb
zd0ZV0iBgyTalFOawuWQhSSVs2bKdfFVN4zV2FUp6KJPd6Cm
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:25:17 2025 by rpki-client