Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa
File: 9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa (raw, json)
Hash identifier: 2gSETWnwHrW3ARClijSEeGjdI6CDg/acuQsmOcKdXT4=
Subject key identifier: F6:BC:9F:4A:BF:22:41:F6:45:0A:8B:0B:7E:7D:A1:6B:90:AC:B7:94
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 018872451C8E307878855F3E0E80AB0B9A6C
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa
Signing time: Wed 31 May 2023 14:45:11 +0000
ROA not before: Wed 31 May 2023 14:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49121
IP address blocks: 37.221.71.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
2a09:e200:e200::/48 maxlen: 48
2a09:e200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:45:1c:8e:30:78:78:85:5f:3e:0e:80:ab:0b:9a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: May 31 14:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6bc9f4abf2241f6450a8b0b7e7da16b90acb794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:89:1e:7e:b6:f8:c0:d8:a5:60:62:6d:27:45:
b7:5b:b7:2c:fe:d9:95:94:15:fd:ae:cd:e8:0f:b6:
77:39:f5:a3:99:92:f6:7e:83:77:f3:07:b0:51:71:
5b:98:a4:14:8c:b4:94:95:7e:c7:81:19:b2:02:da:
93:e3:0c:c1:fa:b8:84:c1:81:09:2e:36:df:77:ca:
43:0d:88:50:b1:54:54:8b:64:3c:13:a6:e7:d6:fd:
53:30:db:14:a7:fa:99:97:86:5f:07:05:64:ad:c7:
96:4c:a8:f6:bd:12:df:3f:44:9c:74:69:f0:93:f1:
32:85:26:e7:94:f0:4d:8d:62:69:79:d5:90:3f:d6:
a9:64:d1:c3:dc:ad:b6:da:70:f3:c2:c2:a4:26:60:
ac:e6:ec:95:49:ed:33:0c:93:d9:5e:2d:24:c6:4f:
94:71:6c:b3:d2:b2:96:8a:3f:c2:15:10:5b:df:83:
e5:b0:e1:7d:82:99:ba:f1:ee:fc:8a:9c:86:99:6d:
0c:e3:27:06:e4:18:fc:1b:a9:b9:d1:b3:d4:c7:65:
93:85:79:44:96:1e:57:12:47:5d:06:8f:bd:e1:78:
48:a5:ef:7f:46:84:a3:bf:f6:d5:23:61:36:42:63:
ab:b1:82:f0:94:09:fe:98:3a:cc:94:e1:17:30:e3:
48:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BC:9F:4A:BF:22:41:F6:45:0A:8B:0B:7E:7D:A1:6B:90:AC:B7:94
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/24
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
Signature Algorithm: sha256WithRSAEncryption
79:82:76:51:93:c9:24:46:a9:eb:a5:c7:08:23:40:33:cc:f1:
5c:18:a9:0f:e7:c3:81:ce:ea:17:7d:97:42:e5:5a:4e:8a:86:
cc:12:2c:8e:d0:2b:05:11:8d:60:1e:d5:71:86:e5:7f:88:bf:
cc:bc:aa:5b:fd:58:ab:61:86:3a:72:a2:c9:5b:b3:c7:0a:97:
96:32:42:15:13:4c:85:c1:23:bf:43:52:60:aa:29:d4:15:4f:
53:be:ea:7b:b8:29:6b:e8:12:f5:50:2c:b5:a1:61:9b:ab:b6:
04:91:db:20:9e:fd:d2:c5:a0:1d:bb:f9:46:40:92:61:9c:81:
70:c4:3d:ec:59:8f:44:77:5b:8f:77:78:a9:dd:15:ed:10:aa:
d8:12:b4:95:8b:a0:89:41:66:04:42:32:69:a3:7c:72:0e:bf:
13:27:ab:1d:3e:10:b4:29:89:98:ee:6f:cf:8a:7c:e7:dc:69:
8a:16:d5:43:34:74:9a:a5:af:30:66:29:eb:8d:79:2e:e7:d6:
d0:3c:84:22:11:e7:11:d2:cc:de:d7:70:d3:0b:82:52:8d:8b:
5d:37:38:ba:6d:bf:c9:29:81:b8:32:15:03:0d:4b:89:7d:31:
31:d3:8a:58:76:33:cd:c6:be:b8:e3:11:6f:3a:eb:9d:d3:63:
5e:36:6a:dc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYhyRRyOMHh4hV8+DoCrC5psMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjMwNTMxMTQ0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmJjOWY0YWJmMjI0MWY2NDUwYThiMGI3ZTdkYTE2YjkwYWNiNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIkefrb4wNilYGJtJ0W3W7cs/tmV
lBX9rs3oD7Z3OfWjmZL2foN38wewUXFbmKQUjLSUlX7HgRmyAtqT4wzB+riEwYEJ
Ljbfd8pDDYhQsVRUi2Q8E6bn1v1TMNsUp/qZl4ZfBwVkrceWTKj2vRLfP0ScdGnw
k/EyhSbnlPBNjWJpedWQP9apZNHD3K222nDzwsKkJmCs5uyVSe0zDJPZXi0kxk+U
cWyz0rKWij/CFRBb34PlsOF9gpm68e78ipyGmW0M4ycG5Bj8G6m50bPUx2WThXlE
lh5XEkddBo+94XhIpe9/RoSjv/bVI2E2QmOrsYLwlAn+mDrMlOEXMONIBQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPa8n0q/IkH2RQqLC359oWuQrLeUMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvOXJ5ZlNyOGlRZlpGQ29zTGZuMmhhNUNzdDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQCJd1EMAwD
BAAtV3UDBAMtV3ADBAC5ugAwGAQCAAIwEgMHACoJ4gAAAAMHACoJ4gDiADANBgkq
hkiG9w0BAQsFAAOCAQEAeYJ2UZPJJEap66XHCCNAM8zxXBipD+fDgc7qF32XQuVa
ToqGzBIsjtArBRGNYB7VcYblf4i/zLyqW/1Yq2GGOnKiyVuzxwqXljJCFRNMhcEj
v0NSYKop1BVPU77qe7gpa+gS9VAstaFhm6u2BJHbIJ790sWgHbv5RkCSYZyBcMQ9
7FmPRHdbj3d4qd0V7RCq2BK0lYugiUFmBEIyaaN8cg6/EyerHT4QtCmJmO5vz4p8
59xpihbVQzR0mqWvMGYp6415LufW0DyEIhHnEdLM3tdw0wuCUo2LXTc4um2/ySmB
uDIVAw1LiX0xMdOKWHYzzca+uOMRbzrrndNjXjZq3A==
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:49:46 2025 by rpki-client