Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ffRPT12slAFormyvjpH0r5HTLVY.roa
File: ffRPT12slAFormyvjpH0r5HTLVY.roa (raw, json)
Hash identifier: Jdj/ryv0iZg2YFbtNcYxREXE/gqLx12gV8tdW2fueLM=
Subject key identifier: 7D:F4:4F:4F:5D:AC:94:01:68:AE:6C:AF:8E:91:F4:AF:91:D3:2D:56
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 397A337A
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ffRPT12slAFormyvjpH0r5HTLVY.roa
Signing time: Mon 20 Jun 2022 11:45:44 +0000
ROA not before: Mon 20 Jun 2022 11:45:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198668
IP address blocks: 185.97.24.0/22 maxlen: 22
185.64.222.0/24 maxlen: 32
37.221.240.0/20 maxlen: 32
45.153.192.0/22 maxlen: 24
185.19.0.0/22 maxlen: 32
185.74.60.0/23 maxlen: 32
85.255.88.0/22 maxlen: 22
2a0d:3140::/29 maxlen: 29
2a03:d840:ffff::/48 maxlen: 48
2a04:c740::/29 maxlen: 48
2a0f:9300::/29 maxlen: 29
2a03:d840::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 964309882 (0x397a337a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jun 20 11:45:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7df44f4f5dac940168ae6caf8e91f4af91d32d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:50:27:8b:62:e2:5d:7d:b2:35:70:25:0e:c3:
1b:f7:72:b2:ea:0f:f5:2d:dd:0d:d9:36:bb:c0:ed:
f3:12:9c:80:2a:12:a1:34:c6:24:b9:c9:b4:13:c1:
46:3d:f3:fc:ac:f5:ce:ec:ca:54:4d:ba:70:38:48:
12:16:93:d7:ec:ea:e9:ee:69:8a:50:b0:4f:6f:11:
a8:1e:64:3f:da:56:03:5a:fb:12:fc:27:8a:53:04:
af:c9:96:c8:db:27:66:02:4e:3f:32:0d:6f:69:04:
d6:7a:d9:33:ae:39:0e:3d:61:2e:f2:a8:93:96:96:
60:ee:23:7d:1b:a1:3f:59:f4:a3:14:e2:7a:e7:8c:
c0:03:be:ca:e8:92:b4:5d:9c:a7:18:7d:df:40:ef:
72:c5:44:97:b4:3c:6f:53:7b:3f:e6:d3:dd:92:0d:
e2:d0:91:b8:8d:64:04:25:f7:aa:c5:3c:0c:bc:f1:
aa:b7:77:72:b6:8d:d6:b7:1e:d4:d5:6d:d6:e9:21:
47:e0:53:a5:16:8f:7f:f3:aa:c6:73:21:a9:d5:c2:
d0:c7:e7:c9:36:64:71:5a:be:0a:fa:1a:14:90:80:
96:fc:cb:da:59:f8:32:ba:41:26:a8:23:aa:e3:49:
c2:93:0c:3d:9c:1b:73:4b:9f:4b:76:c5:36:23:bf:
eb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F4:4F:4F:5D:AC:94:01:68:AE:6C:AF:8E:91:F4:AF:91:D3:2D:56
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ffRPT12slAFormyvjpH0r5HTLVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.240.0/20
45.153.192.0/22
85.255.88.0/22
185.19.0.0/22
185.64.222.0/24
185.74.60.0/23
185.97.24.0/22
IPv6:
2a03:d840::/32
2a04:c740::/29
2a0d:3140::/29
2a0f:9300::/29
Signature Algorithm: sha256WithRSAEncryption
71:19:40:c5:9f:d9:e1:66:a0:b0:57:bb:e2:0a:f1:90:44:e5:
df:bf:e6:6a:2a:af:a8:7b:6c:03:42:ad:e0:1e:b3:59:9a:fd:
ea:cb:c7:c1:73:a9:a1:4b:dc:1f:c1:37:20:70:99:38:51:84:
f8:4d:12:30:cf:09:24:f0:a6:6a:b8:d2:54:90:46:4f:83:ff:
fa:6a:db:09:44:da:d0:5e:25:a7:c7:0b:80:1f:75:4c:2c:8f:
1a:01:c6:83:a1:bc:8a:fd:71:eb:65:f2:0f:5d:b3:8d:b2:de:
2d:0d:7d:85:d9:14:90:76:52:0a:24:8b:f3:bf:6b:de:97:b3:
be:f0:52:2d:30:b8:f3:ce:2d:89:54:91:4b:1c:9d:59:6d:4a:
13:ad:84:d0:1b:70:a5:c3:94:52:7a:04:ee:31:9a:31:04:49:
48:80:61:d5:14:30:f0:7e:2a:e1:c4:1c:a4:dd:08:b7:38:4e:
23:f4:5d:2e:56:58:12:61:37:ad:0b:da:8b:8b:db:0a:ee:16:
14:06:ac:5f:e2:7a:d6:9e:ac:90:57:ab:67:3b:17:a6:cd:ed:
84:b5:26:f5:9e:e3:3a:78:f8:3b:58:3a:e6:8d:2b:48:5b:0a:
60:e9:a4:de:b8:69:f1:83:4b:a6:e3:15:2a:af:b4:e4:c6:45:
75:79:d6:0e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEOXozejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTlmMGY1ZmY2MjBlMGRiNTMxMWY2NDczNjkwOTk3M2FjNjBmNmYzMB4XDTIyMDYy
MDExNDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RmNDRmNGY1ZGFj
OTQwMTY4YWU2Y2FmOGU5MWY0YWY5MWQzMmQ1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxQJ4ti4l19sjVwJQ7DG/dysuoP9S3dDdk2u8Dt8xKcgCoS
oTTGJLnJtBPBRj3z/Kz1zuzKVE26cDhIEhaT1+zq6e5pilCwT28RqB5kP9pWA1r7
EvwnilMEr8mWyNsnZgJOPzINb2kE1nrZM645Dj1hLvKok5aWYO4jfRuhP1n0oxTi
eueMwAO+yuiStF2cpxh930DvcsVEl7Q8b1N7P+bT3ZIN4tCRuI1kBCX3qsU8DLzx
qrd3craN1rce1NVt1ukhR+BTpRaPf/OqxnMhqdXC0MfnyTZkcVq+CvoaFJCAlvzL
2ln4MrpBJqgjquNJwpMMPZwbc0ufS3bFNiO/69UCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBR99E9PXayUAWiubK+OkfSvkdMtVjAfBgNVHSMEGDAWgBQ1nw9f9iDg21MR
9kc2kJlzrGD28zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05aOFBYX1lnNE50VEVmWkhOcENaYzZ4Zzl2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8x
L2ZmUlBUMTJzbEFGb3JteXZqcEgwcjVIVExWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8xL05aOFBYX1lnNE50
VEVmWkhOcENaYzZ4Zzl2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwMAQCAAEwKgMEBCXd8AMEAi2ZwAMEAlX/WAMEArkT
AAMEALlA3gMEAblKPAMEArlhGDAiBAIAAjAcAwUAKgPYQAMFAyoEx0ADBQMqDTFA
AwUDKg+TADANBgkqhkiG9w0BAQsFAAOCAQEAcRlAxZ/Z4WagsFe74grxkETl37/m
aiqvqHtsA0Kt4B6zWZr96svHwXOpoUvcH8E3IHCZOFGE+E0SMM8JJPCmarjSVJBG
T4P/+mrbCUTa0F4lp8cLgB91TCyPGgHGg6G8iv1x62XyD12zjbLeLQ19hdkUkHZS
CiSL879r3pezvvBSLTC4884tiVSRSxydWW1KE62E0BtwpcOUUnoE7jGaMQRJSIBh
1RQw8H4q4cQcpN0ItzhOI/RdLlZYEmE3rQvai4vbCu4WFAasX+J61p6skFerZzsX
ps3thLUm9Z7jOnj4O1g65o0rSFsKYOmk3rhp8YNLpuMVKq+05MZFdXnWDg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:08 2025 by rpki-client