Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/9DoQYniHC99nO4LjI5p6acCpbnM.roa
File: 9DoQYniHC99nO4LjI5p6acCpbnM.roa (raw, json)
Hash identifier: Ntv575OoVIfpnvC8FT5yMaEHUgzLmQL6Ap55Jn2ZoBA=
Subject key identifier: F4:3A:10:62:78:87:0B:DF:67:3B:82:E3:23:9A:7A:69:C0:A9:6E:73
Certificate issuer: /CN=fad7e14a262560191c66576998e9c69b89c3c136
Certificate serial: 0184C29D037FF9FE7F3D6C7BA87DC84C59A3
Authority key identifier: FA:D7:E1:4A:26:25:60:19:1C:66:57:69:98:E9:C6:9B:89:C3:C1:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/9DoQYniHC99nO4LjI5p6acCpbnM.roa
Signing time: Tue 29 Nov 2022 08:59:40 +0000
ROA not before: Tue 29 Nov 2022 08:59:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200735
IP address blocks: 185.55.72.0/24 maxlen: 24
185.55.75.0/24 maxlen: 24
185.55.74.0/24 maxlen: 24
185.55.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:9d:03:7f:f9:fe:7f:3d:6c:7b:a8:7d:c8:4c:59:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7e14a262560191c66576998e9c69b89c3c136
Validity
Not Before: Nov 29 08:59:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f43a106278870bdf673b82e3239a7a69c0a96e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0b:bb:76:74:8f:89:f6:d6:52:e3:44:bb:1b:
01:a5:d1:64:db:04:8c:b2:fd:85:ce:58:ac:b2:66:
4c:43:4a:a2:18:16:14:71:68:cd:22:2d:61:0e:fc:
7a:15:cf:c0:8f:13:01:fb:dd:ce:ad:24:9a:de:ac:
28:b9:84:21:1d:3f:5a:64:3a:f9:1a:d3:9f:72:24:
09:ce:73:9c:ca:7f:eb:5e:93:70:00:6f:fa:18:4a:
8a:d4:7d:42:6d:0c:40:fa:46:ff:44:07:39:8c:ad:
24:2a:92:78:04:20:d9:70:8a:b5:96:03:20:d8:32:
ec:8f:76:6a:cf:76:e8:12:7d:99:2c:0e:52:48:00:
fd:62:a4:11:6f:1a:5c:e9:a7:32:09:7f:01:8e:95:
d3:a4:74:b1:4a:f4:eb:30:78:d2:b0:32:fa:fc:9d:
d8:f0:6f:33:e7:59:37:e2:e8:ab:2d:90:2a:6a:4e:
2b:08:88:78:d9:6e:fb:5a:6c:23:2b:21:4a:f6:0d:
22:5c:45:85:bc:1d:dd:11:08:d8:c1:00:19:9f:8d:
97:fb:45:15:0e:45:ee:8c:23:ee:dd:0f:4a:14:68:
1c:77:15:2e:f8:b8:e1:72:c3:63:59:c0:07:ec:d9:
be:a6:3f:2c:95:ba:22:91:e1:8b:10:dc:55:da:18:
ff:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3A:10:62:78:87:0B:DF:67:3B:82:E3:23:9A:7A:69:C0:A9:6E:73
X509v3 Authority Key Identifier:
keyid:FA:D7:E1:4A:26:25:60:19:1C:66:57:69:98:E9:C6:9B:89:C3:C1:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/9DoQYniHC99nO4LjI5p6acCpbnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.72.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:14:d0:c9:c8:8d:53:84:3e:ce:48:a1:24:69:f5:96:5e:3a:
14:58:7f:34:bb:2b:1b:6b:f4:92:52:4d:19:b7:18:9c:ee:f7:
3a:cf:94:cc:0e:c7:79:bf:9c:97:0f:5c:12:ed:b8:c5:de:e2:
e8:b6:f9:1b:6c:88:f1:50:b1:fe:ea:cc:99:a6:60:79:db:bb:
d7:07:4b:fc:f6:e4:f4:90:e9:5e:13:4c:85:05:38:38:32:d1:
91:78:7d:ba:49:96:2a:56:f6:e6:3a:ef:d3:6c:a0:e2:88:a5:
2a:e0:3a:d9:87:5a:34:cf:f5:25:67:6e:e8:5f:5d:fa:13:52:
b3:c1:17:0b:2f:5f:88:fb:96:8e:89:d1:b9:3c:4c:0f:27:c8:
90:3d:55:e7:64:8a:13:e4:0f:7e:3d:fb:21:47:83:7b:9a:ca:
9e:29:75:4d:98:6f:b2:1b:b9:13:97:15:d7:cf:89:f6:9a:8d:
41:bc:b2:00:15:9a:f8:4c:e8:d8:2b:89:df:44:79:36:ce:f8:
42:7a:05:d4:c4:35:9b:1f:71:ca:dc:bf:df:39:35:cb:56:21:
78:53:e9:f7:5d:70:1b:dc:8c:18:ad:e7:11:b6:09:e2:d0:c7:
89:d4:ef:2d:a3:b0:89:ac:b4:3a:31:51:57:83:0d:de:25:be:
6d:f0:3a:e8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYTCnQN/+f5/PWx7qH3ITFmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDdlMTRhMjYyNTYwMTkxYzY2NTc2OTk4ZTljNjliODlj
M2MxMzYwHhcNMjIxMTI5MDg1OTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNhMTA2Mjc4ODcwYmRmNjczYjgyZTMyMzlhN2E2OWMwYTk2ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQu7dnSPifbWUuNEuxsBpdFk2wSM
sv2FzlissmZMQ0qiGBYUcWjNIi1hDvx6Fc/AjxMB+93OrSSa3qwouYQhHT9aZDr5
GtOfciQJznOcyn/rXpNwAG/6GEqK1H1CbQxA+kb/RAc5jK0kKpJ4BCDZcIq1lgMg
2DLsj3Zqz3boEn2ZLA5SSAD9YqQRbxpc6acyCX8BjpXTpHSxSvTrMHjSsDL6/J3Y
8G8z51k34uirLZAqak4rCIh42W77WmwjKyFK9g0iXEWFvB3dEQjYwQAZn42X+0UV
DkXujCPu3Q9KFGgcdxUu+LjhcsNjWcAH7Nm+pj8slboikeGLENxV2hj/YwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPQ6EGJ4hwvfZzuC4yOaemnAqW5zMB8GA1UdIwQY
MBaAFPrX4UomJWAZHGZXaZjpxpuJw8E2MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10ZmhTaVlsWUJrY1psZHBtT25HbTRuRHdUWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvZTY2NTZiLTgwYzgtNDM1ZS1iYzFk
LWQ2ZTcxNTUyM2YzOS8xLzlEb1FZbmlIQzk5bk80TGpJNXA2YWNDcGJuTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvZTY2NTZiLTgwYzgtNDM1ZS1iYzFkLWQ2ZTcxNTUyM2Yz
OS8xLzEtdGZoU2lZbFlCa2NabGRwbU9uR200bkR3VFkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5N0gw
DQYJKoZIhvcNAQELBQADggEBALcU0MnIjVOEPs5IoSRp9ZZeOhRYfzS7Kxtr9JJS
TRm3GJzu9zrPlMwOx3m/nJcPXBLtuMXe4ui2+RtsiPFQsf7qzJmmYHnbu9cHS/z2
5PSQ6V4TTIUFODgy0ZF4fbpJlipW9uY679NsoOKIpSrgOtmHWjTP9SVnbuhfXfoT
UrPBFwsvX4j7lo6J0bk8TA8nyJA9VedkihPkD349+yFHg3uayp4pdU2Yb7IbuROX
FdfPifaajUG8sgAVmvhM6Ngrid9EeTbO+EJ6BdTENZsfccrcv985NctWIXhT6fdd
cBvcjBit5xG2CeLQx4nU7y2jsImstDoxUVeDDd4lvm3wOug=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:53 2025 by rpki-client