Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/z9C87BJXw9DAD-GpiKSJ9erZAFk.roa
File: z9C87BJXw9DAD-GpiKSJ9erZAFk.roa (raw, json)
Hash identifier: vU7Yotlgbi0iam78fzTGWymeFcMrc4oLWTmLJX4ERds=
Subject key identifier: CF:D0:BC:EC:12:57:C3:D0:C0:0F:E1:A9:88:A4:89:F5:EA:D9:00:59
Certificate issuer: /CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Certificate serial: 042FE24B
Authority key identifier: 31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/z9C87BJXw9DAD-GpiKSJ9erZAFk.roa
Signing time: Sat 01 Jan 2022 05:59:46 +0000
ROA not before: Sat 01 Jan 2022 05:59:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203698
IP address blocks: 176.124.40.0/22 maxlen: 22
45.147.208.0/22 maxlen: 22
2a0f:3400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70246987 (0x42fe24b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Validity
Not Before: Jan 1 05:59:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfd0bcec1257c3d0c00fe1a988a489f5ead90059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:75:a2:34:19:02:4d:3b:dc:6d:ed:11:56:38:
0f:6a:62:8f:de:d2:4c:c3:df:3f:7d:5c:6b:3e:93:
32:d7:6d:f0:6c:e4:90:a8:eb:c1:7d:fa:00:0b:8b:
7d:a8:dd:f1:7b:5a:4f:f3:c1:5a:53:80:e0:f9:d4:
8c:6d:2c:72:36:7d:74:61:17:67:6b:4b:4b:e1:8d:
47:12:1f:59:93:0f:29:d2:64:7c:4b:ca:80:50:3b:
5d:4a:26:0a:b6:20:72:71:df:f4:57:ea:a0:48:a0:
b8:c9:ea:b7:ba:c8:b8:a5:2f:ea:51:74:ba:2f:55:
79:1c:bd:b0:bc:85:5b:61:36:47:97:24:f3:d0:24:
78:71:b5:af:67:23:ae:34:ae:9e:d7:07:d0:88:d4:
01:d3:22:c3:a2:d3:7e:e7:0d:33:84:6f:5b:bd:19:
c1:d0:43:69:ba:83:02:37:0d:2f:9d:fa:3d:0c:5d:
8f:e8:77:23:55:9a:cd:86:f5:b7:dc:2f:3e:4a:7e:
d6:10:2e:b1:c9:a5:51:61:5b:2e:08:e8:57:a2:62:
8f:72:65:1a:51:e6:40:ac:00:f4:b7:36:0d:2c:e0:
01:f6:90:c9:0b:76:11:f4:f2:28:22:57:95:a1:8a:
63:fe:a8:bd:18:be:d1:8a:ab:03:70:c9:a4:7f:be:
b6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D0:BC:EC:12:57:C3:D0:C0:0F:E1:A9:88:A4:89:F5:EA:D9:00:59
X509v3 Authority Key Identifier:
keyid:31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/z9C87BJXw9DAD-GpiKSJ9erZAFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/MVlVxK8-sajTQAqGYl42XCYpjWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.208.0/22
176.124.40.0/22
IPv6:
2a0f:3400::/29
Signature Algorithm: sha256WithRSAEncryption
37:f0:db:26:ad:3d:49:22:aa:6b:f7:da:7d:c9:3f:cb:2c:3c:
d6:de:7d:08:57:97:4d:33:e5:00:31:46:79:72:88:aa:57:96:
b2:8f:3b:b2:6f:8c:d0:2d:fc:02:25:9c:fc:3f:a5:5d:2c:f1:
2c:f9:f7:85:ff:9a:42:69:38:ad:65:a5:6d:ba:d5:a3:b8:19:
2e:3d:ac:10:9b:6a:b8:78:66:8b:e7:d7:bd:15:b8:d4:93:cc:
58:a9:0c:0e:93:8d:22:f5:81:1e:b3:31:d3:6f:32:de:c8:5b:
59:a9:2e:3b:4a:8a:c8:92:09:91:0b:3c:0c:64:fe:32:a4:6e:
da:29:3e:3b:c7:42:71:04:a4:e6:9e:72:71:f1:9f:3a:cf:58:
e7:13:20:3c:44:93:eb:19:f1:69:97:c3:36:b2:f6:47:08:59:
7a:b1:6b:40:82:d2:22:dd:02:c9:cc:bf:5c:7c:63:16:da:e8:
cf:f0:0a:6d:6b:fb:1d:ec:95:a3:9e:3f:a5:7d:5a:85:12:b9:
f3:6e:e0:11:2e:66:43:59:77:72:1e:f2:1b:16:ab:4b:db:40:
28:d3:e4:a6:f8:32:1b:91:5b:be:d9:5d:6e:9c:cc:28:4a:36:
2f:02:75:62:49:03:c7:71:30:31:65:d0:4a:18:0d:2d:f0:20:
a9:8b:c8:b0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBC/iSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTU5NTVjNGFmM2ViMWE4ZDM0MDBhODY2MjVlMzY1YzI2Mjk4ZDZhMB4XDTIyMDEw
MTA1NTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ZkMGJjZWMxMjU3
YzNkMGMwMGZlMWE5ODhhNDg5ZjVlYWQ5MDA1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANp1ojQZAk073G3tEVY4D2pij97STMPfP31caz6TMtdt8Gzk
kKjrwX36AAuLfajd8XtaT/PBWlOA4PnUjG0scjZ9dGEXZ2tLS+GNRxIfWZMPKdJk
fEvKgFA7XUomCrYgcnHf9FfqoEiguMnqt7rIuKUv6lF0ui9VeRy9sLyFW2E2R5ck
89AkeHG1r2cjrjSuntcH0IjUAdMiw6LTfucNM4RvW70ZwdBDabqDAjcNL536PQxd
j+h3I1WazYb1t9wvPkp+1hAuscmlUWFbLgjoV6Jij3JlGlHmQKwA9Lc2DSzgAfaQ
yQt2EfTyKCJXlaGKY/6ovRi+0YqrA3DJpH++tiUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTP0LzsElfD0MAP4amIpIn16tkAWTAfBgNVHSMEGDAWgBQxWVXErz6xqNNA
CoZiXjZcJimNajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01WbFZ4Szgtc2FqVFFBcUdZbDQyWENZcGpXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMjFjNjFhLWQ2YjEtNGFjYS05NzgyLTk3MzQ4MzM2ZjMzYS8x
L3o5Qzg3QkpYdzlEQUQtR3BpS1NKOWVyWkFGay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MjFjNjFhLWQ2YjEtNGFjYS05NzgyLTk3MzQ4MzM2ZjMzYS8xL01WbFZ4Szgtc2Fq
VFFBcUdZbDQyWENZcGpXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2T0AMEArB8KDANBAIAAjAHAwUD
Kg80ADANBgkqhkiG9w0BAQsFAAOCAQEAN/DbJq09SSKqa/fafck/yyw81t59CFeX
TTPlADFGeXKIqleWso87sm+M0C38AiWc/D+lXSzxLPn3hf+aQmk4rWWlbbrVo7gZ
Lj2sEJtquHhmi+fXvRW41JPMWKkMDpONIvWBHrMx028y3shbWakuO0qKyJIJkQs8
DGT+MqRu2ik+O8dCcQSk5p5ycfGfOs9Y5xMgPEST6xnxaZfDNrL2RwhZerFrQILS
It0Cycy/XHxjFtroz/AKbWv7HeyVo54/pX1ahRK5827gES5mQ1l3ch7yGxarS9tA
KNPkpvgyG5FbvtldbpzMKEo2LwJ1YkkDx3EwMWXQShgNLfAgqYvIsA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:35 2025 by rpki-client