Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/7Ru9W2RKxCH5AJLPhaKz1Z3NNqY.roa
File: 7Ru9W2RKxCH5AJLPhaKz1Z3NNqY.roa (raw, json)
Hash identifier: 6gj4Bnzk2WHuFlTroPTRhmw3x2DyrlcGZbMJO/zf640=
Subject key identifier: ED:1B:BD:5B:64:4A:C4:21:F9:00:92:CF:85:A2:B3:D5:9D:CD:36:A6
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 36DDE449
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/7Ru9W2RKxCH5AJLPhaKz1Z3NNqY.roa
Signing time: Sat 01 Jan 2022 15:05:28 +0000
ROA not before: Sat 01 Jan 2022 15:05:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8728
IP address blocks: 84.52.0.0/18 maxlen: 32
82.147.160.0/19 maxlen: 32
212.7.0.0/19 maxlen: 32
185.200.68.0/22 maxlen: 32
212.7.30.0/24 maxlen: 32
89.235.192.0/18 maxlen: 32
109.235.240.0/21 maxlen: 32
2001:1b28::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920511561 (0x36dde449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Jan 1 15:05:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed1bbd5b644ac421f90092cf85a2b3d59dcd36a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:1f:08:65:9d:3f:99:d7:89:4b:69:9d:77:
8a:6e:d3:04:bb:b8:0a:1c:87:6e:88:3d:b1:80:27:
40:d1:6f:b8:a0:fb:94:c7:09:fd:00:d2:20:84:e7:
47:7e:a0:56:6f:a4:97:97:a8:dd:ac:e3:06:74:05:
de:41:06:b1:4b:b1:f3:6b:4b:57:c3:ef:5a:3d:d2:
56:a5:df:4c:4f:8f:e1:21:34:60:e4:82:f9:fb:c7:
a2:d0:78:0d:4a:34:82:fe:25:39:02:72:60:b4:57:
75:7d:45:9f:05:45:61:ec:d9:63:56:41:65:7d:f0:
96:67:4c:02:bd:5f:ff:6f:32:06:61:83:8f:4f:48:
52:7a:6f:53:d5:52:02:14:3b:eb:2f:29:b6:0d:d8:
e2:91:56:0b:91:bb:cd:7a:53:a8:2d:1a:ee:42:04:
cf:e0:3c:8e:47:b7:29:78:53:de:04:11:74:96:79:
74:56:af:f6:73:ec:a1:71:33:14:f4:f8:58:30:52:
27:cd:3e:39:87:8e:ff:22:79:4c:a7:bb:85:e9:ec:
e1:26:da:12:92:5d:48:90:db:0d:11:81:88:c1:a2:
f2:28:44:8c:92:23:10:b0:5c:8f:10:7e:5a:64:4b:
77:d7:52:00:b8:a6:e0:90:09:89:f5:06:6b:74:47:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1B:BD:5B:64:4A:C4:21:F9:00:92:CF:85:A2:B3:D5:9D:CD:36:A6
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/7Ru9W2RKxCH5AJLPhaKz1Z3NNqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.147.160.0/19
84.52.0.0/18
89.235.192.0/18
109.235.240.0/21
185.200.68.0/22
212.7.0.0/19
IPv6:
2001:1b28::/32
Signature Algorithm: sha256WithRSAEncryption
85:12:ee:6d:d1:3e:b2:2e:1c:2c:67:b3:c4:a0:ab:99:6a:6e:
3b:99:6f:b9:61:09:c2:ec:27:7e:08:51:d4:cf:29:3d:98:73:
92:41:32:84:b1:11:d2:4f:ac:2e:e6:6b:e6:15:42:26:48:3e:
d4:d8:ae:75:33:b7:c5:06:5d:2c:8c:f8:70:6d:39:47:c2:17:
a5:5b:06:0e:e7:45:42:21:e1:7d:fb:ce:fe:1d:2b:fc:fc:e8:
6c:4f:48:85:c5:30:fd:2d:ac:24:55:10:2e:75:d9:df:d8:a0:
1d:f4:3c:b3:1e:9e:9c:e2:e6:d1:91:cc:d4:32:be:01:37:ec:
47:3b:f4:b1:bc:a6:79:3a:e8:28:f8:be:db:c0:35:0d:80:05:
84:0c:37:94:39:19:1f:4b:00:2e:db:21:1a:98:20:c4:5e:6d:
5e:b6:02:02:25:f3:23:56:31:93:82:8a:55:06:8f:8f:5b:7f:
a1:05:9b:20:86:88:a1:65:97:1d:15:31:52:12:56:c1:f8:16:
cf:42:e3:17:52:10:e1:e9:57:89:10:92:d7:ae:6c:7f:44:83:
17:b1:2d:93:7c:48:97:ea:f5:a2:11:a5:2b:fc:62:8d:7e:05:
3e:b5:d5:d6:e1:8f:a6:30:f7:07:ad:c5:04:b0:b9:e8:fe:a4:
eb:14:b3:95
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIENt3kSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQwMzE4ZjI2ODVlMzJkMmRiYTkyM2Y2NjYyNzcxNDI3MzU5NzM4MB4XDTIyMDEw
MTE1MDUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQxYmJkNWI2NDRh
YzQyMWY5MDA5MmNmODVhMmIzZDU5ZGNkMzZhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmxHwhlnT+Z14lLaZ13im7TBLu4ChyHbog9sYAnQNFvuKD7
lMcJ/QDSIITnR36gVm+kl5eo3azjBnQF3kEGsUux82tLV8PvWj3SVqXfTE+P4SE0
YOSC+fvHotB4DUo0gv4lOQJyYLRXdX1FnwVFYezZY1ZBZX3wlmdMAr1f/28yBmGD
j09IUnpvU9VSAhQ76y8ptg3Y4pFWC5G7zXpTqC0a7kIEz+A8jke3KXhT3gQRdJZ5
dFav9nPsoXEzFPT4WDBSJ80+OYeO/yJ5TKe7hens4SbaEpJdSJDbDRGBiMGi8ihE
jJIjELBcjxB+WmRLd9dSALim4JAJifUGa3RHpzkCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTtG71bZErEIfkAks+ForPVnc02pjAfBgNVHSMEGDAWgBTZ0DGPJoXjLS26
kj9mYncUJzWXODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkQXhqeWFGNHkwdHVwSV9abUozRkNjMWx6Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvOGNlNjA5LWRiMWQtNDk5Ny05ZDhhLTk2ZGRkNWEwMjM5ZC8x
LzdSdTlXMlJLeENINUFKTFBoYUt6MVozTk5xWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
OGNlNjA5LWRiMWQtNDk5Ny05ZDhhLTk2ZGRkNWEwMjM5ZC8xLzJkQXhqeWFGNHkw
dHVwSV9abUozRkNjMWx6Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBVKToAMEBlQ0AAMEBlnrwAMEA23r
8AMEArnIRAMEBdQHADANBAIAAjAHAwUAIAEbKDANBgkqhkiG9w0BAQsFAAOCAQEA
hRLubdE+si4cLGezxKCrmWpuO5lvuWEJwuwnfghR1M8pPZhzkkEyhLER0k+sLuZr
5hVCJkg+1NiudTO3xQZdLIz4cG05R8IXpVsGDudFQiHhffvO/h0r/PzobE9IhcUw
/S2sJFUQLnXZ39igHfQ8sx6enOLm0ZHM1DK+ATfsRzv0sbymeTroKPi+28A1DYAF
hAw3lDkZH0sALtshGpggxF5tXrYCAiXzI1Yxk4KKVQaPj1t/oQWbIIaIoWWXHRUx
UhJWwfgWz0LjF1IQ4elXiRCS165sf0SDF7Etk3xIl+r1ohGlK/xijX4FPrXV1uGP
pjD3B63FBLC56P6k6xSzlQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:31 2025 by rpki-client