Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/9WR42J4WCCSmQoS6E0q3Mrz_-tk.roa
File: 9WR42J4WCCSmQoS6E0q3Mrz_-tk.roa (raw, json)
Hash identifier: PUnFSdc9r8S+OkHlYwfFg6YNw7EQS5NgFTSjx2tjs/E=
Subject key identifier: F5:64:78:D8:9E:16:08:24:A6:42:84:BA:13:4A:B7:32:BC:FF:FA:D9
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 1BA85FD1
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/9WR42J4WCCSmQoS6E0q3Mrz_-tk.roa
Signing time: Sat 01 Jan 2022 09:53:19 +0000
ROA not before: Sat 01 Jan 2022 09:53:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199272
IP address blocks: 185.14.25.0/24 maxlen: 24
185.14.27.0/24 maxlen: 24
185.14.26.0/24 maxlen: 24
185.14.24.0/22 maxlen: 22
185.14.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464019409 (0x1ba85fd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Jan 1 09:53:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f56478d89e160824a64284ba134ab732bcfffad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4e:f2:98:bd:0d:70:5f:8f:d0:8e:53:90:e6:
a9:c6:fc:dd:ad:e8:b4:73:59:20:26:5c:ae:15:06:
4d:ef:eb:e5:76:d9:67:26:0d:74:77:36:76:b3:3b:
6a:d9:eb:5d:14:6f:8e:ac:0a:c2:e5:03:25:51:e8:
52:1f:03:50:fe:fe:74:7b:c2:da:29:c9:84:bb:de:
30:f5:1a:88:1e:50:ca:8f:5c:0d:24:b2:64:9e:29:
cd:d1:71:db:9f:2a:f6:6a:28:80:69:33:40:40:01:
26:c5:23:54:46:e9:56:9b:77:89:3e:89:3d:62:98:
f5:43:ec:36:94:a5:77:77:82:3f:1e:41:d2:c1:e2:
bc:3b:c7:46:e7:7b:a3:57:8e:d3:ba:60:9c:25:bd:
41:4e:22:09:8a:5e:5b:74:6a:f0:a4:60:91:9d:a9:
a5:11:6e:96:a3:93:60:d8:9a:09:5a:f8:20:26:13:
b0:38:01:32:66:e7:94:9e:5b:7b:74:22:41:3f:93:
f6:4e:c7:11:6f:a8:61:d2:5e:bc:1d:71:da:cd:de:
d4:26:17:70:fb:4c:9a:4f:9e:4d:b5:21:dd:6d:7c:
75:d1:cb:25:5b:39:60:e0:ee:45:b3:0f:46:88:62:
c8:61:35:71:b3:a0:b4:37:a7:42:cc:d6:79:60:02:
00:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:64:78:D8:9E:16:08:24:A6:42:84:BA:13:4A:B7:32:BC:FF:FA:D9
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/9WR42J4WCCSmQoS6E0q3Mrz_-tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.24.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:42:b8:dd:0e:75:8b:37:fc:00:7c:1e:74:a3:76:cd:d9:85:
15:4c:41:fe:45:55:0a:b9:13:77:5a:6f:5c:32:84:77:23:09:
64:20:fa:4d:08:97:03:18:17:b3:5f:b9:5c:3e:73:fc:41:ec:
63:b1:0b:37:58:20:b4:14:01:87:51:9c:f3:13:19:4d:95:66:
b8:75:b2:4e:9b:c7:f8:52:3d:36:ef:34:ae:2e:0f:46:70:13:
5c:82:5d:ee:8a:5a:21:47:77:70:4a:56:c7:f5:0e:85:70:09:
a4:74:ed:30:e2:c5:5b:7f:ea:3b:d6:10:d8:23:22:36:ab:e6:
7c:46:0a:b7:3b:fb:be:e0:c8:64:8f:1d:5d:d9:1f:c8:55:a3:
08:54:59:62:46:5e:f0:74:6a:25:ed:d2:53:3b:63:59:4f:40:
8e:04:74:92:15:3c:bf:c2:2e:26:99:43:52:de:1b:f7:17:b5:
24:d1:c6:a3:e9:7e:61:bd:5d:d4:1b:da:6a:70:5c:f6:88:df:
d1:4c:2d:ac:81:0d:d0:5c:ae:68:b1:a2:39:ac:d6:64:d2:b7:
fb:9a:61:03:85:60:b2:0e:e8:69:a5:7e:cc:bb:fc:c2:a7:3d:
d3:f6:1e:15:98:35:0f:3a:20:e5:d6:11:19:34:75:37:30:9b:
fb:3a:31:bd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG6hf0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NzdhYWQzMDdhZDMzMGViYjhjZjQ0ZWMyMTM4OWExNzA0MzZmZDUzMB4XDTIyMDEw
MTA5NTMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU2NDc4ZDg5ZTE2
MDgyNGE2NDI4NGJhMTM0YWI3MzJiY2ZmZmFkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpO8pi9DXBfj9COU5Dmqcb83a3otHNZICZcrhUGTe/r5XbZ
ZyYNdHc2drM7atnrXRRvjqwKwuUDJVHoUh8DUP7+dHvC2inJhLveMPUaiB5Qyo9c
DSSyZJ4pzdFx258q9moogGkzQEABJsUjVEbpVpt3iT6JPWKY9UPsNpSld3eCPx5B
0sHivDvHRud7o1eO07pgnCW9QU4iCYpeW3Rq8KRgkZ2ppRFulqOTYNiaCVr4ICYT
sDgBMmbnlJ5be3QiQT+T9k7HEW+oYdJevB1x2s3e1CYXcPtMmk+eTbUh3W18ddHL
JVs5YODuRbMPRohiyGE1cbOgtDenQszWeWACABkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1ZHjYnhYIJKZChLoTSrcyvP/62TAfBgNVHSMEGDAWgBSHeq0wetMw67jP
ROwhOJoXBDb9UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gzcXRNSHJUTU91NHowVHNJVGlhRndRMl9WTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvOWFlMjIxLWMxMDEtNDk3Zi05MWZlLTUwODA5OWMxMzNiYi8x
LzlXUjQySjRXQ0NTbVFvUzZFMHEzTXJ6Xy10ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
OWFlMjIxLWMxMDEtNDk3Zi05MWZlLTUwODA5OWMxMzNiYi8xL2gzcXRNSHJUTU91
NHowVHNJVGlhRndRMl9WTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkOGDANBgkqhkiG9w0BAQsFAAOC
AQEAf0K43Q51izf8AHwedKN2zdmFFUxB/kVVCrkTd1pvXDKEdyMJZCD6TQiXAxgX
s1+5XD5z/EHsY7ELN1ggtBQBh1Gc8xMZTZVmuHWyTpvH+FI9Nu80ri4PRnATXIJd
7opaIUd3cEpWx/UOhXAJpHTtMOLFW3/qO9YQ2CMiNqvmfEYKtzv7vuDIZI8dXdkf
yFWjCFRZYkZe8HRqJe3SUztjWU9AjgR0khU8v8IuJplDUt4b9xe1JNHGo+l+Yb1d
1BvaanBc9ojf0UwtrIEN0FyuaLGiOazWZNK3+5phA4Vgsg7oaaV+zLv8wqc90/Ye
FZg1Dzog5dYRGTR1NzCb+zoxvQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:17 2025 by rpki-client