Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/3123d0-7caa-4df3-ad23-aba4e643058e/1/949r6bRPtKvubt95iUnKrAqQ13U.roa
File: 949r6bRPtKvubt95iUnKrAqQ13U.roa (raw, json)
Hash identifier: If8BOsLSPOXZZfU1NL5YYYjQ/qOw6T7wuR136skWXaM=
Subject key identifier: F7:8F:6B:E9:B4:4F:B4:AB:EE:6E:DF:79:89:49:CA:AC:0A:90:D7:75
Certificate issuer: /CN=47014c926ea76d566e9e8a96d5861d4757c8b0ea
Certificate serial: 09304F81
Authority key identifier: 47:01:4C:92:6E:A7:6D:56:6E:9E:8A:96:D5:86:1D:47:57:C8:B0:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RwFMkm6nbVZunoqW1YYdR1fIsOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/3123d0-7caa-4df3-ad23-aba4e643058e/1/949r6bRPtKvubt95iUnKrAqQ13U.roa
Signing time: Sat 01 Jan 2022 07:04:21 +0000
ROA not before: Sat 01 Jan 2022 07:04:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208819
IP address blocks: 185.212.36.0/22 maxlen: 22
2a0b:7040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154161025 (0x9304f81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47014c926ea76d566e9e8a96d5861d4757c8b0ea
Validity
Not Before: Jan 1 07:04:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f78f6be9b44fb4abee6edf798949caac0a90d775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:11:3e:23:25:c1:56:91:ba:f6:ce:e0:96:5d:
50:08:83:0c:f5:7c:66:c5:59:4f:56:f9:4a:06:b8:
f5:ee:a9:f7:17:dc:32:bd:31:e2:fd:34:9e:3b:48:
45:5c:ff:41:d2:a7:85:d8:1c:9e:0a:d9:d7:e2:07:
64:bd:e5:0f:61:38:56:10:28:56:a1:e8:78:26:ec:
7a:e9:87:5e:f3:a2:e4:cf:e5:84:3a:4b:d0:5c:2e:
9c:ea:c1:41:60:aa:1e:a2:7d:72:a7:83:9d:da:44:
37:47:a5:a7:5d:78:ff:9a:ab:7d:ee:f0:67:cb:d9:
e3:aa:6b:9a:8f:d6:9b:5e:8c:35:40:93:02:f2:7b:
0c:e7:fa:9c:ca:80:a2:68:03:ab:0f:72:59:7f:24:
48:44:ca:f6:7f:81:87:dd:e7:67:c8:47:78:ed:60:
56:a8:1c:ae:36:c1:33:07:27:16:2f:63:5a:eb:07:
02:d0:f7:0d:47:e4:17:37:eb:5c:0e:99:af:93:59:
9b:3b:b7:ba:6b:3e:28:75:08:92:cf:0f:b2:25:14:
57:3c:8d:51:ef:77:d5:57:0e:ea:37:f8:0a:63:02:
bf:37:76:44:0f:1c:1c:11:eb:d7:2f:a7:bc:4d:a0:
ef:c4:b7:f0:36:f1:ca:a5:6e:86:8c:8d:60:30:d9:
7d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8F:6B:E9:B4:4F:B4:AB:EE:6E:DF:79:89:49:CA:AC:0A:90:D7:75
X509v3 Authority Key Identifier:
keyid:47:01:4C:92:6E:A7:6D:56:6E:9E:8A:96:D5:86:1D:47:57:C8:B0:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RwFMkm6nbVZunoqW1YYdR1fIsOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3123d0-7caa-4df3-ad23-aba4e643058e/1/949r6bRPtKvubt95iUnKrAqQ13U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3123d0-7caa-4df3-ad23-aba4e643058e/1/RwFMkm6nbVZunoqW1YYdR1fIsOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.36.0/22
IPv6:
2a0b:7040::/29
Signature Algorithm: sha256WithRSAEncryption
55:b7:c4:da:5e:93:bf:99:5f:14:b7:94:5f:00:fc:a1:49:2d:
ba:0a:f8:db:94:66:d8:ee:fd:f7:fa:ce:a6:3b:f9:78:13:f2:
79:3a:a9:da:ed:01:14:43:a5:4d:6d:ea:01:9b:af:a0:ed:2c:
59:87:fa:19:f1:92:80:4a:1f:10:a5:f9:03:8b:84:09:90:05:
ec:17:96:49:7d:c1:0a:9f:95:54:d6:f9:61:7b:06:e0:94:90:
1c:1e:1f:aa:04:05:a2:e6:73:e5:98:0c:49:a0:e4:a0:21:d7:
57:d0:ca:e0:82:ea:f7:6b:ed:0e:a4:8d:72:b9:94:00:01:37:
ae:a8:b6:b1:4b:f9:e0:58:ce:5e:86:a0:e9:c4:de:cb:19:6e:
a9:71:a1:9b:ee:5e:fe:28:2d:8a:49:34:e8:df:1a:40:91:8d:
fd:2f:c1:40:7e:0e:9e:a3:72:ae:56:09:14:4a:67:57:c3:89:
10:d1:4b:46:eb:6e:9f:ba:fd:87:44:71:26:1c:01:1e:e6:94:
75:61:fd:94:bb:93:64:99:d0:be:4a:39:8f:0f:a4:c9:2b:8b:
82:94:af:05:46:23:95:7e:46:2a:6a:a2:6f:19:d3:c6:0b:12:
cf:f1:05:c3:7d:a2:24:be:aa:bc:39:7c:77:1e:5c:51:36:d5:
4e:e0:e9:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECTBPgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NzAxNGM5MjZlYTc2ZDU2NmU5ZThhOTZkNTg2MWQ0NzU3YzhiMGVhMB4XDTIyMDEw
MTA3MDQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc4ZjZiZTliNDRm
YjRhYmVlNmVkZjc5ODk0OWNhYWMwYTkwZDc3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8RPiMlwVaRuvbO4JZdUAiDDPV8ZsVZT1b5Sga49e6p9xfc
Mr0x4v00njtIRVz/QdKnhdgcngrZ1+IHZL3lD2E4VhAoVqHoeCbseumHXvOi5M/l
hDpL0FwunOrBQWCqHqJ9cqeDndpEN0elp114/5qrfe7wZ8vZ46prmo/Wm16MNUCT
AvJ7DOf6nMqAomgDqw9yWX8kSETK9n+Bh93nZ8hHeO1gVqgcrjbBMwcnFi9jWusH
AtD3DUfkFzfrXA6Zr5NZmzu3ums+KHUIks8PsiUUVzyNUe931VcO6jf4CmMCvzd2
RA8cHBHr1y+nvE2g78S38DbxyqVuhoyNYDDZfeECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT3j2vptE+0q+5u33mJScqsCpDXdTAfBgNVHSMEGDAWgBRHAUySbqdtVm6e
ipbVhh1HV8iw6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J3Rk1rbTZuYlZadW5vcVcxWVlkUjFmSXNPby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvMzEyM2QwLTdjYWEtNGRmMy1hZDIzLWFiYTRlNjQzMDU4ZS8x
Lzk0OXI2YlJQdEt2dWJ0OTVpVW5LckFxUTEzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
MzEyM2QwLTdjYWEtNGRmMy1hZDIzLWFiYTRlNjQzMDU4ZS8xL1J3Rk1rbTZuYlZa
dW5vcVcxWVlkUjFmSXNPby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnUJDANBAIAAjAHAwUDKgtwQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVbfE2l6Tv5lfFLeUXwD8oUktugr425Rm2O799/rO
pjv5eBPyeTqp2u0BFEOlTW3qAZuvoO0sWYf6GfGSgEofEKX5A4uECZAF7BeWSX3B
Cp+VVNb5YXsG4JSQHB4fqgQFouZz5ZgMSaDkoCHXV9DK4ILq92vtDqSNcrmUAAE3
rqi2sUv54FjOXoag6cTeyxluqXGhm+5e/igtikk06N8aQJGN/S/BQH4OnqNyrlYJ
FEpnV8OJENFLRutun7r9h0RxJhwBHuaUdWH9lLuTZJnQvko5jw+kySuLgpSvBUYj
lX5GKmqibxnTxgsSz/EFw32iJL6qvDl8dx5cUTbVTuDpGA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:26:01 2025 by rpki-client