Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/9INr1KgoN6MLe1hta2YSY8-eTeU.roa
File: 9INr1KgoN6MLe1hta2YSY8-eTeU.roa (raw, json)
Hash identifier: /BbN5YZg2emwDrjIyVPgR94yMWD2IxINNqy3hNLTelo=
Subject key identifier: F4:83:6B:D4:A8:28:37:A3:0B:7B:58:6D:6B:66:12:63:CF:9E:4D:E5
Certificate issuer: /CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Certificate serial: 7AD7E3
Authority key identifier: F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/9INr1KgoN6MLe1hta2YSY8-eTeU.roa
Signing time: Sat 01 Jan 2022 02:54:36 +0000
ROA not before: Sat 01 Jan 2022 02:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207592
IP address blocks: 134.76.0.0/16 maxlen: 16
195.12.38.0/24 maxlen: 24
2a06:93c0:1::/48 maxlen: 48
2a06:93c0::/29 maxlen: 29
2a06:93c0:2::/48 maxlen: 48
2a06:93c0::/48 maxlen: 48
2a06:93c0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8050659 (0x7ad7e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Validity
Not Before: Jan 1 02:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4836bd4a82837a30b7b586d6b661263cf9e4de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2e:96:68:c5:80:1d:cc:97:db:1d:2d:e2:6c:
cf:a3:b7:82:c4:a0:fc:9a:0d:08:91:13:a1:56:29:
2d:2d:87:48:4e:02:b7:d5:01:e2:f3:1e:e3:57:12:
4b:dc:20:d5:3c:9b:47:84:61:53:3f:b2:94:a4:5d:
f2:1e:4e:63:f2:2c:15:a6:70:6c:bf:41:d8:ae:1f:
4e:66:42:83:26:a9:56:7d:57:c2:b2:3b:57:d1:a8:
4b:b7:d1:4f:05:04:9c:c5:c0:c1:3e:8e:e3:65:c8:
ec:49:d6:3b:2d:93:1e:ea:95:f4:85:65:f7:b9:0c:
71:d3:a5:33:45:55:d6:f4:d3:48:01:67:65:c6:df:
dc:56:61:87:cf:0b:a2:b0:78:8f:e6:4b:b2:f3:9b:
27:42:1a:60:81:dd:9d:00:17:b2:8b:00:f5:f1:aa:
02:db:a5:1d:59:6e:1b:4e:db:a8:79:da:b0:6c:31:
66:74:73:75:65:09:44:1f:44:4c:7d:36:81:89:df:
fa:c9:05:a1:b6:fb:55:e4:f3:e8:14:ce:08:fd:18:
4e:a4:69:f4:94:84:83:2b:b8:32:da:19:dd:c6:ae:
1f:ae:8d:98:b5:3a:c9:c7:da:55:ba:1e:ec:24:39:
4d:dd:8a:e7:97:dd:37:83:cd:d7:cc:4b:8d:ba:94:
76:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:83:6B:D4:A8:28:37:A3:0B:7B:58:6D:6B:66:12:63:CF:9E:4D:E5
X509v3 Authority Key Identifier:
keyid:F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/9INr1KgoN6MLe1hta2YSY8-eTeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.76.0.0/16
195.12.38.0/24
IPv6:
2a06:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:b8:6d:9a:52:cd:c1:a0:d2:78:7f:37:30:29:75:93:28:10:
a1:69:bc:9d:46:8d:1d:4e:d6:63:f3:27:ad:3d:2f:19:f2:0d:
b0:e1:a4:28:84:62:1b:f0:0c:33:08:cd:15:9e:b5:b3:9b:60:
a5:2f:2d:62:01:cf:65:fa:9e:d8:76:19:11:73:8c:03:54:be:
ad:0b:40:14:1e:50:ea:e8:51:ac:80:57:d2:98:95:bf:84:b2:
4b:db:36:7e:5e:28:9e:ae:8c:e0:d8:69:bc:7e:78:25:83:9e:
a4:26:20:bf:f6:89:bc:4d:29:a1:7e:9a:02:8c:7d:12:f9:8a:
49:29:ac:d4:1b:d3:97:bc:03:41:47:40:00:7e:ec:ae:31:12:
02:d9:7b:3e:9f:9e:37:fb:06:c2:be:81:b7:77:45:47:41:dd:
2e:d1:de:a5:70:39:13:54:45:29:b6:d3:08:c1:a5:15:fa:05:
bd:81:9e:75:01:8e:96:24:bf:42:e3:88:81:dc:ef:ca:b9:fb:
71:bc:36:e2:e8:d8:39:3d:d2:de:e4:12:a7:89:de:0b:d6:d1:
55:eb:76:bc:8b:d9:00:af:8f:b0:76:d2:c2:3b:c4:cf:f9:08:
ef:93:f0:d2:7c:cf:ae:df:f6:b2:35:7c:db:10:94:db:d2:54:
c7:67:b7:85
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIDetfjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY4
MjZmZmU5NmNkYzQxZWZhYThiZmIzMTI1ODYyZDY1OTRiZTk4MjcwHhcNMjIwMTAx
MDI1NDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmNDgzNmJkNGE4Mjgz
N2EzMGI3YjU4NmQ2YjY2MTI2M2NmOWU0ZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlS6WaMWAHcyX2x0t4mzPo7eCxKD8mg0IkROhViktLYdITgK3
1QHi8x7jVxJL3CDVPJtHhGFTP7KUpF3yHk5j8iwVpnBsv0HYrh9OZkKDJqlWfVfC
sjtX0ahLt9FPBQScxcDBPo7jZcjsSdY7LZMe6pX0hWX3uQxx06UzRVXW9NNIAWdl
xt/cVmGHzwuisHiP5kuy85snQhpggd2dABeyiwD18aoC26UdWW4bTtuoedqwbDFm
dHN1ZQlEH0RMfTaBid/6yQWhtvtV5PPoFM4I/RhOpGn0lISDK7gy2hndxq4fro2Y
tTrJx9pVuh7sJDlN3Yrnl903g83XzEuNupR2CwIDAQABo4ICHzCCAhswHQYDVR0O
BBYEFPSDa9SoKDejC3tYbWtmEmPPnk3lMB8GA1UdIwQYMBaAFPgm/+ls3EHvqov7
MSWGLWWUvpgnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS1DYl82V3pjUWUtcWlfc3hKWVl0WlpTLW1DYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkxLWNjYTM3ZTJmMjcyOS8x
LzlJTnIxS2dvTjZNTGUxaHRhMllTWTgtZVRlVS5yb2EwgYIGA1UdHwR7MHkwd6B1
oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NmY2ODI2LTFhYWQtNGMzYy1iZDkxLWNjYTM3ZTJmMjcyOS8xLzEtQ2JfNld6Y1Fl
LXFpX3N4SllZdFpaUy1tQ2MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MwYIKwYBBQUHAQcBAf8EJDAiMBEEAgABMAsDAwCGTAMEAMMMJjANBAIAAjAHAwUD
KgaTwDANBgkqhkiG9w0BAQsFAAOCAQEAh7htmlLNwaDSeH83MCl1kygQoWm8nUaN
HU7WY/MnrT0vGfINsOGkKIRiG/AMMwjNFZ61s5tgpS8tYgHPZfqe2HYZEXOMA1S+
rQtAFB5Q6uhRrIBX0piVv4SyS9s2fl4onq6M4NhpvH54JYOepCYgv/aJvE0poX6a
Aox9EvmKSSms1BvTl7wDQUdAAH7srjESAtl7Pp+eN/sGwr6Bt3dFR0HdLtHepXA5
E1RFKbbTCMGlFfoFvYGedQGOliS/QuOIgdzvyrn7cbw24ujYOT3S3uQSp4neC9bR
Vet2vIvZAK+PsHbSwjvEz/kI75Pw0nzPrt/2sjV82xCU29JUx2e3hQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:59 2025 by rpki-client