Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/9sC0gumQGhvNqqnF3ptpjgv6F2Y.roa
File: 9sC0gumQGhvNqqnF3ptpjgv6F2Y.roa (raw, json)
Hash identifier: vKO/8uQm4YpFiwJpn9N2OcV04GFWCMACR+nh/Jsp2lA=
Subject key identifier: F6:C0:B4:82:E9:90:1A:1B:CD:AA:A9:C5:DE:9B:69:8E:0B:FA:17:66
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 045E36FF
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/9sC0gumQGhvNqqnF3ptpjgv6F2Y.roa
Signing time: Sat 01 Jan 2022 16:05:49 +0000
ROA not before: Sat 01 Jan 2022 16:05:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41913
IP address blocks: 89.36.170.0/23 maxlen: 24
91.208.227.0/24 maxlen: 24
91.135.64.0/20 maxlen: 24
91.135.68.0/24 maxlen: 24
185.172.198.0/23 maxlen: 24
91.135.76.0/24 maxlen: 24
185.20.208.0/22 maxlen: 24
2a01:278::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73283327 (0x45e36ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Jan 1 16:05:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6c0b482e9901a1bcdaaa9c5de9b698e0bfa1766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:22:be:94:ac:bc:5a:71:d8:6b:21:09:5b:8a:
81:bf:98:8e:ae:14:14:a3:de:97:db:b3:39:c0:a1:
6a:42:d5:5d:2c:2c:57:f1:97:af:20:71:cd:cb:60:
c1:ff:20:f1:bd:ef:98:77:c2:fd:16:f8:80:d0:10:
a6:63:a5:09:d5:eb:30:61:17:84:4b:a6:6d:f8:95:
40:f5:8e:2c:91:5e:2e:4f:ac:07:a9:3c:22:0f:06:
ef:41:61:b8:3f:2f:1f:64:a5:61:76:3a:4e:5c:74:
88:18:8a:f8:be:ff:20:ab:a0:f2:eb:e7:d7:93:40:
a4:81:07:70:71:c9:c9:0b:92:fc:b3:7c:35:e6:6a:
07:d6:7c:e1:7c:d8:23:3e:a2:5a:13:da:32:c5:41:
83:60:6a:04:87:dc:f6:04:ff:f8:a3:e5:d4:3c:47:
89:6e:b3:51:dc:3d:57:46:11:e7:4c:01:d2:2b:50:
73:ee:f9:09:c8:1f:f5:e1:6a:3b:c5:5d:1c:12:3e:
3b:5a:17:66:3c:70:bb:7c:72:6c:64:5c:a7:87:b9:
4f:b0:0a:ad:26:bb:d1:84:9b:f7:b6:16:f8:75:16:
cd:e7:bd:ce:8d:35:9a:78:3d:e7:5e:d9:18:a2:54:
d2:f4:1a:b0:71:a6:4c:72:01:24:ef:1a:60:d4:9a:
11:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C0:B4:82:E9:90:1A:1B:CD:AA:A9:C5:DE:9B:69:8E:0B:FA:17:66
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/9sC0gumQGhvNqqnF3ptpjgv6F2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.170.0/23
91.135.64.0/20
91.208.227.0/24
185.20.208.0/22
185.172.198.0/23
IPv6:
2a01:278::/32
Signature Algorithm: sha256WithRSAEncryption
76:22:ba:ac:a6:88:4a:95:6f:b7:16:82:47:e5:69:2f:02:f2:
5d:a9:14:cd:37:1e:bb:a0:5e:c8:e8:f1:bf:44:aa:1b:8f:0a:
c7:21:a9:f7:1a:9b:b8:26:24:8b:89:52:4f:9a:f2:05:51:9f:
2b:2c:0b:bd:a8:64:72:92:cb:96:c9:09:b3:88:44:d2:0a:7d:
32:f4:50:f5:a1:4b:74:17:ef:fd:14:9d:99:fa:63:9b:15:8b:
c9:9e:24:ed:16:bc:86:c4:0d:93:ff:f2:67:f5:48:59:4d:b5:
c5:fa:14:8c:16:76:9d:73:63:c1:83:ca:8e:fd:54:47:1c:59:
ad:ff:5b:19:43:65:c6:9a:6e:15:9f:61:70:1b:46:33:10:b1:
6d:a5:79:f7:29:5b:ad:26:49:90:57:04:53:fb:d2:2f:88:49:
4c:3c:67:73:51:89:69:44:29:04:19:21:30:2e:f0:5a:7f:78:
b4:ab:4d:53:8f:ee:d3:18:85:2f:67:0d:73:89:2c:6c:83:24:
3e:05:cc:7f:4c:f0:8e:84:67:b7:61:9f:42:1c:21:e2:26:92:
48:1c:b5:97:f3:e4:d9:d4:6c:a7:1e:36:a5:d7:a2:e9:0f:7b:
b2:f9:70:99:de:19:c2:7d:b3:21:db:c6:42:47:be:09:f9:30:
14:4e:a2:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBF42/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY1YmQyMWM2ODMyMDdkYTBjMzlmYjM3OTg1MzVhZjQ5ZTBiZmY1MB4XDTIyMDEw
MTE2MDU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZjMGI0ODJlOTkw
MWExYmNkYWFhOWM1ZGU5YjY5OGUwYmZhMTc2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4ivpSsvFpx2GshCVuKgb+Yjq4UFKPel9uzOcChakLVXSws
V/GXryBxzctgwf8g8b3vmHfC/Rb4gNAQpmOlCdXrMGEXhEumbfiVQPWOLJFeLk+s
B6k8Ig8G70FhuD8vH2SlYXY6Tlx0iBiK+L7/IKug8uvn15NApIEHcHHJyQuS/LN8
NeZqB9Z84XzYIz6iWhPaMsVBg2BqBIfc9gT/+KPl1DxHiW6zUdw9V0YR50wB0itQ
c+75Ccgf9eFqO8VdHBI+O1oXZjxwu3xybGRcp4e5T7AKrSa70YSb97YW+HUWzee9
zo01mng9517ZGKJU0vQasHGmTHIBJO8aYNSaEfcCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBT2wLSC6ZAaG82qqcXem2mOC/oXZjAfBgNVHSMEGDAWgBQPZb0hxoMgfaDD
n7N5hTWvSeC/9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyVzlJY2FESUgyZ3c1LXplWVUxcjBuZ3ZfVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNGE5OTlmLWQxZmEtNDg4Ny1iYWU4LWUyM2YxMGU0YjkxYy8x
LzlzQzBndW1RR2h2TnFxbkYzcHRwamd2NkYyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NGE5OTlmLWQxZmEtNDg4Ny1iYWU4LWUyM2YxMGU0YjkxYy8xL0QyVzlJY2FESUgy
Z3c1LXplWVUxcjBuZ3ZfVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAVkkqgMEBFuHQAMEAFvQ4wMEArkU
0AMEAbmsxjANBAIAAjAHAwUAKgECeDANBgkqhkiG9w0BAQsFAAOCAQEAdiK6rKaI
SpVvtxaCR+VpLwLyXakUzTceu6BeyOjxv0SqG48KxyGp9xqbuCYki4lST5ryBVGf
KywLvahkcpLLlskJs4hE0gp9MvRQ9aFLdBfv/RSdmfpjmxWLyZ4k7Ra8hsQNk//y
Z/VIWU21xfoUjBZ2nXNjwYPKjv1URxxZrf9bGUNlxppuFZ9hcBtGMxCxbaV59ylb
rSZJkFcEU/vSL4hJTDxnc1GJaUQpBBkhMC7wWn94tKtNU4/u0xiFL2cNc4ksbIMk
PgXMf0zwjoRnt2GfQhwh4iaSSBy1l/Pk2dRspx42pdei6Q97svlwmd4Zwn2zIdvG
Qke+CfkwFE6ijQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:20 2025 by rpki-client