Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3hJr7lbHs1U6sCWUjbO6GE-dSqs.roa
File: 3hJr7lbHs1U6sCWUjbO6GE-dSqs.roa (raw, json)
Hash identifier: 2wVE1SJdrVCvnlYLzk6PyFBw55ZHO6nv3TQEyl06Sqg=
Subject key identifier: DE:12:6B:EE:56:C7:B3:55:3A:B0:25:94:8D:B3:BA:18:4F:9D:4A:AB
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841DAEE397881FBA395BFAF26F10310C7F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3hJr7lbHs1U6sCWUjbO6GE-dSqs.roa
Signing time: Fri 28 Oct 2022 08:21:51 +0000
ROA not before: Fri 28 Oct 2022 08:21:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209456
IP address blocks: 185.22.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:ae:e3:97:88:1f:ba:39:5b:fa:f2:6f:10:31:0c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 28 08:21:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de126bee56c7b3553ab025948db3ba184f9d4aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:75:b0:91:8a:66:9b:5b:ab:59:55:1a:8e:51:
50:a8:c7:1d:1c:a0:e4:57:8e:12:7e:93:02:30:1d:
72:5b:1d:9b:7f:40:80:02:78:3c:53:86:b4:17:03:
92:f6:4b:56:e2:ff:c9:0b:a0:ea:1a:40:97:a2:33:
24:56:b3:f1:e3:ab:4d:1a:15:29:68:5a:07:c6:ff:
3e:4e:06:e1:3c:eb:10:82:58:07:79:4f:4b:37:4f:
b7:fb:c9:d3:af:7b:51:1a:91:d4:ad:52:cf:30:f9:
d2:8a:00:f3:17:97:e2:08:5f:1a:3d:bc:99:32:87:
dd:63:f1:18:e4:e2:63:2f:c4:8a:a2:2a:82:a3:b2:
e8:14:fc:32:b3:15:8c:e3:a5:e5:0f:41:2b:e3:58:
0d:95:c9:c7:43:e6:ee:7f:72:9e:83:4c:67:82:e9:
11:1c:80:9d:b4:83:2d:eb:10:47:06:3c:63:23:96:
2f:8b:8e:50:58:56:03:74:a6:16:f5:f2:e7:a7:85:
2a:01:4e:55:06:29:11:12:d7:0b:b9:47:2b:54:f1:
26:6d:7f:ce:35:b3:3f:3c:29:be:64:bc:52:ee:4f:
be:75:73:8b:ba:76:5b:15:b7:4e:76:0e:85:f2:2d:
2d:ca:7a:45:f5:d9:34:5c:58:62:42:ce:54:94:e9:
b1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:6B:EE:56:C7:B3:55:3A:B0:25:94:8D:B3:BA:18:4F:9D:4A:AB
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3hJr7lbHs1U6sCWUjbO6GE-dSqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.25.0/24
Signature Algorithm: sha256WithRSAEncryption
45:01:2a:8e:43:cd:0c:a7:3b:06:11:cf:14:52:31:04:b4:a1:
90:90:b5:d2:29:af:d0:81:fa:ae:6b:ec:07:67:50:04:47:66:
d4:02:1e:b0:e5:5c:93:fa:10:f1:34:6e:5a:e3:67:db:4c:25:
d4:78:a9:c2:26:59:82:78:7f:de:20:83:68:c2:39:bd:40:45:
24:30:2c:e0:c2:50:09:9f:0e:61:46:b6:8d:7a:fa:78:d0:ec:
52:5d:ad:d0:f1:fc:ae:a0:a4:90:fb:1b:ae:49:23:4b:e0:ba:
39:82:20:cc:6e:30:40:1b:cc:c6:d7:0e:d9:02:0a:67:60:5b:
d1:b1:00:b1:a5:ec:f1:c7:6b:14:94:68:06:5a:fc:42:1b:40:
dd:9f:15:58:35:1a:8b:a5:52:2e:40:3b:08:60:72:b6:9d:21:
8e:7d:16:67:34:28:b8:cc:eb:3c:b0:7b:b5:cb:56:1c:ce:f0:
6e:ce:71:42:40:47:b9:e7:41:56:eb:03:45:cb:a8:60:d8:70:
a0:32:9b:35:29:20:d8:20:f0:bb:c3:44:7f:ba:d3:c6:d3:87:
3f:fb:45:43:bf:1c:d6:16:52:b5:5a:3a:af:1b:b0:e7:75:5d:
20:e0:a0:1f:ce:ce:6e:8d:cf:ef:a9:55:24:5c:c6:a5:29:56:
8f:01:47:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQdruOXiB+6OVv68m8QMQx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI4MDgyMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyNmJlZTU2YzdiMzU1M2FiMDI1OTQ4ZGIzYmExODRmOWQ0YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XWwkYpmm1urWVUajlFQqMcdHKDk
V44SfpMCMB1yWx2bf0CAAng8U4a0FwOS9ktW4v/JC6DqGkCXojMkVrPx46tNGhUp
aFoHxv8+TgbhPOsQglgHeU9LN0+3+8nTr3tRGpHUrVLPMPnSigDzF5fiCF8aPbyZ
MofdY/EY5OJjL8SKoiqCo7LoFPwysxWM46XlD0Er41gNlcnHQ+buf3Keg0xngukR
HICdtIMt6xBHBjxjI5Yvi45QWFYDdKYW9fLnp4UqAU5VBikREtcLuUcrVPEmbX/O
NbM/PCm+ZLxS7k++dXOLunZbFbdOdg6F8i0tynpF9dk0XFhiQs5UlOmxIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4Sa+5Wx7NVOrAllI2zuhhPnUqrMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvM2hKcjdsYkhzMVU2c0NXVWpiTzZHRS1kU3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRYZMA0G
CSqGSIb3DQEBCwUAA4IBAQBFASqOQ80MpzsGEc8UUjEEtKGQkLXSKa/Qgfqua+wH
Z1AER2bUAh6w5VyT+hDxNG5a42fbTCXUeKnCJlmCeH/eIINowjm9QEUkMCzgwlAJ
nw5hRraNevp40OxSXa3Q8fyuoKSQ+xuuSSNL4Lo5giDMbjBAG8zG1w7ZAgpnYFvR
sQCxpezxx2sUlGgGWvxCG0DdnxVYNRqLpVIuQDsIYHK2nSGOfRZnNCi4zOs8sHu1
y1YczvBuznFCQEe550FW6wNFy6hg2HCgMps1KSDYIPC7w0R/utPG04c/+0VDvxzW
FlK1WjqvG7DndV0g4KAfzs5ujc/vqVUkXMalKVaPAUce
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:33:50 2025 by rpki-client