Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ba0579-a1e7-4b24-8033-6b3e0aa2cbb2/1/ydhjNtdsLnGtuo6Al5U50ZWH2pA.roa
File: ydhjNtdsLnGtuo6Al5U50ZWH2pA.roa (raw, json)
Hash identifier: 7TFxbjwhrEaKn9ESHlcJRf2tlOnhlW7yTq4gkB9Lam0=
Subject key identifier: C9:D8:63:36:D7:6C:2E:71:AD:BA:8E:80:97:95:39:D1:95:87:DA:90
Certificate issuer: /CN=8621b0b7dfa0a7888f75eff20f32145a0b3f0dd5
Certificate serial: 0E2F2A52
Authority key identifier: 86:21:B0:B7:DF:A0:A7:88:8F:75:EF:F2:0F:32:14:5A:0B:3F:0D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiGwt9-gp4iPde_yDzIUWgs_DdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/ba0579-a1e7-4b24-8033-6b3e0aa2cbb2/1/ydhjNtdsLnGtuo6Al5U50ZWH2pA.roa
Signing time: Sat 01 Jan 2022 10:00:23 +0000
ROA not before: Sat 01 Jan 2022 10:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60111
IP address blocks: 185.125.220.0/22 maxlen: 22
2a02:5c20::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 237972050 (0xe2f2a52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8621b0b7dfa0a7888f75eff20f32145a0b3f0dd5
Validity
Not Before: Jan 1 10:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9d86336d76c2e71adba8e80979539d19587da90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bc:51:3d:1c:34:be:08:4e:49:cb:43:79:d6:
fa:15:b4:fc:0d:dc:78:7c:4d:07:75:92:5b:ae:80:
f4:55:13:1c:7b:0e:19:9a:0f:40:b4:8b:09:31:58:
4a:0a:8e:fb:72:b3:26:24:95:0f:66:04:de:61:40:
5c:f4:58:98:78:ba:5b:c5:29:84:5f:96:0e:df:1e:
e1:99:f5:a6:18:09:aa:96:b3:f8:e4:8a:fd:b9:da:
78:3b:9f:39:d8:a3:af:e0:1e:bc:a4:d4:57:44:df:
c7:9b:8b:e1:39:5b:50:93:74:d0:ed:aa:14:d9:cc:
90:b0:9c:fb:10:a3:c5:81:1f:c7:a5:fd:f2:30:fe:
d4:6e:91:a2:ae:9c:e8:46:bd:ed:7f:83:2a:96:98:
5a:7c:6d:f9:42:ca:a3:33:7c:29:c2:89:b5:2f:c5:
77:77:8a:18:3f:19:13:20:41:d3:93:b5:05:bd:ae:
6a:75:dc:13:d7:91:ab:6a:2e:97:22:0d:b5:34:80:
59:c8:cf:b0:6a:b4:14:7c:27:0a:6b:ae:e0:46:ed:
2b:ec:b7:85:88:3a:aa:2b:70:22:c9:ed:24:68:d3:
33:29:4e:06:da:a8:4a:f7:9c:89:e2:a1:a6:15:f8:
15:b2:e8:49:41:fc:7d:e3:b9:69:f6:23:f8:41:64:
c2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D8:63:36:D7:6C:2E:71:AD:BA:8E:80:97:95:39:D1:95:87:DA:90
X509v3 Authority Key Identifier:
keyid:86:21:B0:B7:DF:A0:A7:88:8F:75:EF:F2:0F:32:14:5A:0B:3F:0D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiGwt9-gp4iPde_yDzIUWgs_DdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba0579-a1e7-4b24-8033-6b3e0aa2cbb2/1/ydhjNtdsLnGtuo6Al5U50ZWH2pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba0579-a1e7-4b24-8033-6b3e0aa2cbb2/1/hiGwt9-gp4iPde_yDzIUWgs_DdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.220.0/22
IPv6:
2a02:5c20::/29
Signature Algorithm: sha256WithRSAEncryption
44:60:b0:d0:0d:90:1e:9f:a3:2e:25:f9:06:76:e8:fb:17:ab:
96:29:4b:16:d5:36:c7:21:77:df:30:ed:74:2e:78:21:1b:e2:
9a:b5:8d:21:6f:df:32:ba:99:bc:32:e0:d3:4c:e6:c5:ac:27:
a6:c6:03:d4:1f:21:ae:db:8d:18:ed:9e:91:fe:4e:06:7c:8f:
2e:d8:3a:7b:65:99:fb:91:60:ab:f0:e2:50:a1:67:c4:a4:fa:
32:be:1e:29:77:eb:bc:1c:de:4e:83:0e:93:f4:2e:a3:09:46:
e6:68:91:f1:fe:ce:e9:78:ac:ef:4d:04:29:38:69:f7:91:45:
87:cb:9c:e2:44:75:b2:6d:db:9d:36:46:29:ba:93:cf:61:a0:
40:2c:2c:bb:55:1e:9a:f5:8f:af:2d:2a:73:dc:79:25:19:8b:
9d:21:3c:10:7b:7a:89:f4:0c:22:81:45:d3:6e:1b:e2:66:8f:
f3:28:4c:45:86:6c:7b:3c:6a:8d:99:17:d6:d3:7d:b7:e0:52:
b8:c3:2e:4a:9b:d4:0b:ff:a5:9b:b7:1f:c2:06:89:af:b1:97:
13:61:22:43:62:1f:fb:6d:67:32:c1:0f:a8:5e:b1:af:e5:95:
44:4d:bd:00:68:88:d2:2d:cd:4c:8c:72:f5:92:6c:ee:88:89:
1d:1f:cd:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDi8qUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjIxYjBiN2RmYTBhNzg4OGY3NWVmZjIwZjMyMTQ1YTBiM2YwZGQ1MB4XDTIyMDEw
MTEwMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzlkODYzMzZkNzZj
MmU3MWFkYmE4ZTgwOTc5NTM5ZDE5NTg3ZGE5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANO8UT0cNL4ITknLQ3nW+hW0/A3ceHxNB3WSW66A9FUTHHsO
GZoPQLSLCTFYSgqO+3KzJiSVD2YE3mFAXPRYmHi6W8UphF+WDt8e4Zn1phgJqpaz
+OSK/bnaeDufOdijr+AevKTUV0Tfx5uL4TlbUJN00O2qFNnMkLCc+xCjxYEfx6X9
8jD+1G6Roq6c6Ea97X+DKpaYWnxt+ULKozN8KcKJtS/Fd3eKGD8ZEyBB05O1Bb2u
anXcE9eRq2oulyINtTSAWcjPsGq0FHwnCmuu4EbtK+y3hYg6qitwIsntJGjTMylO
BtqoSvecieKhphX4FbLoSUH8feO5afYj+EFkwn0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTJ2GM212wuca26joCXlTnRlYfakDAfBgNVHSMEGDAWgBSGIbC336CniI91
7/IPMhRaCz8N1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hpR3d0OS1ncDRpUGRlX3lEeklVV2dzX0RkVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvYmEwNTc5LWExZTctNGIyNC04MDMzLTZiM2UwYWEyY2JiMi8x
L3lkaGpOdGRzTG5HdHVvNkFsNVU1MFpXSDJwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
YmEwNTc5LWExZTctNGIyNC04MDMzLTZiM2UwYWEyY2JiMi8xL2hpR3d0OS1ncDRp
UGRlX3lEeklVV2dzX0RkVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl93DANBAIAAjAHAwUDKgJcIDAN
BgkqhkiG9w0BAQsFAAOCAQEARGCw0A2QHp+jLiX5Bnbo+xerlilLFtU2xyF33zDt
dC54IRvimrWNIW/fMrqZvDLg00zmxawnpsYD1B8hrtuNGO2ekf5OBnyPLtg6e2WZ
+5Fgq/DiUKFnxKT6Mr4eKXfrvBzeToMOk/QuowlG5miR8f7O6Xis700EKThp95FF
h8uc4kR1sm3bnTZGKbqTz2GgQCwsu1UemvWPry0qc9x5JRmLnSE8EHt6ifQMIoFF
024b4maP8yhMRYZsezxqjZkX1tN9t+BSuMMuSpvUC/+lm7cfwgaJr7GXE2EiQ2If
+21nMsEPqF6xr+WVRE29AGiI0i3NTIxy9ZJs7oiJHR/NdQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:07 2025 by rpki-client