Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/02LCR9-tVXS-vbLGbPrOS77NUCs.roa
File: 02LCR9-tVXS-vbLGbPrOS77NUCs.roa (raw, json)
Hash identifier: Jc6hmgWJyAH1Q9aqXrY8aJnjYe7rElhOiIek6WpJyjs=
Subject key identifier: D3:62:C2:47:DF:AD:55:74:BE:BD:B2:C6:6C:FA:CE:4B:BE:CD:50:2B
Certificate issuer: /CN=9f04b3cf24cf4b81b2221146a00f2277bc348780
Certificate serial: 01DACCF2
Authority key identifier: 9F:04:B3:CF:24:CF:4B:81:B2:22:11:46:A0:0F:22:77:BC:34:87:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/02LCR9-tVXS-vbLGbPrOS77NUCs.roa
Signing time: Sat 01 Jan 2022 10:55:55 +0000
ROA not before: Sat 01 Jan 2022 10:55:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204567
IP address blocks: 185.175.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31116530 (0x1daccf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f04b3cf24cf4b81b2221146a00f2277bc348780
Validity
Not Before: Jan 1 10:55:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d362c247dfad5574bebdb2c66cface4bbecd502b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a9:25:08:41:eb:db:d8:8e:76:eb:ac:83:8a:
9d:2d:de:36:cb:85:99:a4:9a:af:88:48:65:13:fe:
97:12:db:72:a1:18:ff:49:0e:91:8d:8a:fb:8a:2c:
8a:70:01:d9:40:78:86:91:94:09:77:96:6a:bf:0b:
c9:a7:5d:42:6d:4b:a5:1d:0c:78:6d:ce:f6:e2:b5:
90:37:2f:41:bb:b1:61:c2:41:6a:0a:35:ba:78:56:
67:a2:cc:f4:c8:c5:05:93:1a:2e:d6:94:d7:26:92:
5a:8d:5f:0f:23:1b:c2:97:33:c1:ad:9c:c5:51:25:
2b:a0:c3:d6:4d:46:a2:24:ae:6c:eb:8f:ab:cc:77:
78:d2:7d:49:64:54:6b:bb:74:ff:c4:c9:46:29:a3:
75:0e:c2:e9:b5:33:af:4d:91:76:c8:69:54:cd:40:
c7:9d:3e:de:dc:53:3f:9b:91:70:8c:5f:a6:b7:21:
51:d3:e3:9e:c4:dc:53:aa:0b:ba:a9:6a:c5:c1:e8:
4f:de:fb:b5:68:31:de:79:5f:2d:63:8b:a6:9c:bb:
27:d6:1a:f4:bf:28:1c:53:c6:be:23:70:78:8c:de:
73:34:ac:4d:3c:00:07:ab:e4:b5:64:5f:3c:d2:be:
47:69:0f:69:ac:57:d3:d0:5d:1d:37:1e:51:64:bb:
7b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:62:C2:47:DF:AD:55:74:BE:BD:B2:C6:6C:FA:CE:4B:BE:CD:50:2B
X509v3 Authority Key Identifier:
keyid:9F:04:B3:CF:24:CF:4B:81:B2:22:11:46:A0:0F:22:77:BC:34:87:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/02LCR9-tVXS-vbLGbPrOS77NUCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/nwSzzyTPS4GyIhFGoA8id7w0h4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.220.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:25:06:55:8f:46:48:52:c3:75:c2:05:cd:fc:81:bb:3d:63:
fc:d8:32:80:40:6a:05:62:61:d0:45:91:b9:b7:16:0a:ed:8d:
6d:3e:3a:eb:0f:78:5a:93:bf:90:59:1b:07:e0:58:52:7b:76:
4e:f9:47:d8:71:62:f9:72:70:54:26:b8:5c:be:63:4d:04:b2:
54:70:c0:22:d3:4f:62:7d:ba:e6:44:db:19:dd:93:19:da:de:
6d:9f:83:f4:bb:69:b1:0c:58:1c:f1:82:2d:77:16:c6:1d:5e:
b2:09:d2:8e:c2:4f:82:5e:af:12:50:4e:18:14:2b:f7:78:22:
83:68:e7:e3:6d:b1:7f:7c:f1:bf:d9:19:11:cd:a8:e0:85:9f:
8c:dd:23:f3:64:ae:92:49:76:8b:d1:b7:9b:cd:94:f3:e7:bf:
63:ef:dc:dd:0a:8a:88:10:d2:e3:66:6a:84:7a:82:af:ab:06:
6a:56:78:81:6d:f8:0f:27:68:31:d5:60:ec:39:ec:fe:14:ab:
ef:cd:bf:d1:53:9b:29:2a:32:db:3f:65:93:94:02:db:19:74:
fa:6c:bc:79:a3:4c:33:ea:35:4d:9d:a0:76:e5:63:ad:a8:a2:
69:fd:d0:57:16:0a:0d:da:90:d6:89:b8:bb:9f:9a:83:f0:4c:
eb:de:77:cc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAdrM8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjA0YjNjZjI0Y2Y0YjgxYjIyMjExNDZhMDBmMjI3N2JjMzQ4NzgwMB4XDTIyMDEw
MTEwNTU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM2MmMyNDdkZmFk
NTU3NGJlYmRiMmM2NmNmYWNlNGJiZWNkNTAyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGpJQhB69vYjnbrrIOKnS3eNsuFmaSar4hIZRP+lxLbcqEY
/0kOkY2K+4osinAB2UB4hpGUCXeWar8LyaddQm1LpR0MeG3O9uK1kDcvQbuxYcJB
ago1unhWZ6LM9MjFBZMaLtaU1yaSWo1fDyMbwpczwa2cxVElK6DD1k1GoiSubOuP
q8x3eNJ9SWRUa7t0/8TJRimjdQ7C6bUzr02RdshpVM1Ax50+3txTP5uRcIxfprch
UdPjnsTcU6oLuqlqxcHoT977tWgx3nlfLWOLppy7J9Ya9L8oHFPGviNweIzeczSs
TTwAB6vktWRfPNK+R2kPaaxX09BdHTceUWS7ezkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTYsJH361VdL69ssZs+s5Lvs1QKzAfBgNVHSMEGDAWgBSfBLPPJM9LgbIi
EUagDyJ3vDSHgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L253U3p6eVRQUzRHeUloRkdvQThpZDd3MGg0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvZGEzNThjLTJlNDctNDRlYy1iMGM1LTJhZDk2OGIzNjJkZS8x
LzAyTENSOS10VlhTLXZiTEdiUHJPUzc3TlVDcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
ZGEzNThjLTJlNDctNDRlYy1iMGM1LTJhZDk2OGIzNjJkZS8xL253U3p6eVRQUzRH
eUloRkdvQThpZDd3MGg0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmv3DANBgkqhkiG9w0BAQsFAAOC
AQEASyUGVY9GSFLDdcIFzfyBuz1j/NgygEBqBWJh0EWRubcWCu2NbT466w94WpO/
kFkbB+BYUnt2TvlH2HFi+XJwVCa4XL5jTQSyVHDAItNPYn265kTbGd2TGdrebZ+D
9LtpsQxYHPGCLXcWxh1esgnSjsJPgl6vElBOGBQr93gig2jn422xf3zxv9kZEc2o
4IWfjN0j82Sukkl2i9G3m82U8+e/Y+/c3QqKiBDS42ZqhHqCr6sGalZ4gW34Dydo
MdVg7Dns/hSr782/0VObKSoy2z9lk5QC2xl0+my8eaNMM+o1TZ2gduVjraiiaf3Q
VxYKDdqQ1om4u5+ag/BM6953zA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:11 2025 by rpki-client