Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/9LZ8gRR-zIUTViICU3zCwlWlYGk.roa
File: 9LZ8gRR-zIUTViICU3zCwlWlYGk.roa (raw, json)
Hash identifier: 8Vd0isKRuMpqQFcy6hbrCyVDpHNIGzrKiqL9DyjAX3E=
Subject key identifier: F4:B6:7C:81:14:7E:CC:85:13:56:22:02:53:7C:C2:C2:55:A5:60:69
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 1C66E35C
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/9LZ8gRR-zIUTViICU3zCwlWlYGk.roa
Signing time: Sat 01 Jan 2022 13:04:16 +0000
ROA not before: Sat 01 Jan 2022 13:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60983
IP address blocks: 185.22.128.0/22 maxlen: 24
2a00:6060:ee37::/48 maxlen: 48
2a00:6060::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 476504924 (0x1c66e35c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 13:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4b67c81147ecc8513562202537cc2c255a56069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6a:f1:e9:24:89:5d:5f:d9:37:4d:ca:7c:c2:
1a:a5:00:2c:5a:ef:0f:a7:0e:a9:81:19:99:7a:06:
e3:fc:c4:b0:fb:97:3b:e8:e9:4a:5d:9a:0b:05:e9:
d3:b1:89:10:00:b9:de:a4:5f:f1:50:0f:d8:82:65:
ff:b9:f8:b5:d0:14:59:35:ea:02:3f:ee:63:e5:7d:
e2:55:44:3d:93:2c:a1:06:4e:60:fb:6a:ed:d0:64:
fe:9c:9d:69:93:63:ea:32:d1:84:f2:89:8f:9f:9d:
27:4c:bd:d3:c9:0f:ec:12:e7:ed:b2:4a:ad:da:5c:
1e:c5:db:c9:70:0d:7b:0b:51:d0:af:5d:d2:12:ed:
a0:4a:ad:3b:a9:a3:76:5a:4c:5b:40:b1:d6:88:cc:
50:a2:e4:5a:70:96:7d:5f:0e:80:4f:14:20:aa:a3:
34:5d:e7:bf:4f:08:6d:dd:16:1c:e0:03:8d:91:d5:
49:c5:38:5c:c6:09:75:92:41:f4:50:24:97:45:e9:
18:f2:45:f5:3f:75:14:f6:55:6d:8a:a5:c3:06:58:
aa:be:46:b5:79:02:16:69:0d:e0:ee:59:82:9a:85:
c0:4d:7f:3c:fc:0e:30:5e:64:4c:14:72:d8:5f:a7:
c3:7b:1a:ae:53:68:3e:6e:23:4c:19:aa:7a:24:74:
e0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B6:7C:81:14:7E:CC:85:13:56:22:02:53:7C:C2:C2:55:A5:60:69
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/9LZ8gRR-zIUTViICU3zCwlWlYGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.128.0/22
IPv6:
2a00:6060::/32
Signature Algorithm: sha256WithRSAEncryption
5e:48:94:22:17:ed:b2:9b:0e:03:2f:ea:4f:e2:62:b4:99:8f:
76:24:5d:8a:e7:7a:76:c3:a3:2f:2f:57:22:9b:c0:b9:e3:e0:
35:ca:8d:f4:ce:ce:ee:54:f6:e0:61:e4:58:2f:01:67:18:5c:
c0:05:29:94:d2:07:f4:fd:e3:2f:a6:e4:a8:78:1a:83:3c:66:
30:17:82:ca:cf:4b:75:2d:80:bc:cc:b5:11:fe:27:bb:a0:b7:
e6:5f:45:d0:47:32:8f:2e:fe:35:24:17:0e:db:77:0c:6e:30:
1e:53:e9:8b:2c:c9:1a:e5:2a:ac:46:5f:69:4f:51:23:5a:f9:
c9:62:e2:75:db:35:ff:d2:d1:a7:bb:df:f5:cc:9e:c6:81:25:
dd:37:d1:fb:bb:db:5b:7a:00:05:c1:f5:0f:16:d3:d3:b3:da:
20:be:2f:64:fd:06:67:22:7b:a4:bd:a9:3e:33:19:b1:bb:8b:
89:7d:0f:1b:16:13:85:f2:f8:57:4d:50:d3:78:7c:85:78:8e:
99:69:9d:08:c1:b0:2d:35:5f:c9:5c:2f:74:90:39:3d:3b:9b:
5d:49:56:9f:c0:7f:30:4f:d4:f4:bb:0c:02:ff:a5:50:31:87:
01:2b:2c:88:43:57:7b:44:ec:be:27:ed:db:14:66:27:0f:41:
85:d7:74:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHGbjXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTJmOWNiM2MyOThiMTUwYmViNzkwODAzNzZmNzRiZGVhYzQzOGFjMB4XDTIyMDEw
MTEzMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRiNjdjODExNDdl
Y2M4NTEzNTYyMjAyNTM3Y2MyYzI1NWE1NjA2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxq8ekkiV1f2TdNynzCGqUALFrvD6cOqYEZmXoG4/zEsPuX
O+jpSl2aCwXp07GJEAC53qRf8VAP2IJl/7n4tdAUWTXqAj/uY+V94lVEPZMsoQZO
YPtq7dBk/pydaZNj6jLRhPKJj5+dJ0y908kP7BLn7bJKrdpcHsXbyXANewtR0K9d
0hLtoEqtO6mjdlpMW0Cx1ojMUKLkWnCWfV8OgE8UIKqjNF3nv08Ibd0WHOADjZHV
ScU4XMYJdZJB9FAkl0XpGPJF9T91FPZVbYqlwwZYqr5GtXkCFmkN4O5ZgpqFwE1/
PPwOMF5kTBRy2F+nw3sarlNoPm4jTBmqeiR04E0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT0tnyBFH7MhRNWIgJTfMLCVaVgaTAfBgNVHSMEGDAWgBRxL5yzwpixUL63
kIA3b3S96sQ4rDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NTLWNzOEtZc1ZDLXQ1Q0FOMjkwdmVyRU9Ldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZTJlMTE5LWZkNzgtNGIxYS1iMTZhLTk4N2RhNDM5MjA1Ni8x
LzlMWjhnUlIteklVVFZpSUNVM3pDd2xXbFlHay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZTJlMTE5LWZkNzgtNGIxYS1iMTZhLTk4N2RhNDM5MjA1Ni8xL2NTLWNzOEtZc1ZD
LXQ1Q0FOMjkwdmVyRU9Ldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkWgDANBAIAAjAHAwUAKgBgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAXkiUIhftspsOAy/qT+JitJmPdiRdiud6dsOjLy9X
IpvAuePgNcqN9M7O7lT24GHkWC8BZxhcwAUplNIH9P3jL6bkqHgagzxmMBeCys9L
dS2AvMy1Ef4nu6C35l9F0Ecyjy7+NSQXDtt3DG4wHlPpiyzJGuUqrEZfaU9RI1r5
yWLidds1/9LRp7vf9cyexoEl3TfR+7vbW3oABcH1DxbT07PaIL4vZP0GZyJ7pL2p
PjMZsbuLiX0PGxYThfL4V01Q03h8hXiOmWmdCMGwLTVfyVwvdJA5PTubXUlWn8B/
ME/U9LsMAv+lUDGHASssiENXe0Tsvift2xRmJw9Bhdd0cQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:38:37 2025 by rpki-client