Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/yzqUu7_CE_QjC0shDobWLgN6Uvw.roa
File: yzqUu7_CE_QjC0shDobWLgN6Uvw.roa (raw, json)
Hash identifier: bRQ7GJExG5ywF9y4hISmYEIwCyT+jfAUYsYAm9i7/A4=
Subject key identifier: CB:3A:94:BB:BF:C2:13:F4:23:0B:4B:21:0E:86:D6:2E:03:7A:52:FC
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 1C67B743
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/yzqUu7_CE_QjC0shDobWLgN6Uvw.roa
Signing time: Sat 01 Jan 2022 13:04:16 +0000
ROA not before: Sat 01 Jan 2022 13:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199881
IP address blocks: 185.22.131.0/24 maxlen: 24
2a00:6060:8000::/48 maxlen: 48
2a00:6060:b000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 476559171 (0x1c67b743)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 13:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb3a94bbbfc213f4230b4b210e86d62e037a52fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:36:fd:26:2d:53:e8:77:e5:d9:a6:70:6a:
c9:dc:6d:c3:56:e3:ac:8a:0f:8f:3e:3b:a1:f3:b6:
ad:52:e5:bb:f3:a9:ce:d2:9b:f3:f1:7a:a4:ce:aa:
27:03:55:1d:5a:a5:47:1c:fe:42:ae:5b:27:6b:37:
b2:a8:4e:1f:7d:cf:8c:5d:40:75:1f:f7:be:52:5f:
1c:01:5a:26:cb:11:0e:50:c5:bf:0f:c2:fa:56:df:
fa:fe:18:16:c8:20:56:3a:25:ae:5a:4e:c3:83:ff:
57:98:cf:98:5d:f8:24:c4:04:79:2b:09:8c:f5:30:
7d:b7:1a:ec:eb:f5:03:61:71:43:bc:77:5b:c0:bf:
cf:e8:c3:b0:fa:22:ff:8c:5c:98:ba:1c:b4:92:39:
4a:c5:cb:02:81:2b:26:3c:49:84:26:b6:43:4e:47:
b7:62:21:4e:70:58:af:9a:52:2b:b9:92:e0:b1:e1:
2f:35:a7:70:3b:fb:9b:91:87:04:5d:8a:c9:fa:5b:
2f:55:5a:90:84:ad:a6:b4:5d:31:ac:71:73:5f:98:
03:d7:9f:a8:92:78:41:af:80:82:76:ed:b2:cd:13:
e6:8a:96:62:b4:db:c3:5e:47:d5:dd:d2:00:5f:70:
c7:f9:0a:66:7f:7c:bd:25:d5:c7:bf:00:1d:92:f0:
cf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3A:94:BB:BF:C2:13:F4:23:0B:4B:21:0E:86:D6:2E:03:7A:52:FC
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/yzqUu7_CE_QjC0shDobWLgN6Uvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.131.0/24
IPv6:
2a00:6060:8000::/48
2a00:6060:b000::/48
Signature Algorithm: sha256WithRSAEncryption
3f:70:5d:32:9b:33:51:87:23:da:54:6e:82:12:61:4e:ad:76:
3f:d1:7f:7c:fb:06:be:a7:f2:48:b6:64:50:47:3e:33:6e:31:
66:37:4e:b7:aa:47:ef:4a:39:cd:3d:c0:6d:2e:75:e5:72:90:
f9:32:4a:08:26:5f:80:6a:35:84:02:52:e3:89:6c:57:99:1e:
0b:f1:d4:44:ba:ed:d4:9d:a9:58:10:bb:da:f6:d1:56:35:41:
4a:91:85:ed:be:4a:c9:aa:91:39:1d:bd:29:96:4c:3e:5b:0b:
ce:55:c1:6f:64:b9:5d:0a:c0:93:fd:ec:d9:44:7d:50:ea:ee:
e1:8a:61:8c:da:58:1b:34:58:27:1f:04:f5:81:ce:3d:78:f9:
5e:b0:fb:4e:6a:25:62:e3:fa:27:64:2c:a6:a1:a0:83:59:30:
1d:ff:06:5f:55:09:12:6a:7e:06:3e:9c:fc:08:6f:9c:6b:c6:
00:65:33:12:ba:ca:47:0e:13:ac:1d:7d:ae:01:ed:49:dc:69:
c9:99:38:58:59:67:e0:28:e4:13:05:22:10:2b:c6:3b:6d:cd:
ae:cb:13:33:b1:d5:bb:a4:cc:18:54:af:a1:07:67:a9:d7:8c:
7c:cc:2f:ff:bc:08:ce:6b:c4:ea:f5:34:b0:fb:3f:fd:dd:a4:
69:67:7b:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHGe3QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTJmOWNiM2MyOThiMTUwYmViNzkwODAzNzZmNzRiZGVhYzQzOGFjMB4XDTIyMDEw
MTEzMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2IzYTk0YmJiZmMy
MTNmNDIzMGI0YjIxMGU4NmQ2MmUwMzdhNTJmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCJNv0mLVPod+XZpnBqydxtw1bjrIoPjz47ofO2rVLlu/Op
ztKb8/F6pM6qJwNVHVqlRxz+Qq5bJ2s3sqhOH33PjF1AdR/3vlJfHAFaJssRDlDF
vw/C+lbf+v4YFsggVjolrlpOw4P/V5jPmF34JMQEeSsJjPUwfbca7Ov1A2FxQ7x3
W8C/z+jDsPoi/4xcmLoctJI5SsXLAoErJjxJhCa2Q05Ht2IhTnBYr5pSK7mS4LHh
LzWncDv7m5GHBF2KyfpbL1VakIStprRdMaxxc1+YA9efqJJ4Qa+Agnbtss0T5oqW
YrTbw15H1d3SAF9wx/kKZn98vSXVx78AHZLwz6MCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTLOpS7v8IT9CMLSyEOhtYuA3pS/DAfBgNVHSMEGDAWgBRxL5yzwpixUL63
kIA3b3S96sQ4rDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NTLWNzOEtZc1ZDLXQ1Q0FOMjkwdmVyRU9Ldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZTJlMTE5LWZkNzgtNGIxYS1iMTZhLTk4N2RhNDM5MjA1Ni8x
L3l6cVV1N19DRV9RakMwc2hEb2JXTGdONlV2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZTJlMTE5LWZkNzgtNGIxYS1iMTZhLTk4N2RhNDM5MjA1Ni8xL2NTLWNzOEtZc1ZD
LXQ1Q0FOMjkwdmVyRU9Ldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEALkWgzAYBAIAAjASAwcAKgBgYIAA
AwcAKgBgYLAAMA0GCSqGSIb3DQEBCwUAA4IBAQA/cF0ymzNRhyPaVG6CEmFOrXY/
0X98+wa+p/JItmRQRz4zbjFmN063qkfvSjnNPcBtLnXlcpD5MkoIJl+AajWEAlLj
iWxXmR4L8dREuu3UnalYELva9tFWNUFKkYXtvkrJqpE5Hb0plkw+WwvOVcFvZLld
CsCT/ezZRH1Q6u7himGM2lgbNFgnHwT1gc49ePlesPtOaiVi4/onZCymoaCDWTAd
/wZfVQkSan4GPpz8CG+ca8YAZTMSuspHDhOsHX2uAe1J3GnJmThYWWfgKOQTBSIQ
K8Y7bc2uyxMzsdW7pMwYVK+hB2ep14x8zC//vAjOa8Tq9TSw+z/93aRpZ3u8
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:42:06 2025 by rpki-client