Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/L-m8hnJSnps9EnqEEJf4BRB8XB0.roa
File: L-m8hnJSnps9EnqEEJf4BRB8XB0.roa (raw, json)
Hash identifier: Wb13u1giJShn5jEBvOmJ68k53hT4JNAe/hC4RguSBo0=
Subject key identifier: 2F:E9:BC:86:72:52:9E:9B:3D:12:7A:84:10:97:F8:05:10:7C:5C:1D
Certificate issuer: /CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Certificate serial: 090940CF
Authority key identifier: 41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/L-m8hnJSnps9EnqEEJf4BRB8XB0.roa
Signing time: Sat 01 Jan 2022 08:56:15 +0000
ROA not before: Sat 01 Jan 2022 08:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 91.208.199.0/24 maxlen: 24
85.209.165.0/24 maxlen: 24
85.209.166.0/24 maxlen: 24
85.209.164.0/24 maxlen: 24
85.209.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151601359 (0x90940cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Validity
Not Before: Jan 1 08:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fe9bc8672529e9b3d127a841097f805107c5c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c7:eb:e1:73:1a:42:cd:f9:87:41:a3:cf:5a:
4b:fe:80:ef:f2:70:c7:d9:61:7c:5c:53:cf:cf:66:
a2:db:b8:64:a1:9f:04:33:38:73:38:d6:08:d1:78:
3c:ad:df:a5:19:cb:be:12:93:0d:77:07:d2:53:3c:
2c:3c:5f:6e:60:4d:1f:b5:6e:5a:0f:6d:de:b9:15:
95:45:97:1e:01:47:b4:4b:ef:33:77:7e:12:9a:67:
28:d5:50:87:e6:95:38:ff:87:99:61:fe:cd:e6:7a:
5e:82:1d:39:25:cc:62:ff:c0:e1:df:91:6e:b8:1c:
c8:cc:67:8c:46:79:42:f3:9d:f3:4f:87:cf:f4:27:
63:38:71:85:71:c4:db:81:68:5c:e1:c3:1d:22:9f:
8b:f4:af:da:08:aa:08:c7:74:a1:34:26:d5:18:c0:
ef:cb:9b:aa:81:ec:5b:af:fc:ae:48:22:a8:ba:65:
63:0f:6a:39:89:c1:55:56:c5:11:89:04:29:8b:76:
3a:b1:92:85:7c:a3:8a:10:1a:c1:4a:3e:41:48:f5:
93:78:13:6e:de:c1:41:88:49:a0:96:9f:c7:67:e0:
ec:bc:5a:6c:da:e4:75:f0:b8:c7:c4:f1:50:31:3b:
c1:7a:2b:85:3f:44:c1:64:e5:7c:ea:38:e0:2a:ae:
09:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E9:BC:86:72:52:9E:9B:3D:12:7A:84:10:97:F8:05:10:7C:5C:1D
X509v3 Authority Key Identifier:
keyid:41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/L-m8hnJSnps9EnqEEJf4BRB8XB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.164.0/22
91.208.199.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f9:c2:18:f6:72:51:f7:62:72:a4:f8:df:4e:35:04:c4:5d:
fe:41:28:6c:a2:17:19:87:bb:ee:03:e9:3c:8d:6f:4b:13:a3:
6a:88:64:a6:40:f9:62:33:ad:60:ff:60:20:8b:c1:46:b5:83:
24:98:6b:9a:c6:bc:fa:91:85:aa:81:fe:c4:97:5f:72:27:77:
07:16:e1:f8:65:e7:ff:7e:c5:2d:2d:3e:e0:68:7f:f7:a6:08:
5b:38:20:54:56:0d:9f:a9:7b:e8:5c:2d:d9:e6:09:bc:cb:e8:
7d:1b:2c:c7:8f:99:47:d9:87:9b:35:78:1e:fc:2b:1d:a9:a4:
e7:b9:cf:0c:11:29:ae:28:2d:93:d4:30:9b:64:0f:c3:fc:9d:
23:d6:40:9f:bf:47:ed:90:c9:11:8f:54:30:40:31:50:a4:e5:
53:52:52:4a:15:df:d9:c5:ca:35:9b:62:f9:c5:ee:07:e0:76:
4d:3c:26:cb:5d:bd:b5:6e:2d:c4:d9:c9:bc:0e:c5:4d:22:dc:
dc:70:b7:3f:34:a9:0b:9b:12:68:09:c0:c4:f8:e9:71:19:d1:
e0:80:92:6a:92:99:ec:89:9a:10:5b:d1:5e:1f:7d:67:29:9d:
94:c6:f9:80:a6:fd:70:f6:32:76:38:5e:3e:7a:26:28:b7:7c:
99:a1:3b:8c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECQlAzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTI2YWM0YWZhZmQyNjk4ODFjMTBhZDJlY2EyZjRkZWY4ZWRiZDIxMB4XDTIyMDEw
MTA4NTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZlOWJjODY3MjUy
OWU5YjNkMTI3YTg0MTA5N2Y4MDUxMDdjNWMxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPH6+FzGkLN+YdBo89aS/6A7/Jwx9lhfFxTz89motu4ZKGf
BDM4czjWCNF4PK3fpRnLvhKTDXcH0lM8LDxfbmBNH7VuWg9t3rkVlUWXHgFHtEvv
M3d+EppnKNVQh+aVOP+HmWH+zeZ6XoIdOSXMYv/A4d+RbrgcyMxnjEZ5QvOd80+H
z/QnYzhxhXHE24FoXOHDHSKfi/Sv2giqCMd0oTQm1RjA78ubqoHsW6/8rkgiqLpl
Yw9qOYnBVVbFEYkEKYt2OrGShXyjihAawUo+QUj1k3gTbt7BQYhJoJafx2fg7Lxa
bNrkdfC4x8TxUDE7wXorhT9EwWTlfOo44CquCdkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQv6byGclKemz0SeoQQl/gFEHxcHTAfBgNVHSMEGDAWgBRBJqxK+v0mmIHB
CtLsovTe+O29ITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FTYXNTdnI5SnBpQndRclM3S0wwM3ZqdHZTRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOTRkZDJhLTUwNDYtNDg4My05MWRhLWMzOTliZTAzMWI0YS8x
L0wtbThobkpTbnBzOUVucUVFSmY0QlJCOFhCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OTRkZDJhLTUwNDYtNDg4My05MWRhLWMzOTliZTAzMWI0YS8xL1FTYXNTdnI5SnBp
QndRclM3S0wwM3ZqdHZTRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlXRpAMEAFvQxzANBgkqhkiG9w0B
AQsFAAOCAQEAFPnCGPZyUfdicqT43041BMRd/kEobKIXGYe77gPpPI1vSxOjaohk
pkD5YjOtYP9gIIvBRrWDJJhrmsa8+pGFqoH+xJdfcid3Bxbh+GXn/37FLS0+4Gh/
96YIWzggVFYNn6l76Fwt2eYJvMvofRssx4+ZR9mHmzV4HvwrHamk57nPDBEprigt
k9Qwm2QPw/ydI9ZAn79H7ZDJEY9UMEAxUKTlU1JSShXf2cXKNZti+cXuB+B2TTwm
y129tW4txNnJvA7FTSLc3HC3PzSpC5sSaAnAxPjpcRnR4ICSapKZ7ImaEFvRXh99
ZymdlMb5gKb9cPYydjhePnomKLd8maE7jA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:12:17 2025 by rpki-client