Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9h1ldml-ymVsjxOUailSLvHmCuo.roa
File: 9h1ldml-ymVsjxOUailSLvHmCuo.roa (raw, json)
Hash identifier: Ih8ampNzoNB1NyF2VQAgWStRbHnWbRg6a8lYZRCpgP4=
Subject key identifier: F6:1D:65:76:69:7E:CA:65:6C:8F:13:94:6A:29:52:2E:F1:E6:0A:EA
Certificate issuer: /CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Certificate serial: 07456376
Authority key identifier: F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9h1ldml-ymVsjxOUailSLvHmCuo.roa
Signing time: Sat 01 Jan 2022 01:52:50 +0000
ROA not before: Sat 01 Jan 2022 01:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50520
IP address blocks: 185.134.112.0/22 maxlen: 22
185.134.112.0/24 maxlen: 24
185.134.113.0/24 maxlen: 24
185.134.115.0/24 maxlen: 24
185.134.114.0/24 maxlen: 24
2a02:fa80:ca02::/48 maxlen: 48
2a02:fa80::/32 maxlen: 32
2a02:fa80:fa80::/48 maxlen: 48
2a02:fa80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121987958 (0x7456376)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Validity
Not Before: Jan 1 01:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f61d6576697eca656c8f13946a29522ef1e60aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:68:dd:d1:60:29:a3:4f:59:dd:75:6c:44:e4:
2d:05:14:7d:32:31:2c:05:5b:fb:7c:a0:09:e9:7b:
13:6b:ca:6a:da:94:8d:9b:90:c1:c9:3c:49:96:9f:
e9:41:93:4c:4b:e7:cf:89:20:f2:82:32:2a:ca:f1:
83:dc:59:06:9d:f8:b5:f4:ad:fa:f8:8e:78:d9:20:
30:f1:a5:ce:db:48:89:a7:ad:d4:af:89:53:c6:0c:
f4:2f:2c:e3:a5:5b:89:5c:38:a6:9c:c3:41:8b:80:
cf:5d:4a:a2:71:19:6d:75:3e:c3:75:bd:56:1e:9f:
7d:e1:d2:db:86:c7:bd:e9:2e:82:dc:6d:8c:fa:8c:
be:a1:d5:5e:83:6d:0c:9f:9d:77:39:94:b3:33:f8:
31:89:48:ec:de:56:a2:43:3b:7e:0a:e4:49:a4:01:
75:5e:06:f6:9b:5c:11:e1:ff:42:04:12:99:40:5c:
1d:4d:5e:cf:a3:43:1a:ae:a8:a9:4e:d0:9e:44:d1:
0d:4b:63:b0:69:73:ff:6f:7d:b4:e2:37:87:2e:8f:
f4:63:10:24:c3:45:6f:cd:b9:20:ea:8a:0e:e0:eb:
96:55:cf:7b:74:a0:08:85:df:f2:5b:2d:19:9c:cc:
ab:95:63:9e:e7:ed:7e:81:6a:9d:9e:04:0f:26:16:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1D:65:76:69:7E:CA:65:6C:8F:13:94:6A:29:52:2E:F1:E6:0A:EA
X509v3 Authority Key Identifier:
keyid:F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9h1ldml-ymVsjxOUailSLvHmCuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.112.0/22
IPv6:
2a02:fa80::/32
Signature Algorithm: sha256WithRSAEncryption
88:27:2f:d4:8c:e0:5c:93:34:d2:61:13:a6:a2:4d:8f:89:af:
b5:41:0e:0c:14:72:14:59:98:56:91:c6:44:c7:c0:36:93:b5:
f9:29:0e:2d:91:61:c3:52:45:f6:db:8d:28:0e:dd:7b:c8:73:
fc:33:09:44:73:bc:1c:c3:e7:4b:5e:a4:01:53:e4:ec:b0:30:
c6:0b:15:47:e7:e9:fe:49:ac:df:d4:79:03:ed:f6:b6:32:7f:
c2:dd:77:df:87:66:93:be:e5:b5:56:e4:38:7a:7f:e1:35:40:
e1:f7:bd:f3:1f:eb:a0:04:3a:2a:a7:ac:1a:89:7a:0e:b7:ef:
5c:08:0c:79:33:0d:1e:a7:ce:b5:9c:fb:78:80:b5:e4:bc:76:
c7:25:df:56:bf:dc:ca:2f:dd:b0:64:a0:3b:b8:a9:2c:98:51:
bd:1d:c6:af:99:6f:ea:d0:a9:70:65:70:11:d3:56:94:cc:5e:
2b:c5:fb:32:bc:b3:88:50:df:15:91:b8:f4:86:77:b0:47:96:
5d:42:12:c9:a8:c8:83:72:a0:c4:d0:15:1e:46:29:ae:f3:76:
31:c9:aa:11:5f:ed:a6:18:44:f7:5e:62:38:3a:2b:b0:ca:a6:
ac:12:8a:1a:62:61:53:67:e3:65:8c:83:fa:f2:48:1b:a3:09:
23:6c:68:8d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB0VjdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjdlZDRmN2QzNTU3NTI4MWMxNzZjYWUzZGRjYmQ0MGNjNWMxZGQ2MB4XDTIyMDEw
MTAxNTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjYxZDY1NzY2OTdl
Y2E2NTZjOGYxMzk0NmEyOTUyMmVmMWU2MGFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJo3dFgKaNPWd11bETkLQUUfTIxLAVb+3ygCel7E2vKatqU
jZuQwck8SZaf6UGTTEvnz4kg8oIyKsrxg9xZBp34tfSt+viOeNkgMPGlzttIiaet
1K+JU8YM9C8s46VbiVw4ppzDQYuAz11KonEZbXU+w3W9Vh6ffeHS24bHvekugtxt
jPqMvqHVXoNtDJ+ddzmUszP4MYlI7N5WokM7fgrkSaQBdV4G9ptcEeH/QgQSmUBc
HU1ez6NDGq6oqU7QnkTRDUtjsGlz/299tOI3hy6P9GMQJMNFb825IOqKDuDrllXP
e3SgCIXf8lstGZzMq5VjnuftfoFqnZ4EDyYWQFsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT2HWV2aX7KZWyPE5RqKVIu8eYK6jAfBgNVHSMEGDAWgBT2ftT301V1KBwX
bK493L1AzFwd1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzluN1U5OU5WZFNnY0YyeXVQZHk5UU14Y0hkWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvYjYyZTc3LTM1N2EtNGFhZC1iYjI3LWY0NDg1YWVkNzQyOS8x
LzloMWxkbWwteW1Wc2p4T1VhaWxTTHZIbUN1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
YjYyZTc3LTM1N2EtNGFhZC1iYjI3LWY0NDg1YWVkNzQyOS8xLzluN1U5OU5WZFNn
Y0YyeXVQZHk5UU14Y0hkWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmGcDANBAIAAjAHAwUAKgL6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAiCcv1IzgXJM00mETpqJNj4mvtUEODBRyFFmYVpHG
RMfANpO1+SkOLZFhw1JF9tuNKA7de8hz/DMJRHO8HMPnS16kAVPk7LAwxgsVR+fp
/kms39R5A+32tjJ/wt1334dmk77ltVbkOHp/4TVA4fe98x/roAQ6KqesGol6Drfv
XAgMeTMNHqfOtZz7eIC15Lx2xyXfVr/cyi/dsGSgO7ipLJhRvR3Gr5lv6tCpcGVw
EdNWlMxeK8X7MryziFDfFZG49IZ3sEeWXUISyajIg3KgxNAVHkYprvN2McmqEV/t
phhE915iODorsMqmrBKKGmJhU2fjZYyD+vJIG6MJI2xojQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:55 2025 by rpki-client