Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/0QkJWglKAJNcxfd-UiSLIE0Ir1Q.roa
File: 0QkJWglKAJNcxfd-UiSLIE0Ir1Q.roa (raw, json)
Hash identifier: 1GtGmPRWJHWX/egujncwDe4U8K9MkbjNpws1hGSps2I=
Subject key identifier: D1:09:09:5A:09:4A:00:93:5C:C5:F7:7E:52:24:8B:20:4D:08:AF:54
Certificate issuer: /CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Certificate serial: 01D610F4
Authority key identifier: AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/0QkJWglKAJNcxfd-UiSLIE0Ir1Q.roa
Signing time: Sat 01 Jan 2022 15:07:09 +0000
ROA not before: Sat 01 Jan 2022 15:07:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41359
IP address blocks: 185.220.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30806260 (0x1d610f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Validity
Not Before: Jan 1 15:07:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d109095a094a00935cc5f77e52248b204d08af54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:77:b2:28:0b:aa:20:29:1b:09:75:5d:c7:5c:
e6:1d:1b:9b:9b:9f:3f:e6:63:ce:38:46:3b:72:a2:
4b:60:bf:bc:ee:c9:80:e0:6d:61:e0:ac:21:ca:64:
89:31:2f:43:e5:ec:be:1a:f4:e9:01:8c:88:a0:7e:
a9:f7:ba:2a:2b:a4:21:a7:e1:d0:0f:34:b0:ee:9a:
be:13:54:4a:47:c2:68:45:5d:da:1b:2e:65:02:92:
09:01:70:94:13:67:64:13:8c:f7:32:4a:b2:5e:d7:
90:47:72:15:f8:62:6a:09:e9:b0:1f:70:18:79:2c:
f2:66:fa:9a:d7:74:8d:9d:27:db:e9:6e:a3:5e:0a:
63:2d:3d:4f:1c:27:71:7e:95:89:71:d2:b0:b6:fd:
ff:bd:87:f9:12:cc:c8:38:c8:4e:b2:d8:e5:76:a5:
af:bf:63:47:d2:d9:29:37:de:64:b9:c5:8f:eb:56:
53:58:1e:7f:76:fe:de:33:ee:e9:20:15:00:f0:6d:
42:e1:c9:71:77:25:1c:6c:eb:30:ef:c0:da:90:66:
19:af:bc:4d:7d:85:07:03:d3:2e:6e:f1:c8:29:c9:
90:60:12:6a:04:eb:34:9b:a2:f2:43:f2:45:b2:9f:
f6:e9:77:fe:ba:33:b9:68:5c:8b:f6:18:40:aa:c8:
48:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:09:09:5A:09:4A:00:93:5C:C5:F7:7E:52:24:8B:20:4D:08:AF:54
X509v3 Authority Key Identifier:
keyid:AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/0QkJWglKAJNcxfd-UiSLIE0Ir1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/r-b4yudJLQZOAwcckUc5Lu3UW8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.220.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:af:86:3e:73:f2:d4:3c:c2:41:d2:de:07:7d:2a:b8:e1:06:
34:77:7b:48:83:00:46:33:4c:40:a8:45:17:42:12:8f:f9:d7:
ba:b2:8d:71:af:64:3f:22:be:bb:81:ff:73:71:2d:27:f6:25:
57:aa:5b:46:74:aa:65:19:9f:47:57:b0:1c:52:c6:41:54:1b:
27:28:03:cf:3a:dd:67:94:32:45:9d:dc:41:0f:74:fd:b6:0c:
81:79:16:57:b2:66:10:82:44:90:f9:df:bf:7a:50:f1:24:07:
2a:b7:eb:11:99:85:ca:04:57:42:47:8b:31:5e:d7:38:43:df:
98:61:01:4e:d4:02:78:2e:c5:68:fc:60:c7:ab:91:2a:61:99:
23:a3:dc:ae:f4:0a:61:90:5b:c3:82:0b:5a:ca:c1:bf:e6:8e:
c8:9b:c4:1b:b2:a6:2c:a4:5c:68:b7:c7:44:58:fc:31:cc:f5:
0d:ca:a5:85:d5:68:40:98:1d:9e:52:27:11:04:13:df:c4:ac:
18:81:ca:bd:e4:63:5b:cc:79:6e:51:ad:8d:ce:c3:5c:07:b1:
39:2b:f8:cb:8c:07:2d:8b:9f:dc:dc:ff:de:0e:84:d2:6b:85:
b6:2f:60:19:3c:25:51:4b:15:c1:4b:a8:fd:2c:9a:76:7d:74:
1a:ea:a9:a8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAdYQ9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmU2ZjhjYWU3NDkyZDA2NGUwMzA3MWM5MTQ3MzkyZWVkZDQ1YmM3MB4XDTIyMDEw
MTE1MDcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEwOTA5NWEwOTRh
MDA5MzVjYzVmNzdlNTIyNDhiMjA0ZDA4YWY1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZ3sigLqiApGwl1Xcdc5h0bm5ufP+ZjzjhGO3KiS2C/vO7J
gOBtYeCsIcpkiTEvQ+Xsvhr06QGMiKB+qfe6KiukIafh0A80sO6avhNUSkfCaEVd
2hsuZQKSCQFwlBNnZBOM9zJKsl7XkEdyFfhiagnpsB9wGHks8mb6mtd0jZ0n2+lu
o14KYy09TxwncX6ViXHSsLb9/72H+RLMyDjITrLY5Xalr79jR9LZKTfeZLnFj+tW
U1gef3b+3jPu6SAVAPBtQuHJcXclHGzrMO/A2pBmGa+8TX2FBwPTLm7xyCnJkGAS
agTrNJui8kPyRbKf9ul3/rozuWhci/YYQKrISFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRCQlaCUoAk1zF935SJIsgTQivVDAfBgNVHSMEGDAWgBSv5vjK50ktBk4D
BxyRRzku7dRbxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ItYjR5dWRKTFFaT0F3Y2NrVWM1THUzVVc4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvYzk4N2I2LWVmMDAtNGQyOC1hNGFlLTY1NDljZDU5YWE0Zi8x
LzBRa0pXZ2xLQUpOY3hmZC1VaVNMSUUwSXIxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
Yzk4N2I2LWVmMDAtNGQyOC1hNGFlLTY1NDljZDU5YWE0Zi8xL3ItYjR5dWRKTFFa
T0F3Y2NrVWM1THUzVVc4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnc3DANBgkqhkiG9w0BAQsFAAOC
AQEAna+GPnPy1DzCQdLeB30quOEGNHd7SIMARjNMQKhFF0ISj/nXurKNca9kPyK+
u4H/c3EtJ/YlV6pbRnSqZRmfR1ewHFLGQVQbJygDzzrdZ5QyRZ3cQQ90/bYMgXkW
V7JmEIJEkPnfv3pQ8SQHKrfrEZmFygRXQkeLMV7XOEPfmGEBTtQCeC7FaPxgx6uR
KmGZI6PcrvQKYZBbw4ILWsrBv+aOyJvEG7KmLKRcaLfHRFj8Mcz1DcqlhdVoQJgd
nlInEQQT38SsGIHKveRjW8x5blGtjc7DXAexOSv4y4wHLYuf3Nz/3g6E0muFti9g
GTwlUUsVwUuo/Syadn10GuqpqA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:51 2025 by rpki-client