Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/185a42-cb7f-4058-86f5-41ae5f4a5055/1/9dHdF5ej0HyaJ62-D7NNBt205KE.roa
File: 9dHdF5ej0HyaJ62-D7NNBt205KE.roa (raw, json)
Hash identifier: HNUevf3TZSyypiQQQc8a2AQQ2HHFKJ2iJXjnRFH5gq0=
Subject key identifier: F5:D1:DD:17:97:A3:D0:7C:9A:27:AD:BE:0F:B3:4D:06:DD:B4:E4:A1
Certificate issuer: /CN=4cabf33b0b380888fe1e3b80eda48b1781bb7709
Certificate serial: 01856E1449668FF05A75F0760260444EBE03
Authority key identifier: 4C:AB:F3:3B:0B:38:08:88:FE:1E:3B:80:ED:A4:8B:17:81:BB:77:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKvzOws4CIj-HjuA7aSLF4G7dwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/185a42-cb7f-4058-86f5-41ae5f4a5055/1/9dHdF5ej0HyaJ62-D7NNBt205KE.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209400
IP address blocks: 94.199.208.0/22 maxlen: 22
185.38.40.0/22 maxlen: 22
37.228.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:49:66:8f:f0:5a:75:f0:76:02:60:44:4e:be:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cabf33b0b380888fe1e3b80eda48b1781bb7709
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5d1dd1797a3d07c9a27adbe0fb34d06ddb4e4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1a:80:bf:2a:0b:d9:ae:4b:09:d4:5a:55:73:
50:92:d2:a2:8a:c9:6c:88:40:d2:ce:72:9c:0b:d9:
6b:b4:77:e3:dd:74:c8:2e:51:7c:fc:c7:c3:67:f5:
f0:f8:97:49:6e:e9:70:09:c1:e2:19:f9:53:f9:b5:
a5:39:cc:a4:9a:f3:5c:f9:82:46:46:cb:4d:99:f3:
a7:18:6f:04:ea:97:9f:93:85:b8:4a:07:f6:b1:92:
ac:71:1e:76:c7:eb:44:30:37:7b:13:e6:4a:cb:a2:
8d:92:96:94:db:02:5b:c2:20:90:5b:37:69:6a:a7:
12:0f:66:c1:2c:ba:e6:48:a6:7e:1e:8f:1a:ed:f0:
68:42:3b:96:b8:af:ec:57:5a:c3:98:53:1b:36:ca:
e5:a4:0d:07:0a:14:a4:be:9a:65:67:1a:75:20:ec:
4f:11:38:85:3f:b6:12:7a:fb:dc:41:c1:d9:f5:0e:
2f:a0:b2:2e:dd:89:b5:04:93:f4:77:33:6b:6e:5c:
6e:c2:37:7a:5c:ce:7f:fc:b4:ea:c4:34:b0:03:09:
10:bb:8e:84:1b:24:e4:f6:d3:24:80:3b:81:8d:f5:
d6:8c:6d:89:bb:c4:2d:b0:54:74:c8:5a:de:d8:c0:
a7:2e:1d:9a:75:f4:7a:1b:33:c9:a8:62:98:67:72:
2a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D1:DD:17:97:A3:D0:7C:9A:27:AD:BE:0F:B3:4D:06:DD:B4:E4:A1
X509v3 Authority Key Identifier:
keyid:4C:AB:F3:3B:0B:38:08:88:FE:1E:3B:80:ED:A4:8B:17:81:BB:77:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKvzOws4CIj-HjuA7aSLF4G7dwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/185a42-cb7f-4058-86f5-41ae5f4a5055/1/9dHdF5ej0HyaJ62-D7NNBt205KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/185a42-cb7f-4058-86f5-41ae5f4a5055/1/TKvzOws4CIj-HjuA7aSLF4G7dwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.140.0/22
94.199.208.0/22
185.38.40.0/22
Signature Algorithm: sha256WithRSAEncryption
95:bc:1b:ea:05:e2:12:6a:42:07:6c:e3:a4:ef:76:5c:19:da:
9f:ee:dc:dd:23:92:36:ba:30:19:f9:94:79:0c:d4:dc:ba:c4:
66:6b:5e:a9:6b:40:2b:8f:68:20:4c:e2:6f:17:bc:37:80:b4:
41:c0:ee:af:db:1c:a3:bc:b4:b5:79:80:a7:06:c1:ab:a2:1c:
8a:70:cd:7c:9e:b6:98:5e:28:92:fa:0b:1f:c1:a5:35:df:10:
93:d6:4a:2e:4b:06:4d:7e:a0:c5:91:a6:7b:b3:90:e9:20:1a:
30:ec:d2:d6:3a:0e:35:10:01:45:f8:8e:55:35:19:ad:3d:33:
bc:89:2e:66:1e:fc:f9:e0:02:e4:61:3d:4f:26:9d:c3:90:57:
f5:bb:fb:0e:80:56:51:46:1c:ca:a2:67:9a:0f:c6:1d:85:92:
df:5c:48:48:1f:56:fc:e7:fd:08:80:9b:7f:a2:cc:14:fc:1d:
f5:d8:d0:d2:8c:fe:09:f0:cf:a3:d1:a6:bf:61:dd:fe:ef:69:
9a:26:5f:52:46:5c:4e:f4:b2:18:3e:91:ed:67:d7:e1:45:5f:
32:fd:72:2e:a3:17:5a:5f:89:ab:fd:62:86:ff:7a:b4:e7:91:
de:31:01:bc:3b:a4:aa:35:17:89:46:cf:71:81:07:a7:d6:dc:
16:1c:d8:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuFElmj/BadfB2AmBETr4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYWJmMzNiMGIzODA4ODhmZTFlM2I4MGVkYTQ4YjE3ODFi
Yjc3MDkwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQxZGQxNzk3YTNkMDdjOWEyN2FkYmUwZmIzNGQwNmRkYjRlNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqAvyoL2a5LCdRaVXNQktKiisls
iEDSznKcC9lrtHfj3XTILlF8/MfDZ/Xw+JdJbulwCcHiGflT+bWlOcykmvNc+YJG
RstNmfOnGG8E6pefk4W4Sgf2sZKscR52x+tEMDd7E+ZKy6KNkpaU2wJbwiCQWzdp
aqcSD2bBLLrmSKZ+Ho8a7fBoQjuWuK/sV1rDmFMbNsrlpA0HChSkvpplZxp1IOxP
ETiFP7YSevvcQcHZ9Q4voLIu3Ym1BJP0dzNrblxuwjd6XM5//LTqxDSwAwkQu46E
GyTk9tMkgDuBjfXWjG2Ju8QtsFR0yFre2MCnLh2adfR6GzPJqGKYZ3IqPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPXR3ReXo9B8mietvg+zTQbdtOShMB8GA1UdIwQY
MBaAFEyr8zsLOAiI/h47gO2kixeBu3cJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEt2ek93czRDSWotSGp1QTdhU0xGNEc3ZHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8xODVhNDItY2I3Zi00MDU4LTg2ZjUt
NDFhZTVmNGE1MDU1LzEvOWRIZEY1ZWowSHlhSjYyLUQ3Tk5CdDIwNUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8xODVhNDItY2I3Zi00MDU4LTg2ZjUtNDFhZTVmNGE1MDU1
LzEvVEt2ek93czRDSWotSGp1QTdhU0xGNEc3ZHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJeSMAwQC
XsfQAwQCuSYoMA0GCSqGSIb3DQEBCwUAA4IBAQCVvBvqBeISakIHbOOk73ZcGdqf
7tzdI5I2ujAZ+ZR5DNTcusRma16pa0Arj2ggTOJvF7w3gLRBwO6v2xyjvLS1eYCn
BsGrohyKcM18nraYXiiS+gsfwaU13xCT1kouSwZNfqDFkaZ7s5DpIBow7NLWOg41
EAFF+I5VNRmtPTO8iS5mHvz54ALkYT1PJp3DkFf1u/sOgFZRRhzKomeaD8YdhZLf
XEhIH1b85/0IgJt/oswU/B312NDSjP4J8M+j0aa/Yd3+72maJl9SRlxO9LIYPpHt
Z9fhRV8y/XIuoxdaX4mr/WKG/3q055HeMQG8O6SqNReJRs9xgQen1twWHNgB
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:16:06 2025 by rpki-client