Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/032_4qg4lQM7Uj4nachTDsayRLA.roa
File: 032_4qg4lQM7Uj4nachTDsayRLA.roa (raw, json)
Hash identifier: NzSumk5NcABKE1OhH8pGI/Zi7NRPwkj/pO7e337GfaY=
Subject key identifier: D3:7D:BF:E2:A8:38:95:03:3B:52:3E:27:69:C8:53:0E:C6:B2:44:B0
Certificate issuer: /CN=24d9bb0530dfe3228f83b0861392e2845934b698
Certificate serial: 0870477B
Authority key identifier: 24:D9:BB:05:30:DF:E3:22:8F:83:B0:86:13:92:E2:84:59:34:B6:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/032_4qg4lQM7Uj4nachTDsayRLA.roa
Signing time: Sat 01 Jan 2022 04:02:15 +0000
ROA not before: Sat 01 Jan 2022 04:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204504
IP address blocks: 185.134.168.0/24 maxlen: 24
185.134.168.0/22 maxlen: 22
185.134.171.0/24 maxlen: 24
185.134.170.0/24 maxlen: 24
185.134.169.0/24 maxlen: 24
2a0e:3e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141576059 (0x870477b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9bb0530dfe3228f83b0861392e2845934b698
Validity
Not Before: Jan 1 04:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d37dbfe2a83895033b523e2769c8530ec6b244b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ea:be:72:ac:95:e0:dc:8d:9f:b5:1e:75:7c:
3e:af:86:6b:f3:5b:54:9a:84:05:85:9c:23:be:1f:
e9:a6:70:91:34:d7:cc:a5:14:71:d8:30:ff:70:dd:
65:45:93:dc:30:e7:14:55:f4:07:80:a0:69:41:9b:
dd:6a:6d:fd:34:c3:b1:e0:fc:fe:c2:cc:e9:15:66:
37:ea:97:dd:10:c6:a1:48:7f:f2:da:fc:c8:db:9c:
6c:d1:82:43:fa:c2:31:08:29:96:95:dc:88:c7:a7:
5a:29:29:26:f3:94:61:ce:0f:0b:ec:b4:6b:4c:36:
ef:38:de:86:67:d8:ca:74:ea:5a:f1:ce:1b:ee:2a:
15:79:eb:d7:10:5d:e6:4a:79:1f:d6:ea:4c:b3:83:
18:8d:33:12:20:7b:5a:1e:19:02:ae:05:09:04:f1:
70:e5:2f:2e:83:75:6d:49:51:3c:6a:b4:9b:90:aa:
bb:aa:8a:2d:23:55:44:da:fe:66:d3:ae:9f:51:7b:
cd:7e:e7:91:c9:a5:60:63:2a:40:a2:d8:ec:b4:0d:
64:d0:19:3a:0d:9c:99:6b:0d:b3:f4:c3:9f:0b:97:
24:06:d9:dd:f6:a3:94:c3:43:13:0e:ee:49:ca:3f:
d0:59:53:83:e8:cd:07:e4:fd:cd:02:b2:31:27:47:
3f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7D:BF:E2:A8:38:95:03:3B:52:3E:27:69:C8:53:0E:C6:B2:44:B0
X509v3 Authority Key Identifier:
keyid:24:D9:BB:05:30:DF:E3:22:8F:83:B0:86:13:92:E2:84:59:34:B6:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/032_4qg4lQM7Uj4nachTDsayRLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/JNm7BTDf4yKPg7CGE5LihFk0tpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.168.0/22
IPv6:
2a0e:3e80::/29
Signature Algorithm: sha256WithRSAEncryption
5e:95:1b:5f:97:17:b7:90:9b:5f:df:7c:3e:16:ca:67:d2:8b:
b2:ef:aa:34:89:bc:47:0d:34:24:8e:da:64:ad:25:c0:80:7b:
db:0f:7b:fd:0a:0d:e5:a1:74:60:32:0d:f1:65:bb:98:0b:fa:
f4:e8:68:06:3d:bd:9c:3c:6c:36:c1:39:4c:86:f5:a2:57:b8:
71:8b:6e:7d:55:f7:5a:f9:62:a1:5c:e7:de:7d:1f:14:da:8b:
16:4e:98:52:b0:af:0e:91:97:01:46:67:0c:4b:47:e8:eb:d2:
c6:52:23:79:b2:c8:ac:28:4f:21:40:b0:9f:92:d3:f4:e8:03:
79:80:e2:cd:2f:c6:6d:be:b5:f3:3a:9d:90:bc:d8:11:91:11:
f6:32:82:ee:37:48:52:54:83:9a:3e:e7:21:2e:c2:30:71:86:
03:d3:57:4e:91:0b:c2:21:16:bc:76:96:dc:3f:2a:f8:4f:1a:
25:20:7d:ac:c0:a5:7d:22:64:63:d7:08:da:e5:68:65:e9:6f:
86:72:78:76:fc:44:af:7f:95:d6:f1:ad:e6:92:85:ca:03:54:
5f:b1:e6:47:10:5f:33:c6:cb:31:8b:23:da:18:1d:2a:6c:3f:
03:fc:cb:8d:11:e7:6d:b3:78:96:70:94:2d:a6:bd:31:77:75:
10:7a:f3:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECHBHezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGQ5YmIwNTMwZGZlMzIyOGY4M2IwODYxMzkyZTI4NDU5MzRiNjk4MB4XDTIyMDEw
MTA0MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM3ZGJmZTJhODM4
OTUwMzNiNTIzZTI3NjljODUzMGVjNmIyNDRiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7qvnKsleDcjZ+1HnV8Pq+Ga/NbVJqEBYWcI74f6aZwkTTX
zKUUcdgw/3DdZUWT3DDnFFX0B4CgaUGb3Wpt/TTDseD8/sLM6RVmN+qX3RDGoUh/
8tr8yNucbNGCQ/rCMQgplpXciMenWikpJvOUYc4PC+y0a0w27zjehmfYynTqWvHO
G+4qFXnr1xBd5kp5H9bqTLODGI0zEiB7Wh4ZAq4FCQTxcOUvLoN1bUlRPGq0m5Cq
u6qKLSNVRNr+ZtOun1F7zX7nkcmlYGMqQKLY7LQNZNAZOg2cmWsNs/TDnwuXJAbZ
3fajlMNDEw7uSco/0FlTg+jNB+T9zQKyMSdHP9UCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTTfb/iqDiVAztSPidpyFMOxrJEsDAfBgNVHSMEGDAWgBQk2bsFMN/jIo+D
sIYTkuKEWTS2mDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pObTdCVERmNHlLUGc3Q0dFNUxpaEZrMHRwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvYTk5NzljLWQ5ODktNDZmZi1iOTFlLTRlYTMwMTFkYWI2Yy8x
LzAzMl80cWc0bFFNN1VqNG5hY2hURHNheVJMQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
YTk5NzljLWQ5ODktNDZmZi1iOTFlLTRlYTMwMTFkYWI2Yy8xL0pObTdCVERmNHlL
UGc3Q0dFNUxpaEZrMHRwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmGqDANBAIAAjAHAwUDKg4+gDAN
BgkqhkiG9w0BAQsFAAOCAQEAXpUbX5cXt5CbX998PhbKZ9KLsu+qNIm8Rw00JI7a
ZK0lwIB72w97/QoN5aF0YDIN8WW7mAv69OhoBj29nDxsNsE5TIb1ole4cYtufVX3
WvlioVzn3n0fFNqLFk6YUrCvDpGXAUZnDEtH6OvSxlIjebLIrChPIUCwn5LT9OgD
eYDizS/Gbb618zqdkLzYEZER9jKC7jdIUlSDmj7nIS7CMHGGA9NXTpELwiEWvHaW
3D8q+E8aJSB9rMClfSJkY9cI2uVoZelvhnJ4dvxEr3+V1vGt5pKFygNUX7HmRxBf
M8bLMYsj2hgdKmw/A/zLjRHnbbN4lnCULaa9MXd1EHrzow==
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:28:56 2025 by rpki-client