Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/_xmjROwDZICkoEkspc0g1Pu7aHI.roa
File: _xmjROwDZICkoEkspc0g1Pu7aHI.roa (raw, json)
Hash identifier: hSCiaTGsjcegDNdebTWQlwdUYF6TzpQ0s0N6A5W1sIM=
Subject key identifier: FF:19:A3:44:EC:03:64:80:A4:A0:49:2C:A5:CD:20:D4:FB:BB:68:72
Certificate issuer: /CN=9c0aae6d45d06df7c4278ef4f218e42db807094c
Certificate serial: 076C82F7
Authority key identifier: 9C:0A:AE:6D:45:D0:6D:F7:C4:27:8E:F4:F2:18:E4:2D:B8:07:09:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nAqubUXQbffEJ4708hjkLbgHCUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/_xmjROwDZICkoEkspc0g1Pu7aHI.roa
Signing time: Sat 01 Jan 2022 02:59:03 +0000
ROA not before: Sat 01 Jan 2022 02:59:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1942
IP address blocks: 160.103.0.0/16 maxlen: 16
45.149.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124551927 (0x76c82f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c0aae6d45d06df7c4278ef4f218e42db807094c
Validity
Not Before: Jan 1 02:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff19a344ec036480a4a0492ca5cd20d4fbbb6872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1a:40:51:d2:37:fc:a2:a3:12:cb:56:93:a5:
75:d8:b1:09:9c:2e:dc:2d:40:67:2e:71:fc:61:78:
3b:72:45:bb:7a:7e:1d:f3:3e:9e:61:ef:d5:7b:19:
c5:01:41:db:db:8e:5d:30:f3:9c:d7:d7:cf:60:ce:
2b:67:3d:29:21:7d:ff:fd:7e:53:86:56:0a:98:66:
e6:30:ad:2b:03:92:67:a2:67:61:14:77:31:ae:e8:
ce:67:27:15:a0:06:13:68:64:a2:b9:cf:69:e3:a8:
9b:b2:d9:b4:68:fe:1a:11:50:57:7e:4d:dc:70:f7:
27:3d:92:a9:97:b6:30:38:88:74:8a:8c:21:d3:4b:
45:b4:c1:50:68:32:c1:17:27:bd:29:e4:d9:1d:11:
28:b0:26:6c:84:96:0a:e0:ac:c8:14:5e:62:25:49:
86:53:eb:41:bf:15:83:d8:5f:a5:99:25:c2:2c:2e:
15:ff:f6:d9:ef:22:8c:ac:e6:d5:2d:56:91:05:6b:
54:6c:d6:bf:10:af:d6:36:8d:3b:39:82:a9:59:a8:
e6:1c:1a:d1:e3:a0:6b:2d:31:1c:2d:6f:38:64:b2:
2c:a4:a4:29:9b:99:08:44:b1:64:5a:8e:fc:7a:89:
4c:be:8c:89:32:9b:6c:35:ca:b3:3a:89:ed:dc:f6:
3d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:19:A3:44:EC:03:64:80:A4:A0:49:2C:A5:CD:20:D4:FB:BB:68:72
X509v3 Authority Key Identifier:
keyid:9C:0A:AE:6D:45:D0:6D:F7:C4:27:8E:F4:F2:18:E4:2D:B8:07:09:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nAqubUXQbffEJ4708hjkLbgHCUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/_xmjROwDZICkoEkspc0g1Pu7aHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/nAqubUXQbffEJ4708hjkLbgHCUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.140.0/22
160.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:9b:4c:cb:4d:c2:d6:04:28:bf:fc:8a:59:b5:0d:9f:c1:06:
5c:8a:73:55:84:0a:bf:24:21:2f:d4:04:99:18:58:9c:cd:b5:
0f:72:ee:f7:61:53:0a:9c:da:99:99:8e:08:e5:2b:b9:53:24:
00:8f:cb:61:2c:e8:b7:1c:85:8b:ad:09:b2:be:6b:14:63:04:
5f:9e:67:60:37:22:c2:f7:96:82:57:ed:5c:50:36:c8:e4:74:
be:f9:9f:99:10:d7:08:21:55:e4:c9:ed:92:5a:aa:da:bc:f0:
47:73:8e:9f:cf:dd:c7:33:ba:79:da:5e:14:00:03:eb:7c:db:
9a:31:13:d1:5a:1f:a4:34:67:5c:a1:18:07:ce:89:4b:38:6d:
ba:b2:98:23:66:e8:a7:d4:78:a7:3c:41:54:9c:fd:19:89:d8:
6a:45:60:bf:24:60:ea:df:9e:b4:76:4e:72:99:d0:bd:8c:5d:
25:2c:68:e7:3f:f9:8e:13:a6:44:93:dc:49:95:ea:e9:0a:c1:
c6:07:99:90:e4:0b:4b:59:65:7c:fa:df:52:93:15:35:b0:b7:
f7:c0:ad:16:12:b2:b0:55:1c:35:38:5f:7b:f8:ec:b9:37:7c:
6d:d6:07:ba:bd:3f:b8:a4:ad:48:41:77:ab:43:fb:41:30:5c:
2c:70:59:a8
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEB2yC9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YzBhYWU2ZDQ1ZDA2ZGY3YzQyNzhlZjRmMjE4ZTQyZGI4MDcwOTRjMB4XDTIyMDEw
MTAyNTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYxOWEzNDRlYzAz
NjQ4MGE0YTA0OTJjYTVjZDIwZDRmYmJiNjg3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAaQFHSN/yioxLLVpOlddixCZwu3C1AZy5x/GF4O3JFu3p+
HfM+nmHv1XsZxQFB29uOXTDznNfXz2DOK2c9KSF9//1+U4ZWCphm5jCtKwOSZ6Jn
YRR3Ma7ozmcnFaAGE2hkornPaeOom7LZtGj+GhFQV35N3HD3Jz2SqZe2MDiIdIqM
IdNLRbTBUGgywRcnvSnk2R0RKLAmbISWCuCsyBReYiVJhlPrQb8Vg9hfpZklwiwu
Ff/22e8ijKzm1S1WkQVrVGzWvxCv1jaNOzmCqVmo5hwa0eOgay0xHC1vOGSyLKSk
KZuZCESxZFqO/HqJTL6MiTKbbDXKszqJ7dz2PWsCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBT/GaNE7ANkgKSgSSylzSDU+7tocjAfBgNVHSMEGDAWgBScCq5tRdBt98Qn
jvTyGOQtuAcJTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25BcXViVVhRYmZmRUo0NzA4aGprTGJnSENVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvYzkyMGVjLTA3ZGMtNDY5ZC1iODg0LWI5OGJiYjE2MzdjMC8x
L194bWpST3dEWklDa29Fa3NwYzBnMVB1N2FISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
YzkyMGVjLTA3ZGMtNDY5ZC1iODg0LWI5OGJiYjE2MzdjMC8xL25BcXViVVhRYmZm
RUo0NzA4aGprTGJnSENVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMEAi2VjAMDAKBnMA0GCSqGSIb3DQEB
CwUAA4IBAQBlm0zLTcLWBCi//IpZtQ2fwQZcinNVhAq/JCEv1ASZGFiczbUPcu73
YVMKnNqZmY4I5Su5UyQAj8thLOi3HIWLrQmyvmsUYwRfnmdgNyLC95aCV+1cUDbI
5HS++Z+ZENcIIVXkye2SWqravPBHc46fz93HM7p52l4UAAPrfNuaMRPRWh+kNGdc
oRgHzolLOG26spgjZuin1HinPEFUnP0ZidhqRWC/JGDq3560dk5ymdC9jF0lLGjn
P/mOE6ZEk9xJlerpCsHGB5mQ5AtLWWV8+t9SkxU1sLf3wK0WErKwVRw1OF97+Oy5
N3xt1ge6vT+4pK1IQXerQ/tBMFwscFmo
-----END CERTIFICATE-----
Generated at Tue May 13 12:24:09 2025 by rpki-client