Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/kMxDwArgzyD1xrJmfXgCNujCRMw.roa
File: kMxDwArgzyD1xrJmfXgCNujCRMw.roa (raw, json)
Hash identifier: MKoR2GPNzHblXJe9Yp1YjNqI6l1Fg1dQxOdpjfJH2U4=
Subject key identifier: 90:CC:43:C0:0A:E0:CF:20:F5:C6:B2:66:7D:78:02:36:E8:C2:44:CC
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 0BF37456
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/kMxDwArgzyD1xrJmfXgCNujCRMw.roa
Signing time: Wed 01 Jun 2022 13:03:20 +0000
ROA not before: Wed 01 Jun 2022 13:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6855
IP address blocks: 91.245.16.0/23 maxlen: 24
2a01:5f7::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200504406 (0xbf37456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jun 1 13:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90cc43c00ae0cf20f5c6b2667d780236e8c244cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:92:7d:d0:72:23:01:a3:e8:e9:10:a8:61:
6b:bb:8d:83:d6:65:d2:0f:a3:89:33:3f:dc:b7:4a:
9d:0b:a9:fd:97:c7:26:34:76:f4:84:6e:b1:af:a3:
cb:80:f1:f4:05:b0:b7:bc:bc:2b:3b:87:92:0d:1a:
56:4f:4f:a4:78:ee:40:34:22:d5:af:7b:8a:94:99:
4a:93:62:7d:95:51:09:e3:d6:e2:53:b4:5b:11:2f:
09:57:22:73:c3:64:7e:5d:65:3b:b1:7a:30:8b:15:
6f:d7:3e:26:2e:0f:2d:b1:6f:f0:80:61:92:9c:49:
4a:61:f0:56:40:9a:2a:29:64:2b:d2:4a:03:b8:2c:
c6:5f:ff:56:9b:27:0b:db:d3:59:23:f0:ef:ab:b6:
6e:58:4b:7f:5f:7e:eb:fe:1c:d3:66:98:1d:53:78:
8e:78:d9:bf:02:88:bb:ee:65:19:08:27:c6:56:5d:
a8:96:c3:7a:b2:aa:a3:a3:9f:38:8d:2a:fe:d9:06:
bd:5b:d5:f7:f6:37:95:2a:91:c6:46:bf:72:23:7e:
2e:40:a5:08:c2:fe:f1:e4:f5:02:2d:ba:f6:2f:47:
2a:7d:81:bd:75:4f:ff:63:16:ef:b2:f4:58:9e:eb:
ad:67:ca:80:34:29:97:33:f6:16:dc:a9:18:e5:af:
90:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CC:43:C0:0A:E0:CF:20:F5:C6:B2:66:7D:78:02:36:E8:C2:44:CC
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/kMxDwArgzyD1xrJmfXgCNujCRMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.16.0/23
IPv6:
2a01:5f7::/32
Signature Algorithm: sha256WithRSAEncryption
88:f9:e2:25:e2:b6:a7:2d:5f:fa:3f:6c:25:85:3f:b4:70:8b:
a9:ac:db:55:c9:26:aa:e9:4b:5f:de:f9:6a:b9:b5:fa:d3:5d:
20:5d:9b:bb:8a:be:44:5c:e9:63:96:7b:1b:2f:34:24:be:a6:
1c:83:ef:be:ed:4b:99:8d:bd:39:3f:ad:a7:a1:8e:ce:73:e6:
f4:a5:57:54:fd:6c:76:82:70:6b:98:09:d7:69:0f:39:21:ee:
33:29:c3:0c:4f:f9:1b:dd:b2:80:18:98:d7:51:2f:d3:50:02:
76:45:fa:26:0c:bb:24:1f:ee:ba:f2:8d:ba:18:38:11:7f:26:
7a:87:51:13:fe:98:93:90:d9:59:18:7b:32:bd:9e:6a:1c:ca:
8b:5f:96:83:f8:32:c6:ff:d2:ce:d6:a9:16:07:88:cb:b5:8f:
ed:1a:64:36:98:da:38:25:a0:4a:f3:17:22:1a:46:88:72:cc:
fa:1b:da:c4:c1:0b:d2:ae:c7:98:17:95:c4:c2:56:83:e6:07:
95:69:02:8f:df:ea:dd:ef:11:7e:50:30:00:29:08:03:8f:50:
c6:11:fd:bd:44:08:06:ae:12:98:6b:a3:19:dc:31:a0:56:82:
72:5f:46:bf:ed:4e:95:0d:68:2d:ba:51:08:b3:d5:72:2a:ac:
a6:02:a6:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEC/N0VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2NiMmQ1ZmIyNTM4NTJmMTgyM2M2NTQzNGU4ZjI3NmQwNGU0ZTBjMB4XDTIyMDYw
MTEzMDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBjYzQzYzAwYWUw
Y2YyMGY1YzZiMjY2N2Q3ODAyMzZlOGMyNDRjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoPkn3QciMBo+jpEKhha7uNg9Zl0g+jiTM/3LdKnQup/ZfH
JjR29IRusa+jy4Dx9AWwt7y8KzuHkg0aVk9PpHjuQDQi1a97ipSZSpNifZVRCePW
4lO0WxEvCVcic8Nkfl1lO7F6MIsVb9c+Ji4PLbFv8IBhkpxJSmHwVkCaKilkK9JK
A7gsxl//VpsnC9vTWSPw76u2blhLf19+6/4c02aYHVN4jnjZvwKIu+5lGQgnxlZd
qJbDerKqo6OfOI0q/tkGvVvV9/Y3lSqRxka/ciN+LkClCML+8eT1Ai269i9HKn2B
vXVP/2MW77L0WJ7rrWfKgDQplzP2FtypGOWvkMcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSQzEPACuDPIPXGsmZ9eAI26MJEzDAfBgNVHSMEGDAWgBTcyy1fslOFLxgj
xlQ06PJ20E5ODDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNNc3RYN0pUaFM4WUk4WlVOT2p5ZHRCT1Rndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvN2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5YS8x
L2tNeER3QXJnenlEMXhySm1mWGdDTnVqQ1JNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
N2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5YS8xLzNNc3RYN0pUaFM4
WUk4WlVOT2p5ZHRCT1Rndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAVv1EDANBAIAAjAHAwUAKgEF9zAN
BgkqhkiG9w0BAQsFAAOCAQEAiPniJeK2py1f+j9sJYU/tHCLqazbVckmqulLX975
arm1+tNdIF2bu4q+RFzpY5Z7Gy80JL6mHIPvvu1LmY29OT+tp6GOznPm9KVXVP1s
doJwa5gJ12kPOSHuMynDDE/5G92ygBiY11Ev01ACdkX6Jgy7JB/uuvKNuhg4EX8m
eodRE/6Yk5DZWRh7Mr2eahzKi1+Wg/gyxv/SztapFgeIy7WP7RpkNpjaOCWgSvMX
IhpGiHLM+hvaxMEL0q7HmBeVxMJWg+YHlWkCj9/q3e8RflAwACkIA49QxhH9vUQI
Bq4SmGujGdwxoFaCcl9Gv+1OlQ1oLbpRCLPVciqspgKmGg==
-----END CERTIFICATE-----
Generated at Wed Apr 23 12:39:19 2025 by rpki-client