Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/lyV2UGMYAg7us1CDgtDfu_0CbYE.roa
File: lyV2UGMYAg7us1CDgtDfu_0CbYE.roa (raw, json)
Hash identifier: DXJnLsVPF/dylk+0kqJ7ypwcod3kV9qXr6fBDkvzucU=
Subject key identifier: 97:25:76:50:63:18:02:0E:EE:B3:50:83:82:D0:DF:BB:FD:02:6D:81
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 01856E2FAF8990C506E15DC81CC8EFA5D48C
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/lyV2UGMYAg7us1CDgtDfu_0CbYE.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6855
IP address blocks: 91.245.16.0/23 maxlen: 24
2a01:5f7::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:af:89:90:c5:06:e1:5d:c8:1c:c8:ef:a5:d4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972576506318020eeeb3508382d0dfbbfd026d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:71:c4:29:25:35:a0:20:68:35:bd:b2:a5:
f7:e9:e6:17:32:96:e4:26:71:05:a3:ef:4f:74:9a:
1e:58:0f:27:b1:2d:ed:f8:86:6b:f7:f8:67:6f:20:
8d:0d:91:d1:42:00:f2:57:c5:35:75:61:26:56:f5:
da:ac:d6:26:9a:8e:2d:b8:ca:6c:3c:f3:9f:45:48:
fe:14:ae:ea:58:fc:a2:38:47:f5:e1:0b:96:94:aa:
8d:8f:fd:02:9e:40:3d:97:be:4b:70:31:e2:00:1d:
55:32:3a:34:50:0f:f9:31:de:f9:c4:99:c5:7e:0e:
b3:ef:db:a8:58:6a:d4:4a:29:1f:4a:c6:6b:cf:ae:
c2:79:84:4a:8b:a3:44:b2:16:d8:49:ef:de:a6:c3:
43:4c:28:95:3a:7a:95:6d:9b:53:24:f8:1a:86:31:
7e:6f:21:6e:86:2f:e1:7e:1f:69:1c:ff:4f:2a:1c:
e4:73:e9:7c:7e:ed:59:57:db:dd:ad:b8:ef:8f:00:
88:eb:13:8d:e0:54:3d:0e:96:eb:ef:5d:56:d0:51:
28:47:1f:26:e5:7e:9c:40:28:64:7b:82:9b:2e:e8:
0b:2d:41:a9:85:83:d7:47:b7:a3:c5:1c:8a:0c:8f:
f0:e3:0d:79:e9:c6:27:7a:a1:b5:78:d3:7c:9c:d6:
01:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:25:76:50:63:18:02:0E:EE:B3:50:83:82:D0:DF:BB:FD:02:6D:81
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/lyV2UGMYAg7us1CDgtDfu_0CbYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.16.0/23
IPv6:
2a01:5f7::/32
Signature Algorithm: sha256WithRSAEncryption
6f:dc:00:33:c9:b9:85:09:d8:a8:68:18:11:4b:b1:a1:73:17:
11:b6:b1:33:fd:4c:a7:61:3e:68:c0:ce:f5:55:5c:5b:58:5d:
0d:27:ec:2a:ed:f5:f9:26:9b:07:1b:3e:54:53:80:79:e9:71:
15:17:12:64:78:f3:28:15:c1:9d:c8:e7:76:e3:86:fe:5b:9c:
2c:3a:95:e7:e1:7a:62:ca:6e:22:5d:62:76:28:ac:67:cf:b4:
5f:a9:52:2f:3e:f3:72:dd:62:92:64:ad:03:f7:dc:0e:d4:53:
fb:78:10:53:61:28:03:99:eb:2c:8f:cb:e1:03:85:e5:c5:fc:
5c:18:66:e5:46:79:0a:b7:6b:1a:ac:f7:ca:a4:0d:87:6a:dd:
b3:68:33:25:3e:d5:db:f0:f3:b2:93:65:45:7a:08:2a:51:b0:
09:88:ef:82:62:e8:98:eb:73:20:11:48:c3:c3:43:e8:a6:5c:
ed:c8:90:eb:90:85:bb:7a:32:c4:00:c9:af:80:c2:d9:8f:e6:
12:e8:2e:6e:e3:89:33:b8:3f:5a:ed:c9:05:0d:86:83:70:42:
a9:2a:e6:a7:b3:f0:83:12:2d:34:f3:c9:51:22:7e:c5:ee:8b:
5c:b1:ae:dd:df:ed:bf:ad:7f:61:9a:b6:c9:76:2b:1f:db:d0:
be:fb:cd:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL6+JkMUG4V3IHMjvpdSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI1NzY1MDYzMTgwMjBlZWViMzUwODM4MmQwZGZiYmZkMDI2ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw9xxCklNaAgaDW9sqX36eYXMpbk
JnEFo+9PdJoeWA8nsS3t+IZr9/hnbyCNDZHRQgDyV8U1dWEmVvXarNYmmo4tuMps
PPOfRUj+FK7qWPyiOEf14QuWlKqNj/0CnkA9l75LcDHiAB1VMjo0UA/5Md75xJnF
fg6z79uoWGrUSikfSsZrz67CeYRKi6NEshbYSe/epsNDTCiVOnqVbZtTJPgahjF+
byFuhi/hfh9pHP9PKhzkc+l8fu1ZV9vdrbjvjwCI6xON4FQ9Dpbr711W0FEoRx8m
5X6cQChke4KbLugLLUGphYPXR7ejxRyKDI/w4w156cYneqG1eNN8nNYBAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJcldlBjGAIO7rNQg4LQ37v9Am2BMB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvbHlWMlVHTVlBZzd1czFDRGd0RGZ1XzBDYllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW/UQMA0E
AgACMAcDBQAqAQX3MA0GCSqGSIb3DQEBCwUAA4IBAQBv3AAzybmFCdioaBgRS7Gh
cxcRtrEz/UynYT5owM71VVxbWF0NJ+wq7fX5JpsHGz5UU4B56XEVFxJkePMoFcGd
yOd244b+W5wsOpXn4Xpiym4iXWJ2KKxnz7RfqVIvPvNy3WKSZK0D99wO1FP7eBBT
YSgDmessj8vhA4XlxfxcGGblRnkKt2sarPfKpA2Hat2zaDMlPtXb8POyk2VFeggq
UbAJiO+CYuiY63MgEUjDw0PoplztyJDrkIW7ejLEAMmvgMLZj+YS6C5u44kzuD9a
7ckFDYaDcEKpKuans/CDEi0088lRIn7F7otcsa7d3+2/rX9hmrbJdisf29C++82G
-----END CERTIFICATE-----
Generated at Wed Apr 23 12:30:42 2025 by rpki-client