Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/16uG2JiYsJBenj-9jfL4fufp0CM.roa
File: 16uG2JiYsJBenj-9jfL4fufp0CM.roa (raw, json)
Hash identifier: PlBLDF6HG+OWKOhULthBt0oND+39qFFH/kOP0d/TE+c=
Subject key identifier: D7:AB:86:D8:98:98:B0:90:5E:9E:3F:BD:8D:F2:F8:7E:E7:E9:D0:23
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 04A39814
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/16uG2JiYsJBenj-9jfL4fufp0CM.roa
Signing time: Sat 01 Jan 2022 10:00:48 +0000
ROA not before: Sat 01 Jan 2022 10:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43770
IP address blocks: 91.195.154.0/23 maxlen: 23
185.210.220.0/22 maxlen: 22
185.153.4.0/22 maxlen: 22
2a07:84c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77830164 (0x4a39814)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Jan 1 10:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7ab86d89898b0905e9e3fbd8df2f87ee7e9d023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ea:72:7a:d3:b5:61:93:fa:39:4b:2a:8c:5e:
72:16:7a:36:dd:de:2d:90:fd:fd:79:a3:26:e7:54:
10:8a:bc:93:5f:2f:c2:47:99:d7:1b:3f:04:d2:2c:
f2:07:b1:64:f5:06:80:b9:1e:03:96:1c:1e:aa:b6:
4a:1c:a0:9f:56:52:52:19:74:fe:f5:51:80:90:2f:
4f:5c:8e:6a:37:14:6e:f6:7d:b0:58:c1:f6:6f:30:
60:b0:81:d7:aa:24:c6:e9:ba:df:3a:aa:99:c6:66:
c8:03:32:ab:3f:71:1a:d9:73:52:1d:90:54:c8:8e:
3f:47:aa:9c:80:91:ed:fd:ae:2d:cd:1b:6c:6c:af:
3f:56:23:2e:ae:9d:20:c7:01:e5:56:5b:c9:af:bb:
97:c2:7f:8b:90:df:7f:d0:f0:e7:c5:4c:a5:9f:6a:
f1:49:aa:57:aa:c3:a9:ce:17:f8:68:e9:3f:83:1b:
92:d7:aa:1d:5a:da:b5:7a:04:be:63:53:56:98:60:
0c:62:7b:0e:dd:6b:fa:c3:bf:86:2d:08:8c:c8:7c:
3f:7f:82:46:06:70:f9:3f:2c:a5:e1:36:7c:70:1f:
72:53:db:ee:05:2b:b8:73:dd:e1:34:75:08:20:ca:
de:ee:e2:ec:73:56:38:a2:ba:68:4e:81:2a:dc:49:
34:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:AB:86:D8:98:98:B0:90:5E:9E:3F:BD:8D:F2:F8:7E:E7:E9:D0:23
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/16uG2JiYsJBenj-9jfL4fufp0CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.154.0/23
185.153.4.0/22
185.210.220.0/22
IPv6:
2a07:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
10:b1:49:e4:00:f4:cb:3a:6d:6d:3f:25:9e:6a:9b:e1:0c:e3:
4e:82:eb:63:db:2f:2c:6b:b2:0b:4f:30:2e:74:40:f1:f4:98:
b2:22:92:da:9b:d3:dc:9f:70:de:08:b2:96:2f:90:e6:0e:69:
0b:bf:0e:3a:5f:3b:bb:78:49:7b:a9:6b:f6:bf:20:9e:c2:c0:
86:03:d9:1a:1b:ef:cc:f8:c7:5b:4a:6c:03:dd:bb:3d:b0:41:
b1:d3:1d:73:16:4f:d9:9b:7e:bb:39:5c:c0:b7:98:1c:a0:ce:
24:0c:90:68:cc:ec:58:33:5d:f5:d0:30:c9:a7:41:5a:4f:d4:
7e:1c:bf:b3:28:f7:e5:49:9f:61:95:f3:9e:10:5e:18:e8:ae:
9a:48:f4:b8:ce:91:49:e1:d0:b8:cf:9f:e2:3e:b1:74:95:47:
b0:9d:5c:c0:ef:d8:17:81:c9:57:40:a1:8a:e2:0b:68:e0:86:
20:1e:ce:7a:74:4c:62:99:87:b3:36:05:4a:98:5c:4f:3e:6c:
5f:a7:b3:52:b5:c4:8d:b6:c2:ef:d0:3c:c9:89:e8:37:f0:24:
19:95:c8:6c:ba:0e:72:9c:09:22:54:1e:a0:81:b5:a1:cf:fa:
1d:b4:d1:ec:be:24:47:03:48:ed:11:fc:6c:5f:85:11:ec:77:
06:95:97:4d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBKOYFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmZhNDFhMGE3YTY4MTAyYjUzYWIzMTc0MmRiNjEyNDJmNzU5MDhjMB4XDTIyMDEw
MTEwMDA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdhYjg2ZDg5ODk4
YjA5MDVlOWUzZmJkOGRmMmY4N2VlN2U5ZDAyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTqcnrTtWGT+jlLKoxechZ6Nt3eLZD9/XmjJudUEIq8k18v
wkeZ1xs/BNIs8gexZPUGgLkeA5YcHqq2Shygn1ZSUhl0/vVRgJAvT1yOajcUbvZ9
sFjB9m8wYLCB16okxum63zqqmcZmyAMyqz9xGtlzUh2QVMiOP0eqnICR7f2uLc0b
bGyvP1YjLq6dIMcB5VZbya+7l8J/i5Dff9Dw58VMpZ9q8UmqV6rDqc4X+GjpP4Mb
kteqHVratXoEvmNTVphgDGJ7Dt1r+sO/hi0IjMh8P3+CRgZw+T8speE2fHAfclPb
7gUruHPd4TR1CCDK3u7i7HNWOKK6aE6BKtxJNM0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTXq4bYmJiwkF6eP72N8vh+5+nQIzAfBgNVHSMEGDAWgBRy+kGgp6aBArU6
sxdC22EkL3WQjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N2cEJvS2VtZ1FLMU9yTVhRdHRoSkM5MWtJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYTkwZGIxLWQyZjMtNDhkMS05MThjLWZjZWJkYzBkZmMzZi8x
LzE2dUcySmlZc0pCZW5qLTlqZkw0ZnVmcDBDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
YTkwZGIxLWQyZjMtNDhkMS05MThjLWZjZWJkYzBkZmMzZi8xL2N2cEJvS2VtZ1FL
MU9yTVhRdHRoSkM5MWtJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVvDmgMEArmZBAMEArnS3DANBAIA
AjAHAwUDKgeEwDANBgkqhkiG9w0BAQsFAAOCAQEAELFJ5AD0yzptbT8lnmqb4Qzj
ToLrY9svLGuyC08wLnRA8fSYsiKS2pvT3J9w3giyli+Q5g5pC78OOl87u3hJe6lr
9r8gnsLAhgPZGhvvzPjHW0psA927PbBBsdMdcxZP2Zt+uzlcwLeYHKDOJAyQaMzs
WDNd9dAwyadBWk/Ufhy/syj35UmfYZXznhBeGOiumkj0uM6RSeHQuM+f4j6xdJVH
sJ1cwO/YF4HJV0ChiuILaOCGIB7OenRMYpmHszYFSphcTz5sX6ezUrXEjbbC79A8
yYnoN/AkGZXIbLoOcpwJIlQeoIG1oc/6HbTR7L4kRwNI7RH8bF+FEex3BpWXTQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:25:26 2025 by rpki-client