Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/fhuCtgwqgYZBZa9ghcsrZ1EyYUI.roa
File: fhuCtgwqgYZBZa9ghcsrZ1EyYUI.roa (raw, json)
Hash identifier: JnG8z6w/w9aV8TDf1JCdQQdqLB/kMAYFSaIp2aejS5w=
Subject key identifier: 7E:1B:82:B6:0C:2A:81:86:41:65:AF:60:85:CB:2B:67:51:32:61:42
Certificate issuer: /CN=2805857ba7bd5dc820c61626c63349e3b7faa7d3
Certificate serial: 404D1B
Authority key identifier: 28:05:85:7B:A7:BD:5D:C8:20:C6:16:26:C6:33:49:E3:B7:FA:A7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAWFe6e9XcggxhYmxjNJ47f6p9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/fhuCtgwqgYZBZa9ghcsrZ1EyYUI.roa
Signing time: Sat 01 Jan 2022 00:55:16 +0000
ROA not before: Sat 01 Jan 2022 00:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208638
IP address blocks: 45.91.16.0/22 maxlen: 24
2a0e:e40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4214043 (0x404d1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2805857ba7bd5dc820c61626c63349e3b7faa7d3
Validity
Not Before: Jan 1 00:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1b82b60c2a81864165af6085cb2b6751326142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c4:20:64:0c:49:c6:62:21:d8:7e:c4:17:10:
37:a4:97:99:93:20:b9:e6:fc:9c:b2:4b:73:f8:a8:
cb:27:a1:00:27:80:46:71:fa:de:a4:ce:88:c5:18:
7a:f7:40:5e:7d:7f:76:3e:d7:e1:cf:d2:9f:13:aa:
09:ac:2f:7a:4f:d6:8e:64:9f:ae:47:77:b9:f6:d8:
24:e5:9c:00:cd:8f:07:5d:aa:bc:79:d6:f3:3d:79:
a0:88:8e:6d:69:72:77:aa:32:11:b0:27:6d:f5:9c:
aa:2f:99:12:56:51:2a:78:65:ca:80:ae:4a:a4:66:
33:5e:47:2c:1f:c5:b8:93:d4:d5:1e:06:4c:5d:65:
06:e7:33:1a:dc:b3:0a:f3:7c:ca:46:86:b2:01:1c:
58:48:53:40:75:a8:c4:dd:b1:a9:b3:6b:d8:22:d8:
ef:4b:c9:67:0b:f4:d6:3a:1d:3e:28:09:c6:fd:00:
5b:3a:be:e6:73:be:bb:f2:b5:46:e7:e2:a8:5f:29:
7c:29:bf:98:f4:1f:42:54:e8:50:db:1f:2a:a6:01:
d4:89:51:09:46:9b:5c:c8:24:5a:95:7d:66:1d:d9:
49:70:aa:3d:9e:74:d4:0f:ce:64:dc:b3:a9:c1:92:
68:41:cd:73:09:a9:92:9c:c2:44:fb:42:60:05:fe:
06:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1B:82:B6:0C:2A:81:86:41:65:AF:60:85:CB:2B:67:51:32:61:42
X509v3 Authority Key Identifier:
keyid:28:05:85:7B:A7:BD:5D:C8:20:C6:16:26:C6:33:49:E3:B7:FA:A7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAWFe6e9XcggxhYmxjNJ47f6p9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/fhuCtgwqgYZBZa9ghcsrZ1EyYUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/KAWFe6e9XcggxhYmxjNJ47f6p9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.16.0/22
IPv6:
2a0e:e40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:57:b2:85:03:32:46:32:45:dd:f7:4d:f3:28:1d:58:28:e3:
a8:de:73:43:e9:ab:ab:83:c9:4e:76:08:8e:22:0d:4b:9d:8e:
39:de:dc:05:4f:ac:a1:60:d2:b5:00:f1:ad:59:be:28:28:2c:
ef:9f:8e:e0:03:f7:39:ff:64:7f:04:88:2d:b7:c9:b1:09:70:
e9:12:f2:7e:c0:5a:d2:b2:16:b0:0a:56:bd:bd:66:a8:d2:59:
7e:6f:dd:8c:84:72:81:d0:53:01:e2:7e:4f:68:e1:ea:58:7b:
6b:e8:d6:c0:02:02:b0:80:2a:2e:2b:0b:1e:2a:c4:9b:70:4d:
54:ad:fd:52:24:71:43:e8:62:9f:d7:43:ca:53:a6:01:1c:bc:
ed:40:68:64:28:6d:7f:c5:bf:a5:b2:25:84:ad:d1:e2:c1:58:
1d:df:12:0a:84:34:67:54:4c:d7:a7:2d:aa:be:10:b4:f3:84:
3c:ee:46:9a:d0:fc:41:d7:69:a8:d8:af:61:b6:f0:18:f0:14:
64:8e:1f:c4:be:f1:23:2f:e3:24:97:b1:4b:a0:81:1a:f1:ca:
37:11:bc:51:77:a1:cb:a1:1f:99:2c:bd:e5:b6:a3:eb:39:2f:
2a:37:ae:1f:e8:ae:99:05:38:7a:54:cf:a3:b7:88:43:ac:5b:
7d:b8:3c:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDQE0bMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
MDU4NTdiYTdiZDVkYzgyMGM2MTYyNmM2MzM0OWUzYjdmYWE3ZDMwHhcNMjIwMTAx
MDA1NTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZTFiODJiNjBjMmE4
MTg2NDE2NWFmNjA4NWNiMmI2NzUxMzI2MTQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxsQgZAxJxmIh2H7EFxA3pJeZkyC55vycsktz+KjLJ6EAJ4BG
cfrepM6IxRh690BefX92Ptfhz9KfE6oJrC96T9aOZJ+uR3e59tgk5ZwAzY8HXaq8
edbzPXmgiI5taXJ3qjIRsCdt9ZyqL5kSVlEqeGXKgK5KpGYzXkcsH8W4k9TVHgZM
XWUG5zMa3LMK83zKRoayARxYSFNAdajE3bGps2vYItjvS8lnC/TWOh0+KAnG/QBb
Or7mc7678rVG5+KoXyl8Kb+Y9B9CVOhQ2x8qpgHUiVEJRptcyCRalX1mHdlJcKo9
nnTUD85k3LOpwZJoQc1zCamSnMJE+0JgBf4GQQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFH4bgrYMKoGGQWWvYIXLK2dRMmFCMB8GA1UdIwQYMBaAFCgFhXunvV3IIMYW
JsYzSeO3+qfTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S0FXRmU2ZTlYY2dneGhZbXhqTko0N2Y2cDlNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNS8zNWExOWUtZWRhYi00NGM5LTkxNmEtMTZiNWViZGQyMDQwLzEv
Zmh1Q3Rnd3FnWVpCWmE5Z2hjc3JaMUV5WVVJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8z
NWExOWUtZWRhYi00NGM5LTkxNmEtMTZiNWViZGQyMDQwLzEvS0FXRmU2ZTlYY2dn
eGhZbXhqTko0N2Y2cDlNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVsQMA0EAgACMAcDBQMqDg5AMA0G
CSqGSIb3DQEBCwUAA4IBAQBeV7KFAzJGMkXd903zKB1YKOOo3nND6aurg8lOdgiO
Ig1LnY453twFT6yhYNK1APGtWb4oKCzvn47gA/c5/2R/BIgtt8mxCXDpEvJ+wFrS
shawCla9vWao0ll+b92MhHKB0FMB4n5PaOHqWHtr6NbAAgKwgCouKwseKsSbcE1U
rf1SJHFD6GKf10PKU6YBHLztQGhkKG1/xb+lsiWErdHiwVgd3xIKhDRnVEzXpy2q
vhC084Q87kaa0PxB12mo2K9htvAY8BRkjh/EvvEjL+Mkl7FLoIEa8co3EbxRd6HL
oR+ZLL3ltqPrOS8qN64f6K6ZBTh6VM+jt4hDrFt9uDx+
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:37 2025 by rpki-client