Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/HiT0kQJK_aiNbjYjmwWu6mBnx3k.roa
File: HiT0kQJK_aiNbjYjmwWu6mBnx3k.roa (raw, json)
Hash identifier: 2OMimwtHr1y3qcyJH9WEnSrg4S80PejsNrGjInaUWKY=
Subject key identifier: 1E:24:F4:91:02:4A:FD:A8:8D:6E:36:23:9B:05:AE:EA:60:67:C7:79
Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial: 0222DC
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/HiT0kQJK_aiNbjYjmwWu6mBnx3k.roa
Signing time: Tue 08 Mar 2022 16:12:59 +0000
ROA not before: Tue 08 Mar 2022 16:12:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 91.220.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139996 (0x222dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Validity
Not Before: Mar 8 16:12:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e24f491024afda88d6e36239b05aeea6067c779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:9a:5d:fe:45:34:b8:e4:fb:35:05:9e:97:
fb:94:cb:47:95:fb:58:a2:d2:7d:1f:0c:e7:2e:25:
37:53:30:e0:da:51:05:88:2e:b8:b0:06:e3:ba:20:
15:f3:b1:52:fb:dc:39:1c:0c:0a:ef:5f:8f:c5:16:
67:88:63:3f:7e:cd:ae:a8:67:3d:5f:22:45:da:5e:
40:d2:d5:03:ff:66:f0:4d:3b:32:87:22:51:9e:67:
aa:1d:e6:0b:f7:84:0e:68:7e:45:67:35:3d:7e:95:
6c:29:0e:49:f9:3c:97:a5:d5:46:23:29:dd:38:61:
5b:3c:97:5f:d4:44:b3:50:1c:6f:d2:73:28:a6:ca:
79:c3:12:d3:75:7d:57:08:2d:69:11:92:cd:37:f4:
d5:ad:0a:ad:88:af:64:27:4f:2c:91:fc:9a:a5:49:
a2:b9:8b:bf:ae:57:5d:76:e4:06:19:28:c8:48:fc:
19:a5:11:d9:bc:d5:e7:cd:f8:4a:57:b8:01:34:ac:
d2:89:d0:fe:a8:b6:0c:21:a0:de:09:c6:15:72:0a:
c3:9b:47:44:3a:05:d3:54:b9:3d:a3:70:d3:da:ed:
86:4b:ba:f2:6c:43:fd:78:fa:b4:c6:dd:00:dd:0e:
26:3d:4e:2e:67:61:9c:d3:c3:24:07:53:69:4d:39:
58:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:24:F4:91:02:4A:FD:A8:8D:6E:36:23:9B:05:AE:EA:60:67:C7:79
X509v3 Authority Key Identifier:
keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/HiT0kQJK_aiNbjYjmwWu6mBnx3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.172.0/24
Signature Algorithm: sha256WithRSAEncryption
11:fc:a0:2d:e4:32:5e:fd:62:32:d2:ff:50:a7:97:2d:d9:71:
65:a7:65:9b:65:f7:31:12:69:88:c1:d8:eb:3a:53:6e:fc:00:
d4:db:ca:71:35:f9:ba:2e:66:58:8b:0b:3c:e1:fb:54:48:7a:
64:01:65:31:f3:2b:fb:c9:06:a8:12:6b:72:4d:a4:e6:3d:45:
db:e1:d6:d1:28:d0:48:0c:72:ea:12:71:fe:5c:f3:dc:67:cf:
a3:ed:34:f6:33:dc:a4:08:86:e0:a9:d8:f1:27:ed:f3:71:3d:
12:02:ab:a8:eb:60:9d:7b:34:88:2c:ab:ea:da:06:20:2b:4e:
9c:59:57:17:d0:48:d1:9b:27:d4:4a:3f:ad:26:82:07:fb:c0:
32:32:78:ab:ca:2f:4e:e0:48:1a:4c:98:31:2c:21:65:4e:96:
0e:b9:fa:9f:39:d4:a5:d2:ef:20:b8:2c:7e:c7:64:21:d9:84:
e5:73:19:50:c8:7d:a8:8c:39:d9:93:67:33:5d:0d:27:10:68:
1d:34:a7:36:73:44:a6:27:a5:7f:8d:7f:d1:28:72:89:4c:30:
24:3b:5e:a7:ad:b1:18:9d:d2:fb:07:b1:bb:32:5d:59:33:61:
cc:15:11:de:69:db:f8:b3:b8:7b:41:f4:d6:38:3f:2e:3f:90:
7c:54:12:4b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAiLcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI2
ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3NTI0MmQwHhcNMjIwMzA4
MTYxMjU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZTI0ZjQ5MTAyNGFm
ZGE4OGQ2ZTM2MjM5YjA1YWVlYTYwNjdjNzc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuKCaXf5FNLjk+zUFnpf7lMtHlftYotJ9HwznLiU3UzDg2lEF
iC64sAbjuiAV87FS+9w5HAwK71+PxRZniGM/fs2uqGc9XyJF2l5A0tUD/2bwTTsy
hyJRnmeqHeYL94QOaH5FZzU9fpVsKQ5J+TyXpdVGIyndOGFbPJdf1ESzUBxv0nMo
psp5wxLTdX1XCC1pEZLNN/TVrQqtiK9kJ08skfyapUmiuYu/rlddduQGGSjISPwZ
pRHZvNXnzfhKV7gBNKzSidD+qLYMIaDeCcYVcgrDm0dEOgXTVLk9o3DT2u2GS7ry
bEP9ePq0xt0A3Q4mPU4uZ2Gc08MkB1NpTTlYIQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFB4k9JECSv2ojW42I5sFrupgZ8d5MB8GA1UdIwQYMBaAFLbtm1y0tkhmw4Pe
5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2MzLzEv
SGlUMGtRSktfYWlOYmpZam13V3U2bUJueDNrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8x
NzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JE
Zzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ysMA0GCSqGSIb3DQEBCwUAA4IB
AQAR/KAt5DJe/WIy0v9Qp5ct2XFlp2WbZfcxEmmIwdjrOlNu/ADU28pxNfm6LmZY
iws84ftUSHpkAWUx8yv7yQaoEmtyTaTmPUXb4dbRKNBIDHLqEnH+XPPcZ8+j7TT2
M9ykCIbgqdjxJ+3zcT0SAquo62CdezSILKvq2gYgK06cWVcX0EjRmyfUSj+tJoIH
+8AyMniryi9O4EgaTJgxLCFlTpYOufqfOdSl0u8guCx+x2Qh2YTlcxlQyH2ojDnZ
k2czXQ0nEGgdNKc2c0SmJ6V/jX/RKHKJTDAkO16nrbEYndL7B7G7Ml1ZM2HMFRHe
adv4s7h7QfTWOD8uP5B8VBJL
-----END CERTIFICATE-----
Generated at Tue Apr 15 05:18:55 2025 by rpki-client