Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/oR3SCZxwBlE7Fac3Bv43tW5au1M.roa
File: oR3SCZxwBlE7Fac3Bv43tW5au1M.roa (raw, json)
Hash identifier: lZFKFI0w0gEBjOJEiY8SceJOg7y80E5YEiNiX/nVIpI=
Subject key identifier: A1:1D:D2:09:9C:70:06:51:3B:15:A7:37:06:FE:37:B5:6E:5A:BB:53
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 1B43E9CF
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/oR3SCZxwBlE7Fac3Bv43tW5au1M.roa
Signing time: Sat 01 Jan 2022 10:59:20 +0000
ROA not before: Sat 01 Jan 2022 10:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50525
IP address blocks: 91.148.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 457435599 (0x1b43e9cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 1 10:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a11dd2099c7006513b15a73706fe37b56e5abb53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:81:7b:19:65:1c:b7:23:75:ef:80:d0:a0:be:
23:8d:d6:2f:4e:fd:90:ce:41:14:aa:e4:97:78:74:
ac:5c:da:97:9a:a7:de:c0:e1:7f:2b:4b:ae:33:58:
14:42:c5:37:01:e0:71:ec:b1:92:d7:8f:47:51:b9:
59:a0:2e:12:d1:a7:5c:92:7f:de:85:a9:10:40:db:
af:12:81:2f:1e:5e:89:12:ce:7e:4a:ba:88:6f:bf:
cb:90:89:a9:21:5a:80:ec:c0:e0:8e:ae:42:9f:67:
49:4b:4c:51:0b:c4:3c:37:db:ab:78:ef:3c:ae:b4:
01:e1:ee:84:6a:ef:ce:cd:39:eb:3c:c3:fc:ce:33:
e1:88:5a:b2:f7:7e:1b:8a:56:be:8b:7c:28:cd:19:
9e:dd:69:f8:57:23:8f:98:b0:40:33:22:c6:97:0c:
b8:d6:70:45:c4:fd:35:bb:f3:1d:e6:18:59:b3:32:
36:85:0f:e8:85:6f:5e:0e:f8:19:51:b6:c6:e0:45:
d2:a5:c7:f4:45:f5:9e:a9:ea:4d:66:c8:0c:48:31:
16:c8:d6:50:f4:a5:ce:ef:84:62:98:d1:23:ab:48:
8a:8d:f0:f0:36:9e:e2:35:08:70:90:3d:03:8d:f5:
72:a7:eb:5a:c7:fc:89:4e:59:95:73:f2:65:09:5c:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1D:D2:09:9C:70:06:51:3B:15:A7:37:06:FE:37:B5:6E:5A:BB:53
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/oR3SCZxwBlE7Fac3Bv43tW5au1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.148.232.0/22
Signature Algorithm: sha256WithRSAEncryption
68:1c:43:f6:1c:c9:83:20:05:ad:dc:81:8d:27:01:3c:b6:95:
9c:06:d0:18:e0:3c:91:70:89:9e:55:dd:38:e7:3e:1b:7c:19:
a2:f8:cd:c9:7c:a0:4d:97:30:48:89:55:d5:06:f7:6b:20:8d:
ad:83:00:2c:e7:05:ea:b4:de:7e:ec:9c:cb:34:be:cc:50:04:
11:3f:38:96:35:fc:c7:9e:18:d3:95:f7:20:52:1c:31:c6:33:
ab:16:6f:20:9e:11:6d:26:aa:03:53:e1:56:97:18:23:9f:fe:
6a:b1:c7:80:9f:42:0c:1f:6c:fc:35:0a:9c:d4:38:c8:97:42:
7d:61:b9:f3:28:91:bf:20:60:ad:54:8b:59:56:fe:7a:48:44:
ce:6c:27:a2:0f:de:ce:5f:bb:f7:a7:f3:42:f3:d4:b0:f3:b3:
f4:49:38:94:34:c3:1d:76:8c:eb:97:d1:52:06:c2:f6:a0:75:
29:70:b1:6c:d4:75:bf:8c:8c:bb:c0:d2:2d:5f:0f:09:3b:fe:
6e:9e:91:1c:4a:05:17:8a:a6:b0:87:6b:da:d6:0e:2a:80:f7:
9b:0f:1b:7c:9b:bf:15:53:da:c9:1a:c0:c6:33:8b:6f:dd:61:
6b:eb:e1:ec:44:55:08:8d:a7:97:b5:f8:4e:00:e3:d4:d2:e7:
60:41:33:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG0PpzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjQ4Y2YxNDZiNGM3M2QyNzQwOTZkNzA1NzA4ZDI0YjcyOTMyOWY4MB4XDTIyMDEw
MTEwNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTExZGQyMDk5Yzcw
MDY1MTNiMTVhNzM3MDZmZTM3YjU2ZTVhYmI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKBexllHLcjde+A0KC+I43WL079kM5BFKrkl3h0rFzal5qn
3sDhfytLrjNYFELFNwHgceyxktePR1G5WaAuEtGnXJJ/3oWpEEDbrxKBLx5eiRLO
fkq6iG+/y5CJqSFagOzA4I6uQp9nSUtMUQvEPDfbq3jvPK60AeHuhGrvzs056zzD
/M4z4Yhasvd+G4pWvot8KM0Znt1p+Fcjj5iwQDMixpcMuNZwRcT9NbvzHeYYWbMy
NoUP6IVvXg74GVG2xuBF0qXH9EX1nqnqTWbIDEgxFsjWUPSlzu+EYpjRI6tIio3w
8Dae4jUIcJA9A431cqfrWsf8iU5ZlXPyZQlctcECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShHdIJnHAGUTsVpzcG/je1blq7UzAfBgNVHSMEGDAWgBRLSM8Ua0xz0nQJ
bXBXCNJLcpMp+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MwalBGR3RNYzlKMENXMXdWd2pTUzNLVEtmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvM2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8x
L29SM1NDWnh3QmxFN0ZhYzNCdjQzdFc1YXUxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
M2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8xL1MwalBGR3RNYzlK
MENXMXdWd2pTUzNLVEtmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAluU6DANBgkqhkiG9w0BAQsFAAOC
AQEAaBxD9hzJgyAFrdyBjScBPLaVnAbQGOA8kXCJnlXdOOc+G3wZovjNyXygTZcw
SIlV1Qb3ayCNrYMALOcF6rTefuycyzS+zFAEET84ljX8x54Y05X3IFIcMcYzqxZv
IJ4RbSaqA1PhVpcYI5/+arHHgJ9CDB9s/DUKnNQ4yJdCfWG58yiRvyBgrVSLWVb+
ekhEzmwnog/ezl+796fzQvPUsPOz9Ek4lDTDHXaM65fRUgbC9qB1KXCxbNR1v4yM
u8DSLV8PCTv+bp6RHEoFF4qmsIdr2tYOKoD3mw8bfJu/FVPayRrAxjOLb91ha+vh
7ERVCI2nl7X4TgDj1NLnYEEznA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:47:19 2025 by rpki-client