Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/9SoDMjB_Eo1ZyF_03Id5UimzOT0.roa
File: 9SoDMjB_Eo1ZyF_03Id5UimzOT0.roa (raw, json)
Hash identifier: vnt59dNsmT3UWh6zjeHjeKKI5A9t7wGCKxH6P7rfeVs=
Subject key identifier: F5:2A:03:32:30:7F:12:8D:59:C8:5F:F4:DC:87:79:52:29:B3:39:3D
Certificate issuer: /CN=d3c0d5b106b81a92924ea2bc5139fbb5ee1186dd
Certificate serial: 018571957A5430DBD30371929BEC036C24DF
Authority key identifier: D3:C0:D5:B1:06:B8:1A:92:92:4E:A2:BC:51:39:FB:B5:EE:11:86:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/9SoDMjB_Eo1ZyF_03Id5UimzOT0.roa
Signing time: Mon 02 Jan 2023 08:24:59 +0000
ROA not before: Mon 02 Jan 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57508
IP address blocks: 91.220.110.0/24 maxlen: 24
185.221.232.0/22 maxlen: 22
2001:67c:2aac::/48 maxlen: 48
2a0c:7000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:7a:54:30:db:d3:03:71:92:9b:ec:03:6c:24:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c0d5b106b81a92924ea2bc5139fbb5ee1186dd
Validity
Not Before: Jan 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f52a0332307f128d59c85ff4dc87795229b3393d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:73:6e:e5:d6:af:38:d9:b4:36:fc:f6:86:
54:83:83:64:75:9a:45:6e:0d:34:67:90:47:38:98:
40:61:73:77:8d:ee:01:47:54:0c:2e:03:57:bd:47:
19:08:3a:14:a1:8f:67:70:c4:01:23:fe:cc:2f:18:
10:31:66:44:2d:23:5e:d1:b3:7c:24:5c:b9:4c:da:
2a:6c:9d:20:16:be:08:c1:7f:e0:56:15:aa:91:4d:
58:99:e0:3f:1b:1f:f2:29:e8:7a:02:1c:60:86:b4:
9c:e7:9c:09:31:79:b2:65:e9:2c:ea:d3:cb:a3:52:
f2:21:0b:11:53:a9:f9:38:82:8d:7e:b6:d4:a8:e1:
fb:22:e5:25:c7:1d:92:04:4d:3a:36:02:67:36:27:
b4:ed:86:c3:11:ab:37:19:e4:0b:bf:6b:45:81:d3:
30:92:af:94:c7:2f:6c:5b:db:f1:52:8f:31:aa:83:
04:a5:db:06:8d:13:9e:86:8d:67:4c:53:e1:7b:33:
5c:ff:4c:dc:98:8b:70:0b:14:17:ee:ec:23:e5:c1:
6a:e8:27:2a:52:5f:e6:2c:81:e8:9c:89:e0:fa:b4:
ee:17:df:ec:64:97:2a:4b:b4:0d:de:8f:97:55:12:
5b:a2:7e:2d:89:fc:ca:2e:d0:00:36:54:68:84:87:
41:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2A:03:32:30:7F:12:8D:59:C8:5F:F4:DC:87:79:52:29:B3:39:3D
X509v3 Authority Key Identifier:
keyid:D3:C0:D5:B1:06:B8:1A:92:92:4E:A2:BC:51:39:FB:B5:EE:11:86:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/9SoDMjB_Eo1ZyF_03Id5UimzOT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/08DVsQa4GpKSTqK8UTn7te4Rht0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.110.0/24
185.221.232.0/22
IPv6:
2001:67c:2aac::/48
2a0c:7000::/29
Signature Algorithm: sha256WithRSAEncryption
1c:11:95:3f:9b:4e:f1:04:67:ce:a5:70:62:7d:a1:5b:b7:37:
2a:52:d0:ed:da:b0:ab:13:48:26:4c:41:52:3f:d0:f9:66:24:
9b:91:d1:3a:61:d0:75:fb:4d:2b:18:d6:cb:b8:76:a1:d0:0c:
a7:24:ae:5d:8f:07:45:60:97:4b:71:f8:ea:b8:47:a1:83:ff:
d6:b3:04:52:25:99:24:af:f5:dd:b7:fd:c8:87:4e:b2:83:fc:
f6:50:c9:77:75:57:8f:3c:50:cb:50:e4:5b:59:f5:ee:34:f7:
3c:d0:65:2c:99:77:a7:62:6f:99:f0:4d:81:d6:69:0c:e5:b8:
13:e4:64:62:f3:2a:c6:e7:5f:68:ec:b0:30:ac:66:a1:ea:7f:
02:bd:e8:ba:78:01:79:38:ad:b4:fc:58:f3:44:d2:46:37:27:
11:b6:a2:f4:e2:40:09:f9:cc:b7:fb:94:4f:a2:46:e3:9b:62:
cf:92:19:b7:8e:45:83:bd:00:d4:a8:01:09:2e:33:84:f3:3e:
64:49:72:b0:f4:12:6c:cb:10:a9:75:af:90:f4:f5:49:f8:1d:
43:9e:34:33:ef:9c:2b:26:8e:ae:9a:1c:11:01:81:0d:62:0b:
d8:d7:e6:ee:4b:2e:71:9e:d9:87:b1:be:34:c4:66:ee:7f:6e:
5e:ad:2e:84
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxlXpUMNvTA3GSm+wDbCTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzBkNWIxMDZiODFhOTI5MjRlYTJiYzUxMzlmYmI1ZWUx
MTg2ZGQwHhcNMjMwMTAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJhMDMzMjMwN2YxMjhkNTljODVmZjRkYzg3Nzk1MjI5YjMzOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZFzbuXWrzjZtDb89oZUg4NkdZpF
bg00Z5BHOJhAYXN3je4BR1QMLgNXvUcZCDoUoY9ncMQBI/7MLxgQMWZELSNe0bN8
JFy5TNoqbJ0gFr4IwX/gVhWqkU1YmeA/Gx/yKeh6AhxghrSc55wJMXmyZeks6tPL
o1LyIQsRU6n5OIKNfrbUqOH7IuUlxx2SBE06NgJnNie07YbDEas3GeQLv2tFgdMw
kq+Uxy9sW9vxUo8xqoMEpdsGjROeho1nTFPhezNc/0zcmItwCxQX7uwj5cFq6Ccq
Ul/mLIHonIng+rTuF9/sZJcqS7QN3o+XVRJbon4tifzKLtAANlRohIdBCwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPUqAzIwfxKNWchf9NyHeVIpszk9MB8GA1UdIwQY
MBaAFNPA1bEGuBqSkk6ivFE5+7XuEYbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhEVnNRYTRHcEtTVHFLOFVUbjd0ZTRSaHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8xOWY0ZDQtNWMxZS00MjFmLTlmNTYt
YmM1MTA0YTM4NWUyLzEvOVNvRE1qQl9FbzFaeUZfMDNJZDVVaW16T1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8xOWY0ZDQtNWMxZS00MjFmLTlmNTYtYmM1MTA0YTM4NWUy
LzEvMDhEVnNRYTRHcEtTVHFLOFVUbjd0ZTRSaHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW9xuAwQC
ud3oMBYEAgACMBADBwAgAQZ8KqwDBQMqDHAAMA0GCSqGSIb3DQEBCwUAA4IBAQAc
EZU/m07xBGfOpXBifaFbtzcqUtDt2rCrE0gmTEFSP9D5ZiSbkdE6YdB1+00rGNbL
uHah0AynJK5djwdFYJdLcfjquEehg//WswRSJZkkr/Xdt/3Ih06yg/z2UMl3dVeP
PFDLUORbWfXuNPc80GUsmXenYm+Z8E2B1mkM5bgT5GRi8yrG519o7LAwrGah6n8C
vei6eAF5OK20/FjzRNJGNycRtqL04kAJ+cy3+5RPokbjm2LPkhm3jkWDvQDUqAEJ
LjOE8z5kSXKw9BJsyxCpda+Q9PVJ+B1DnjQz75wrJo6umhwRAYENYgvY1+buSy5x
ntmHsb40xGbuf25erS6E
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:03:52 2025 by rpki-client