Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e26cea-f660-48a3-862f-90501abf5391/1/4VZpxryNCSo4MqaXfDxgL_aij-s.roa
File: 4VZpxryNCSo4MqaXfDxgL_aij-s.roa (raw, json)
Hash identifier: 2lEIW5YBQx8H0H+h5WyUjTxfJNzM4/R4ehPdAUrcxUQ=
Subject key identifier: E1:56:69:C6:BC:8D:09:2A:38:32:A6:97:7C:3C:60:2F:F6:A2:8F:EB
Certificate issuer: /CN=fb01ffd7da5ee450fcb1a656abfc6e0b1b21c365
Certificate serial: 01857230F46BD97F607F6B370B016783C0A9
Authority key identifier: FB:01:FF:D7:DA:5E:E4:50:FC:B1:A6:56:AB:FC:6E:0B:1B:21:C3:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wH_19pe5FD8saZWq_xuCxshw2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e26cea-f660-48a3-862f-90501abf5391/1/4VZpxryNCSo4MqaXfDxgL_aij-s.roa
Signing time: Mon 02 Jan 2023 11:14:48 +0000
ROA not before: Mon 02 Jan 2023 11:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207027
IP address blocks: 91.227.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:f4:6b:d9:7f:60:7f:6b:37:0b:01:67:83:c0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb01ffd7da5ee450fcb1a656abfc6e0b1b21c365
Validity
Not Before: Jan 2 11:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e15669c6bc8d092a3832a6977c3c602ff6a28feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:26:78:d2:9f:70:2f:d6:af:5d:45:da:86:64:
43:80:9c:73:2b:e7:66:6a:71:2e:2c:51:3f:03:84:
84:77:0d:59:f7:39:78:49:54:57:95:d1:e3:b6:6c:
d5:8d:1d:f1:e9:30:7b:d3:36:90:da:0e:fd:19:f6:
fc:99:a9:a1:90:60:94:ff:52:01:b5:50:23:6a:aa:
f6:ba:a8:f9:d4:da:f7:f1:db:76:99:6b:5d:5b:ae:
a1:3d:2a:3d:67:56:33:1c:c8:f1:82:21:e9:f4:48:
33:f4:b6:00:6c:00:be:f0:3f:5e:a7:59:af:f8:18:
6a:13:2b:62:06:9c:08:42:ce:b8:09:e2:45:06:a2:
49:ec:f6:0b:33:52:2c:7b:99:81:5b:6e:1a:df:fe:
6d:b0:4a:81:80:55:3e:6b:79:94:12:f8:52:07:62:
33:34:7a:8c:43:fb:83:07:f0:b2:b7:45:88:d7:bd:
c5:5d:60:36:81:e7:36:b6:00:eb:dd:45:a7:a5:fe:
57:71:ad:1b:d8:62:3b:d7:fd:fd:19:b8:b1:60:62:
3c:e3:8f:6e:23:a5:98:de:d6:85:6d:c1:5a:69:82:
d3:9d:17:c6:24:17:8d:84:84:32:5b:5f:ce:85:19:
5d:ef:90:41:c2:9d:34:5d:9d:a7:e6:55:cf:47:78:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:56:69:C6:BC:8D:09:2A:38:32:A6:97:7C:3C:60:2F:F6:A2:8F:EB
X509v3 Authority Key Identifier:
keyid:FB:01:FF:D7:DA:5E:E4:50:FC:B1:A6:56:AB:FC:6E:0B:1B:21:C3:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wH_19pe5FD8saZWq_xuCxshw2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e26cea-f660-48a3-862f-90501abf5391/1/4VZpxryNCSo4MqaXfDxgL_aij-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e26cea-f660-48a3-862f-90501abf5391/1/1-wH_19pe5FD8saZWq_xuCxshw2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.16.0/22
Signature Algorithm: sha256WithRSAEncryption
22:ce:36:22:dc:75:b6:02:a8:14:04:3e:e3:55:16:17:57:a5:
83:17:9b:61:60:9c:60:ed:17:fd:81:aa:bf:a1:61:c5:bd:80:
29:f1:6f:df:6c:57:e3:bb:01:9b:9f:65:bc:6d:79:b7:aa:b1:
e5:f3:c6:d2:5d:ff:90:b0:52:18:3e:d7:63:8a:53:3e:f6:aa:
13:62:ca:31:15:b9:7e:78:17:5f:34:4e:2e:6c:0e:bc:aa:b1:
61:81:b5:34:64:d1:e0:62:c2:f1:12:36:60:eb:8b:96:7a:8a:
76:29:c5:fb:b0:d4:5d:f3:27:d8:e2:af:3f:12:20:3f:c3:20:
6d:cc:58:a3:ac:6b:3b:f2:d2:a2:de:b1:57:ea:43:f3:91:b6:
3b:e3:1c:e5:98:f0:d4:f8:ec:85:76:5c:0c:1c:80:69:2d:c0:
7e:7c:4c:a6:ef:b4:35:70:75:70:5f:d8:41:83:d7:e3:90:07:
ad:f3:b4:23:fa:11:94:87:4a:42:81:e1:db:36:08:f9:48:2f:
12:42:70:76:be:a3:d1:1b:db:94:7c:2f:b8:79:89:d0:38:fc:
5a:31:f9:f6:dd:a3:30:10:c1:07:af:40:ac:24:ab:be:cc:af:
48:71:f9:4b:0a:3e:b5:28:31:80:47:c2:4b:6f:42:ba:60:31:
2d:9f:6a:fe
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVyMPRr2X9gf2s3CwFng8CpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDFmZmQ3ZGE1ZWU0NTBmY2IxYTY1NmFiZmM2ZTBiMWIy
MWMzNjUwHhcNMjMwMTAyMTExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU2NjljNmJjOGQwOTJhMzgzMmE2OTc3YzNjNjAyZmY2YTI4ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSZ40p9wL9avXUXahmRDgJxzK+dm
anEuLFE/A4SEdw1Z9zl4SVRXldHjtmzVjR3x6TB70zaQ2g79Gfb8mamhkGCU/1IB
tVAjaqr2uqj51Nr38dt2mWtdW66hPSo9Z1YzHMjxgiHp9Egz9LYAbAC+8D9ep1mv
+BhqEytiBpwIQs64CeJFBqJJ7PYLM1Ise5mBW24a3/5tsEqBgFU+a3mUEvhSB2Iz
NHqMQ/uDB/Cyt0WI173FXWA2gec2tgDr3UWnpf5Xca0b2GI71/39GbixYGI8449u
I6WY3taFbcFaaYLTnRfGJBeNhIQyW1/OhRld75BBwp00XZ2n5lXPR3gYYwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOFWaca8jQkqODKml3w8YC/2oo/rMB8GA1UdIwQY
MBaAFPsB/9faXuRQ/LGmVqv8bgsbIcNlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13SF8xOXBlNUZEOHNhWldxX3h1Q3hzaHcyVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvZTI2Y2VhLWY2NjAtNDhhMy04NjJm
LTkwNTAxYWJmNTM5MS8xLzRWWnB4cnlOQ1NvNE1xYVhmRHhnTF9haWotcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvZTI2Y2VhLWY2NjAtNDhhMy04NjJmLTkwNTAxYWJmNTM5
MS8xLzEtd0hfMTlwZTVGRDhzYVpXcV94dUN4c2h3MlUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJb4xAw
DQYJKoZIhvcNAQELBQADggEBACLONiLcdbYCqBQEPuNVFhdXpYMXm2FgnGDtF/2B
qr+hYcW9gCnxb99sV+O7AZufZbxtebeqseXzxtJd/5CwUhg+12OKUz72qhNiyjEV
uX54F180Ti5sDryqsWGBtTRk0eBiwvESNmDri5Z6inYpxfuw1F3zJ9jirz8SID/D
IG3MWKOsazvy0qLesVfqQ/ORtjvjHOWY8NT47IV2XAwcgGktwH58TKbvtDVwdXBf
2EGD1+OQB63ztCP6EZSHSkKB4ds2CPlILxJCcHa+o9Eb25R8L7h5idA4/Fox+fbd
ozAQwQevQKwkq77Mr0hx+UsKPrUoMYBHwktvQrpgMS2fav4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:08 2025 by rpki-client