Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/IiiCgAX1KLI_VJp-dy3Stm5eVPY.roa
File: IiiCgAX1KLI_VJp-dy3Stm5eVPY.roa (raw, json)
Hash identifier: A2yBhv1mNfnq6VxP5Q1qG9ijfEN4ieQiUCTBr43sklY=
Subject key identifier: 22:28:82:80:05:F5:28:B2:3F:54:9A:7E:77:2D:D2:B6:6E:5E:54:F6
Certificate issuer: /CN=9be4717112fec119f6cfcace7cc4434fb47df8f5
Certificate serial: 02596CCA
Authority key identifier: 9B:E4:71:71:12:FE:C1:19:F6:CF:CA:CE:7C:C4:43:4F:B4:7D:F8:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-RxcRL-wRn2z8rOfMRDT7R9-PU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/IiiCgAX1KLI_VJp-dy3Stm5eVPY.roa
Signing time: Sat 01 Jan 2022 03:52:50 +0000
ROA not before: Sat 01 Jan 2022 03:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60509
IP address blocks: 91.240.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39414986 (0x2596cca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be4717112fec119f6cfcace7cc4434fb47df8f5
Validity
Not Before: Jan 1 03:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2228828005f528b23f549a7e772dd2b66e5e54f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7e:d1:a5:5e:65:9c:7d:00:2f:dc:42:e6:f1:
73:3d:40:a8:2d:52:1c:e1:89:e6:29:42:66:1f:5c:
da:3f:a6:89:0c:7f:31:21:09:41:8a:81:8e:10:81:
cc:9b:3c:e4:fc:53:0a:51:25:13:bf:b1:10:eb:ac:
27:68:1f:25:d7:49:92:bd:b2:09:dc:c0:7d:55:f9:
c8:1d:27:87:39:8e:b5:40:e8:f8:1b:a8:b0:b0:8f:
18:94:0a:43:e0:75:49:23:df:8f:5d:f0:29:96:f6:
7b:96:53:67:ce:b5:e6:f6:00:75:92:c5:93:d1:22:
97:cd:11:00:ba:92:35:8f:e2:58:27:ac:1b:1a:0c:
5a:dc:b5:54:35:b6:c0:51:65:b0:0e:f0:95:7e:1f:
ef:d8:08:e6:bc:a7:15:2a:b8:8f:ea:dc:24:dc:1b:
b0:26:e6:2d:b3:31:04:81:65:04:38:35:fb:55:a6:
a7:fb:3f:da:f0:6a:e8:30:68:60:c8:e4:da:0d:ff:
1d:ef:30:44:43:97:7e:6b:9e:5c:21:49:87:97:33:
a2:0f:3f:7c:83:3c:cb:c6:a3:88:1c:f7:9e:a8:36:
c6:c8:3a:f6:65:e8:16:0f:c5:25:0b:99:8c:a1:8c:
50:54:af:17:39:07:71:9a:3e:3e:9f:ea:3d:2e:c7:
c0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:28:82:80:05:F5:28:B2:3F:54:9A:7E:77:2D:D2:B6:6E:5E:54:F6
X509v3 Authority Key Identifier:
keyid:9B:E4:71:71:12:FE:C1:19:F6:CF:CA:CE:7C:C4:43:4F:B4:7D:F8:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-RxcRL-wRn2z8rOfMRDT7R9-PU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/IiiCgAX1KLI_VJp-dy3Stm5eVPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/m-RxcRL-wRn2z8rOfMRDT7R9-PU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.4.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:aa:fe:91:b3:4b:d2:0b:23:2d:01:75:97:26:5f:03:cc:50:
ba:3c:df:b1:3c:1f:14:b2:5e:3f:a8:d6:54:47:3b:08:bd:4d:
1a:9f:4a:86:78:3f:e6:e7:49:af:12:31:b3:07:16:03:8e:3f:
1a:da:78:b1:1d:1e:d1:fe:09:c6:4e:62:79:90:db:45:1c:28:
49:9c:8d:f0:ee:e3:e4:81:d4:ba:db:56:83:fd:c6:71:d7:58:
91:19:50:d1:3c:a3:66:7f:47:ec:1e:d0:fc:3b:11:17:3f:5e:
73:81:3d:d3:bb:7c:f3:22:17:2a:35:91:9f:8f:34:92:47:27:
b2:aa:99:97:67:ab:4c:50:55:a3:60:e5:88:27:af:2e:11:bd:
d7:25:78:17:38:bb:b2:bb:4a:23:21:ad:c0:2f:33:49:66:81:
dc:e3:ac:d9:1f:6b:d5:ec:c6:47:b5:50:44:9c:22:75:c7:ea:
b2:da:e7:04:b2:29:63:0c:26:65:d3:b2:f0:bf:47:47:fa:8f:
7b:d5:60:bd:f5:04:ff:84:2b:eb:d8:04:b4:72:47:a7:ac:9a:
cf:75:fe:ed:d3:c5:5e:7d:c7:19:ae:fe:25:94:e9:f1:00:83:
12:c5:63:fb:98:05:76:67:9b:3f:fe:54:33:d2:54:f8:df:e7:
42:41:63:16
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAllsyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmU0NzE3MTEyZmVjMTE5ZjZjZmNhY2U3Y2M0NDM0ZmI0N2RmOGY1MB4XDTIyMDEw
MTAzNTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIyODgyODAwNWY1
MjhiMjNmNTQ5YTdlNzcyZGQyYjY2ZTVlNTRmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPh+0aVeZZx9AC/cQubxcz1AqC1SHOGJ5ilCZh9c2j+miQx/
MSEJQYqBjhCBzJs85PxTClElE7+xEOusJ2gfJddJkr2yCdzAfVX5yB0nhzmOtUDo
+BuosLCPGJQKQ+B1SSPfj13wKZb2e5ZTZ8615vYAdZLFk9Eil80RALqSNY/iWCes
GxoMWty1VDW2wFFlsA7wlX4f79gI5rynFSq4j+rcJNwbsCbmLbMxBIFlBDg1+1Wm
p/s/2vBq6DBoYMjk2g3/He8wREOXfmueXCFJh5czog8/fIM8y8ajiBz3nqg2xsg6
9mXoFg/FJQuZjKGMUFSvFzkHcZo+Pp/qPS7HwCkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQiKIKABfUosj9Umn53LdK2bl5U9jAfBgNVHSMEGDAWgBSb5HFxEv7BGfbP
ys58xENPtH349TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20tUnhjUkwtd1JuMno4ck9mTVJEVDdSOS1QVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvOTYwNmY2LWRhMDItNGJiOC1iM2U0LWYwM2FjNTliNWE5Ny8x
L0lpaUNnQVgxS0xJX1ZKcC1keTNTdG01ZVZQWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
OTYwNmY2LWRhMDItNGJiOC1iM2U0LWYwM2FjNTliNWE5Ny8xL20tUnhjUkwtd1Ju
Mno4ck9mTVJEVDdSOS1QVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvwBDANBgkqhkiG9w0BAQsFAAOC
AQEAPar+kbNL0gsjLQF1lyZfA8xQujzfsTwfFLJeP6jWVEc7CL1NGp9Khng/5udJ
rxIxswcWA44/Gtp4sR0e0f4Jxk5ieZDbRRwoSZyN8O7j5IHUuttWg/3GcddYkRlQ
0TyjZn9H7B7Q/DsRFz9ec4E907t88yIXKjWRn480kkcnsqqZl2erTFBVo2DliCev
LhG91yV4Fzi7srtKIyGtwC8zSWaB3OOs2R9r1ezGR7VQRJwidcfqstrnBLIpYwwm
ZdOy8L9HR/qPe9VgvfUE/4Qr69gEtHJHp6yaz3X+7dPFXn3HGa7+JZTp8QCDEsVj
+5gFdmebP/5UM9JU+N/nQkFjFg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:11:49 2025 by rpki-client