Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/oEgjWC0QkSZJaEBLShvPG02S4FI.roa
File: oEgjWC0QkSZJaEBLShvPG02S4FI.roa (raw, json)
Hash identifier: bOD8yQ4c2rcQ++hI2lv3b328mOasuwYBUKpi+dd40D8=
Subject key identifier: A0:48:23:58:2D:10:91:26:49:68:40:4B:4A:1B:CF:1B:4D:92:E0:52
Certificate issuer: /CN=169ea0275c765e17603eb59eef39e2fab5380ef0
Certificate serial: 0184AF77BEE4E8E5975A5454506CCED80AD0
Authority key identifier: 16:9E:A0:27:5C:76:5E:17:60:3E:B5:9E:EF:39:E2:FA:B5:38:0E:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fp6gJ1x2XhdgPrWe7zni-rU4DvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/oEgjWC0QkSZJaEBLShvPG02S4FI.roa
Signing time: Fri 25 Nov 2022 15:46:11 +0000
ROA not before: Fri 25 Nov 2022 15:46:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44309
IP address blocks: 91.201.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:77:be:e4:e8:e5:97:5a:54:54:50:6c:ce:d8:0a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169ea0275c765e17603eb59eef39e2fab5380ef0
Validity
Not Before: Nov 25 15:46:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a04823582d1091264968404b4a1bcf1b4d92e052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:59:ba:01:6f:72:40:36:30:19:cc:4e:b3:6d:
67:fa:20:46:c9:00:29:a0:f9:76:49:55:03:9f:7f:
8e:7b:ae:3c:4d:b7:a2:98:88:e1:72:a6:1f:ec:9e:
6c:d5:4e:0c:84:25:84:b0:a8:39:12:16:9f:7f:41:
39:a3:a3:c0:8c:11:9b:fe:32:c1:b4:10:ee:70:2c:
a2:9a:88:db:aa:eb:4e:c6:a3:74:90:fc:87:f1:91:
a9:08:d9:e7:87:11:c6:fa:a4:77:ae:66:cc:40:9e:
52:a4:62:c2:6d:95:e0:cc:71:2f:55:9d:9c:bb:ac:
16:ad:fb:d0:f9:bc:37:72:f9:c9:7c:b1:44:81:0f:
fb:b0:c9:09:80:a8:fc:70:5e:ef:c2:53:ae:fd:ce:
12:80:53:11:40:83:cc:18:41:ae:c4:d2:22:f2:64:
e6:57:ca:89:0f:b0:96:d0:3f:4c:00:63:60:f9:13:
00:36:ea:0e:6b:3a:e3:4f:32:83:c0:12:65:3e:ae:
54:cc:5e:0a:0e:48:1c:1c:9c:84:5c:eb:ec:99:e6:
7d:6c:0d:52:98:86:2a:a6:86:4d:bc:b8:f1:14:e3:
94:6c:50:a2:f4:a7:ac:ad:c4:57:1f:cb:a4:07:ac:
2c:5e:30:8f:4d:0b:47:38:1c:c2:a8:61:80:5a:12:
fd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:48:23:58:2D:10:91:26:49:68:40:4B:4A:1B:CF:1B:4D:92:E0:52
X509v3 Authority Key Identifier:
keyid:16:9E:A0:27:5C:76:5E:17:60:3E:B5:9E:EF:39:E2:FA:B5:38:0E:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fp6gJ1x2XhdgPrWe7zni-rU4DvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/oEgjWC0QkSZJaEBLShvPG02S4FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/Fp6gJ1x2XhdgPrWe7zni-rU4DvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:61:c7:a9:de:cb:c8:66:e3:5b:e2:f2:c4:c6:42:53:28:0a:
e3:ee:a2:7f:5c:a5:1d:f9:60:e2:68:d5:74:11:fb:42:f9:5b:
17:ab:bd:3f:bb:56:a1:f6:e0:ae:0a:4a:68:ec:bf:b8:31:1a:
90:87:19:df:df:48:47:66:ba:de:e5:14:12:d5:f8:9a:66:0d:
81:70:3b:ff:cc:d0:e2:3d:c9:f5:cf:b9:71:35:1b:ef:64:b3:
6c:ba:59:65:bc:5b:c4:71:48:4e:a8:22:0b:a4:0c:44:e1:ec:
f5:9f:f4:81:56:61:85:8c:5e:6c:ec:9a:78:43:12:2f:d6:6a:
84:5e:15:3c:ee:3a:7b:0f:45:8b:41:0c:a5:86:c2:02:bd:38:
58:83:bf:98:20:76:b9:f9:dc:0b:f5:96:8b:0e:b2:12:fb:03:
f0:11:6a:7c:5e:ed:6d:fe:9b:bc:28:f7:87:57:55:4b:36:9b:
1a:d3:b2:94:2c:0c:d2:36:a7:d0:e6:ee:fb:02:c0:c8:65:99:
43:5f:5b:dd:bc:b0:16:e8:31:28:e5:07:1b:6e:51:b7:b4:5a:
72:dc:75:50:ee:18:be:f8:91:81:4e:9c:38:18:1a:a9:34:2f:
82:2f:b8:d8:e9:da:6d:8a:39:59:ba:8c:77:5f:d0:70:71:6c:
bb:e2:d8:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSvd77k6OWXWlRUUGzO2ArQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OWVhMDI3NWM3NjVlMTc2MDNlYjU5ZWVmMzllMmZhYjUz
ODBlZjAwHhcNMjIxMTI1MTU0NjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ4MjM1ODJkMTA5MTI2NDk2ODQwNGI0YTFiY2YxYjRkOTJlMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFm6AW9yQDYwGcxOs21n+iBGyQAp
oPl2SVUDn3+Oe648TbeimIjhcqYf7J5s1U4MhCWEsKg5Ehaff0E5o6PAjBGb/jLB
tBDucCyimojbqutOxqN0kPyH8ZGpCNnnhxHG+qR3rmbMQJ5SpGLCbZXgzHEvVZ2c
u6wWrfvQ+bw3cvnJfLFEgQ/7sMkJgKj8cF7vwlOu/c4SgFMRQIPMGEGuxNIi8mTm
V8qJD7CW0D9MAGNg+RMANuoOazrjTzKDwBJlPq5UzF4KDkgcHJyEXOvsmeZ9bA1S
mIYqpoZNvLjxFOOUbFCi9KesrcRXH8ukB6wsXjCPTQtHOBzCqGGAWhL9FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBII1gtEJEmSWhAS0obzxtNkuBSMB8GA1UdIwQY
MBaAFBaeoCdcdl4XYD61nu854vq1OA7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnA2Z0oxeDJYaGRnUHJXZTd6bmktclU0RHZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YTU0ZmQtYmJlYS00MTVhLWI5Njkt
ZDY5ZWY0MjJjMTY3LzEvb0VnaldDMFFrU1pKYUVCTFNodlBHMDJTNEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YTU0ZmQtYmJlYS00MTVhLWI5NjktZDY5ZWY0MjJjMTY3
LzEvRnA2Z0oxeDJYaGRnUHJXZTd6bmktclU0RHZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8msMA0G
CSqGSIb3DQEBCwUAA4IBAQBcYcep3svIZuNb4vLExkJTKArj7qJ/XKUd+WDiaNV0
EftC+VsXq70/u1ah9uCuCkpo7L+4MRqQhxnf30hHZrre5RQS1fiaZg2BcDv/zNDi
Pcn1z7lxNRvvZLNsulllvFvEcUhOqCILpAxE4ez1n/SBVmGFjF5s7Jp4QxIv1mqE
XhU87jp7D0WLQQylhsICvThYg7+YIHa5+dwL9ZaLDrIS+wPwEWp8Xu1t/pu8KPeH
V1VLNpsa07KULAzSNqfQ5u77AsDIZZlDX1vdvLAW6DEo5QcbblG3tFpy3HVQ7hi+
+JGBTpw4GBqpNC+CL7jY6dptijlZuox3X9BwcWy74tis
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:16 2025 by rpki-client