Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/xlDoIWtidOwH1wwIrUdhmFf-kaE.roa
File: xlDoIWtidOwH1wwIrUdhmFf-kaE.roa (raw, json)
Hash identifier: zzx5YB9czxZZPXg9PGkHoCn2wlo7AadRG7hY3M+akZg=
Subject key identifier: C6:50:E8:21:6B:62:74:EC:07:D7:0C:08:AD:47:61:98:57:FE:91:A1
Certificate issuer: /CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Certificate serial: 12F0BDFA
Authority key identifier: 09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/xlDoIWtidOwH1wwIrUdhmFf-kaE.roa
Signing time: Sat 01 Jan 2022 02:56:04 +0000
ROA not before: Sat 01 Jan 2022 02:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58102
IP address blocks: 91.238.208.0/23 maxlen: 24
2001:67c:106c::/48 maxlen: 48
2001:67c:1048::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317767162 (0x12f0bdfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Validity
Not Before: Jan 1 02:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c650e8216b6274ec07d70c08ad47619857fe91a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4f:e1:9e:82:6a:c0:6d:1f:f3:91:30:0c:8e:
14:70:f0:b1:dc:aa:c9:77:07:7c:9c:b3:3d:74:2c:
10:4d:b9:7e:17:8c:84:d1:60:b7:3e:ff:1c:50:21:
53:bc:5f:29:4e:d7:85:c1:eb:ff:fe:8e:c6:04:a0:
60:8a:73:00:b3:7b:9d:4c:7a:f4:8e:bd:0b:c3:23:
5c:0d:57:51:c1:ae:0a:44:ba:08:3e:7c:82:d8:2d:
45:b3:42:67:8e:af:ea:a1:3a:32:26:1d:13:a4:fd:
a9:d4:a3:4b:da:f7:fd:60:86:7c:9b:5b:21:47:be:
9b:0e:71:4c:01:9e:32:58:35:2b:a8:08:6c:a1:49:
30:f3:87:d6:aa:c8:bc:04:c9:cc:9a:a4:21:cb:b4:
69:2e:15:cf:9b:70:89:7b:c4:97:84:5f:85:37:70:
4f:bd:a4:c4:f8:b5:b0:db:69:4d:16:d2:f7:37:ec:
67:6f:78:72:11:b2:ad:d4:30:5c:cc:bd:40:a7:ed:
f6:33:1a:a5:ea:94:1a:1a:a0:15:cc:69:33:27:2d:
4f:95:e1:c8:37:66:c5:bf:ab:35:f4:7f:8d:d2:e1:
c3:49:d2:39:1d:8b:7e:44:74:37:27:d4:65:9a:50:
b8:f5:8d:75:31:29:1d:ef:0a:84:f9:03:59:83:64:
59:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:50:E8:21:6B:62:74:EC:07:D7:0C:08:AD:47:61:98:57:FE:91:A1
X509v3 Authority Key Identifier:
keyid:09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/xlDoIWtidOwH1wwIrUdhmFf-kaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/CVeyPIN5W8NcMLwTZaMP3zN1rIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.208.0/23
IPv6:
2001:67c:1048::/48
2001:67c:106c::/48
Signature Algorithm: sha256WithRSAEncryption
5a:fd:6b:5e:23:9a:a2:1c:71:3f:5d:73:2f:3f:04:b2:b5:91:
e6:87:2f:2f:70:3c:ba:ee:4d:b8:bd:e7:7f:44:32:28:d7:4c:
d0:42:1a:7b:c2:2e:04:34:02:96:c8:46:66:6f:b0:64:7a:61:
2e:76:a4:06:2f:38:fc:c4:11:56:22:e8:69:9c:02:ad:5b:dc:
86:59:a9:7a:e9:e9:59:5b:42:06:f5:fc:4e:77:d6:cc:e8:88:
3a:84:bb:9e:1d:33:7e:59:25:c2:55:24:2e:11:a7:52:67:a8:
bf:3b:22:61:8e:cf:ad:26:eb:25:3b:8e:34:5a:5c:73:ae:b5:
df:f0:72:6e:32:46:83:b6:6a:0b:ba:48:20:63:86:de:3d:ce:
41:54:d4:bd:94:4a:ed:7e:47:1b:f5:fd:17:a7:83:bc:03:25:
10:0b:50:17:b5:7d:47:11:2f:d7:1d:83:ef:a0:ff:7c:95:ae:
51:e4:b5:0f:5c:f5:eb:5a:5d:cc:f1:3c:da:e7:77:71:61:cd:
dc:92:99:37:82:db:c1:20:1a:a1:5c:b6:c4:93:a4:ec:aa:f6:
e2:57:32:c7:16:e2:b7:a4:05:77:b7:a0:72:f7:96:bf:6b:d2:
f1:a4:d1:92:75:2f:c7:c3:95:b8:03:59:f5:7c:53:12:4a:ab:
b8:4a:5e:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEEvC9+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTU3YjIzYzgzNzk1YmMzNWMzMGJjMTM2NWEzMGZkZjMzNzVhYzg5MB4XDTIyMDEw
MTAyNTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY1MGU4MjE2YjYy
NzRlYzA3ZDcwYzA4YWQ0NzYxOTg1N2ZlOTFhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpP4Z6CasBtH/ORMAyOFHDwsdyqyXcHfJyzPXQsEE25fheM
hNFgtz7/HFAhU7xfKU7XhcHr//6OxgSgYIpzALN7nUx69I69C8MjXA1XUcGuCkS6
CD58gtgtRbNCZ46v6qE6MiYdE6T9qdSjS9r3/WCGfJtbIUe+mw5xTAGeMlg1K6gI
bKFJMPOH1qrIvATJzJqkIcu0aS4Vz5twiXvEl4RfhTdwT72kxPi1sNtpTRbS9zfs
Z294chGyrdQwXMy9QKft9jMapeqUGhqgFcxpMyctT5XhyDdmxb+rNfR/jdLhw0nS
OR2LfkR0NyfUZZpQuPWNdTEpHe8KhPkDWYNkWYECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTGUOgha2J07AfXDAitR2GYV/6RoTAfBgNVHSMEGDAWgBQJV7I8g3lbw1ww
vBNlow/fM3WsiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NWZXlQSU41VzhOY01Md1RaYU1QM3pOMXJJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvNjQ5ODRkLWFlOGYtNGNmOS1hM2MzLTFlOTJjN2JkYzU4Mi8x
L3hsRG9JV3RpZE93SDF3d0lyVWRobUZmLWthRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
NjQ5ODRkLWFlOGYtNGNmOS1hM2MzLTFlOTJjN2JkYzU4Mi8xL0NWZXlQSU41VzhO
Y01Md1RaYU1QM3pOMXJJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAVvu0DAYBAIAAjASAwcAIAEGfBBI
AwcAIAEGfBBsMA0GCSqGSIb3DQEBCwUAA4IBAQBa/WteI5qiHHE/XXMvPwSytZHm
hy8vcDy67k24ved/RDIo10zQQhp7wi4ENAKWyEZmb7BkemEudqQGLzj8xBFWIuhp
nAKtW9yGWal66elZW0IG9fxOd9bM6Ig6hLueHTN+WSXCVSQuEadSZ6i/OyJhjs+t
JuslO440WlxzrrXf8HJuMkaDtmoLukggY4bePc5BVNS9lErtfkcb9f0Xp4O8AyUQ
C1AXtX1HES/XHYPvoP98la5R5LUPXPXrWl3M8Tza53dxYc3ckpk3gtvBIBqhXLbE
k6TsqvbiVzLHFuK3pAV3t6By95a/a9LxpNGSdS/Hw5W4A1n1fFMSSqu4Sl5e
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:11 2025 by rpki-client