Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/as5rvGgjdgAf323USLPPYHAwV0Y.roa
File: as5rvGgjdgAf323USLPPYHAwV0Y.roa (raw, json)
Hash identifier: w6whBeR866K61r9o2vyiru0isaDuEfe0d5FoaKn49/M=
Subject key identifier: 6A:CE:6B:BC:68:23:76:00:1F:DF:6D:D4:48:B3:CF:60:70:30:57:46
Certificate issuer: /CN=762c60af4d73725845ceaf0b7b585e7757066965
Certificate serial: 0A842547
Authority key identifier: 76:2C:60:AF:4D:73:72:58:45:CE:AF:0B:7B:58:5E:77:57:06:69:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/as5rvGgjdgAf323USLPPYHAwV0Y.roa
Signing time: Sat 01 Jan 2022 00:57:26 +0000
ROA not before: Sat 01 Jan 2022 00:57:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39402
IP address blocks: 91.240.83.0/24 maxlen: 24
91.240.80.0/24 maxlen: 24
91.240.80.0/22 maxlen: 22
91.240.81.0/24 maxlen: 24
91.240.82.0/24 maxlen: 24
194.246.91.0/24 maxlen: 24
194.246.88.0/24 maxlen: 24
194.246.88.0/22 maxlen: 22
194.246.89.0/24 maxlen: 24
194.246.90.0/24 maxlen: 24
2a0d:e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176432455 (0xa842547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762c60af4d73725845ceaf0b7b585e7757066965
Validity
Not Before: Jan 1 00:57:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ace6bbc682376001fdf6dd448b3cf6070305746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a0:d8:2d:24:56:30:61:fb:27:2d:66:a9:cc:
1b:46:69:af:55:61:82:39:76:4d:2e:b0:a6:33:58:
9d:35:29:b8:c1:39:23:06:03:d1:fa:f4:06:24:9c:
23:9a:d6:f1:ef:1c:45:e0:d3:f3:32:06:5c:eb:09:
0c:a8:28:6c:47:86:5b:a8:0b:97:5a:f3:5b:45:1a:
a1:c3:04:68:a9:89:c2:56:94:11:12:4c:d5:78:d1:
e6:d4:30:60:ae:22:a8:dd:51:d0:c0:5e:f1:91:9f:
be:cc:81:d2:b6:57:c9:da:59:ee:eb:e0:1b:27:43:
d8:eb:84:98:23:80:0e:fe:aa:83:d3:2d:8b:f2:a9:
89:1a:5d:48:43:0f:a9:c2:6f:73:f9:ab:c9:d6:ff:
ac:eb:07:cc:6a:9f:63:c2:43:31:30:4b:5d:88:b0:
a7:a4:96:1c:fb:6a:10:db:1e:3d:ba:78:1d:46:14:
2a:25:f6:d9:0a:ad:b7:42:ae:97:08:86:0f:cf:5f:
42:fa:4d:40:49:75:72:b1:75:4a:7e:89:25:bc:03:
59:ed:17:5c:c4:33:24:83:8a:a0:01:1b:6f:4b:5d:
2b:3e:4d:16:23:73:29:50:9b:db:5e:68:d3:d2:d1:
e7:d5:06:f6:1b:23:b8:44:c4:fc:58:16:35:66:20:
b1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CE:6B:BC:68:23:76:00:1F:DF:6D:D4:48:B3:CF:60:70:30:57:46
X509v3 Authority Key Identifier:
keyid:76:2C:60:AF:4D:73:72:58:45:CE:AF:0B:7B:58:5E:77:57:06:69:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/as5rvGgjdgAf323USLPPYHAwV0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.80.0/22
194.246.88.0/22
IPv6:
2a0d:e40::/29
Signature Algorithm: sha256WithRSAEncryption
a5:a8:86:28:4d:90:f6:92:1b:23:72:97:02:ad:c9:da:6a:20:
72:66:a2:b2:47:18:59:55:bf:00:b4:89:2d:8d:7d:37:21:1e:
a2:07:f0:0c:6f:d6:37:a8:47:04:99:39:cb:ce:66:46:a0:e6:
e9:d6:4b:fb:eb:c3:77:20:25:31:b5:ca:70:d6:65:1d:a5:cd:
13:89:8c:62:47:a1:3a:7a:d0:65:5e:00:dc:fd:5f:ac:ef:27:
19:f8:f0:d4:31:d8:52:19:9f:e7:38:1e:be:c8:23:ab:07:6b:
73:66:d1:a0:da:80:35:d8:14:ed:78:96:20:b0:e3:dc:c9:49:
da:af:40:08:46:72:84:e9:ed:10:24:a5:ce:7d:d0:37:3a:41:
bc:b6:44:3e:aa:ef:24:cb:e3:3d:97:fc:7e:30:50:2f:d1:8b:
0b:08:5e:54:71:87:de:77:6d:13:2e:79:6d:10:79:1a:1e:12:
19:56:95:b0:16:35:c6:7c:49:53:5a:65:5b:34:d1:37:6d:ef:
5b:95:7e:a2:d7:34:68:28:15:0d:f6:91:70:2a:17:d0:af:4a:
46:72:4b:99:63:d5:b3:ca:46:92:2c:3d:78:b1:dc:1d:52:c1:
78:2b:11:c2:9f:58:d2:4a:b6:56:06:93:76:09:32:ec:75:b0:
d9:d5:3a:65
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECoQlRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjJjNjBhZjRkNzM3MjU4NDVjZWFmMGI3YjU4NWU3NzU3MDY2OTY1MB4XDTIyMDEw
MTAwNTcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFjZTZiYmM2ODIz
NzYwMDFmZGY2ZGQ0NDhiM2NmNjA3MDMwNTc0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPqg2C0kVjBh+yctZqnMG0Zpr1Vhgjl2TS6wpjNYnTUpuME5
IwYD0fr0BiScI5rW8e8cReDT8zIGXOsJDKgobEeGW6gLl1rzW0UaocMEaKmJwlaU
ERJM1XjR5tQwYK4iqN1R0MBe8ZGfvsyB0rZXydpZ7uvgGydD2OuEmCOADv6qg9Mt
i/KpiRpdSEMPqcJvc/mrydb/rOsHzGqfY8JDMTBLXYiwp6SWHPtqENsePbp4HUYU
KiX22Qqtt0KulwiGD89fQvpNQEl1crF1Sn6JJbwDWe0XXMQzJIOKoAEbb0tdKz5N
FiNzKVCb215o09LR59UG9hsjuETE/FgWNWYgsSECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRqzmu8aCN2AB/fbdRIs89gcDBXRjAfBgNVHSMEGDAWgBR2LGCvTXNyWEXO
rwt7WF53VwZpZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RpeGdyMDF6Y2xoRnpxOExlMWhlZDFjR2FXVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvZTZhMDJlLTAxNDYtNDRhNi05ZGZjLWQ0MjA5ZmM3ZjNjOS8x
L2FzNXJ2R2dqZGdBZjMyM1VTTFBQWUhBd1YwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
ZTZhMDJlLTAxNDYtNDRhNi05ZGZjLWQ0MjA5ZmM3ZjNjOS8xL2RpeGdyMDF6Y2xo
RnpxOExlMWhlZDFjR2FXVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvwUAMEAsL2WDANBAIAAjAHAwUD
Kg0OQDANBgkqhkiG9w0BAQsFAAOCAQEApaiGKE2Q9pIbI3KXAq3J2mogcmaiskcY
WVW/ALSJLY19NyEeogfwDG/WN6hHBJk5y85mRqDm6dZL++vDdyAlMbXKcNZlHaXN
E4mMYkehOnrQZV4A3P1frO8nGfjw1DHYUhmf5zgevsgjqwdrc2bRoNqANdgU7XiW
ILDj3MlJ2q9ACEZyhOntECSlzn3QNzpBvLZEPqrvJMvjPZf8fjBQL9GLCwheVHGH
3ndtEy55bRB5Gh4SGVaVsBY1xnxJU1plWzTRN23vW5V+otc0aCgVDfaRcCoX0K9K
RnJLmWPVs8pGkiw9eLHcHVLBeCsRwp9Y0kq2VgaTdgky7HWw2dU6ZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:57 2025 by rpki-client