Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/1lQkaz0xm4va1GZFJp9tnSLd4xE.roa
File: 1lQkaz0xm4va1GZFJp9tnSLd4xE.roa (raw, json)
Hash identifier: NeN6MoyaeDJf2GFq6Uk0gyabrWyOmbTgpVb15sXLj34=
Subject key identifier: D6:54:24:6B:3D:31:9B:8B:DA:D4:66:45:26:9F:6D:9D:22:DD:E3:11
Certificate issuer: /CN=7879eb9dd62d51afa5012efa1a9d10c66400c445
Certificate serial: 12E43B02
Authority key identifier: 78:79:EB:9D:D6:2D:51:AF:A5:01:2E:FA:1A:9D:10:C6:64:00:C4:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/1lQkaz0xm4va1GZFJp9tnSLd4xE.roa
Signing time: Sat 01 Jan 2022 08:53:37 +0000
ROA not before: Sat 01 Jan 2022 08:53:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199118
IP address blocks: 91.198.250.0/24 maxlen: 24
195.10.208.0/24 maxlen: 24
91.223.20.0/24 maxlen: 24
80.241.56.0/21 maxlen: 24
185.97.172.0/22 maxlen: 24
2001:67c:2050::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316947202 (0x12e43b02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7879eb9dd62d51afa5012efa1a9d10c66400c445
Validity
Not Before: Jan 1 08:53:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d654246b3d319b8bdad46645269f6d9d22dde311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e9:83:b3:da:31:b6:51:83:c1:d3:a8:fa:c1:
30:4b:3d:55:74:48:e8:6b:64:df:7d:ef:ba:b4:da:
b6:ec:b4:ac:0c:37:bc:2e:32:14:36:da:49:81:54:
a3:03:66:a0:f5:9d:26:d8:75:79:a1:0d:e7:d6:27:
cb:c8:3a:c8:03:cb:d4:df:d8:17:20:03:f5:f8:1f:
0b:71:b3:61:79:4e:42:80:29:22:e9:58:43:f5:a8:
e1:93:c9:64:d4:9d:c4:53:67:b1:87:50:9c:83:ee:
54:cb:5a:37:54:b0:b6:01:57:4c:3b:e2:e5:58:92:
14:94:25:34:42:dd:a0:15:d1:97:b0:13:c0:5a:c5:
df:4a:9f:6a:92:ba:e5:29:ef:f5:b0:bf:8d:e1:cd:
8f:23:81:2e:4c:8f:1b:58:6b:7b:35:5b:7b:fd:d1:
71:65:bd:60:71:1f:a7:fc:d5:58:f1:8a:36:23:c3:
17:7d:d8:1f:54:4e:57:9b:7b:b5:a9:e1:23:f2:e0:
9f:36:98:ca:78:83:d6:76:7d:22:26:7a:ca:9f:d2:
88:54:24:97:63:82:d2:60:b3:af:1c:63:c6:68:fc:
6f:af:45:0c:c7:37:f7:00:94:90:e0:f4:2e:75:a8:
13:28:53:30:69:dd:9b:72:a5:95:c0:f0:e5:61:1f:
8e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:54:24:6B:3D:31:9B:8B:DA:D4:66:45:26:9F:6D:9D:22:DD:E3:11
X509v3 Authority Key Identifier:
keyid:78:79:EB:9D:D6:2D:51:AF:A5:01:2E:FA:1A:9D:10:C6:64:00:C4:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/1lQkaz0xm4va1GZFJp9tnSLd4xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.56.0/21
91.198.250.0/24
91.223.20.0/24
185.97.172.0/22
195.10.208.0/24
IPv6:
2001:67c:2050::/48
Signature Algorithm: sha256WithRSAEncryption
14:0f:36:0a:52:8f:53:d7:0f:87:e3:2b:9f:9f:59:22:d9:d1:
b0:82:34:8f:36:1b:33:47:47:8e:de:b1:60:94:e2:a0:03:84:
91:4f:a7:83:95:87:33:98:37:4c:25:34:23:4f:49:78:1f:ba:
ba:1a:db:13:54:54:24:8b:db:66:ab:a1:15:d9:7f:ed:91:3c:
7f:ec:ed:64:25:46:64:08:76:1b:db:4a:bc:1c:53:40:cb:50:
e3:51:c3:b4:0c:00:70:b8:d6:bc:ca:f9:17:1c:5a:fd:ed:24:
0d:d0:37:df:34:08:27:fd:1d:b7:1f:8e:09:11:9c:cd:94:74:
d2:b4:b6:50:59:9f:3c:6a:4a:88:34:83:82:07:75:77:81:6b:
ce:08:f2:c1:4a:df:17:ff:85:be:1b:6f:6d:52:1d:75:df:7e:
56:cf:38:f7:37:76:c4:10:40:d6:69:f3:e8:f1:63:52:33:e6:
11:6c:cc:b7:d4:90:e8:1d:27:8a:3f:b8:fa:bf:a1:b9:b9:b0:
2f:75:76:05:37:34:fd:84:68:b3:2c:48:37:3b:26:d4:b6:63:
a4:df:a3:43:df:1d:71:98:f1:4c:ac:78:40:8b:8d:c8:66:d8:
c6:c4:bf:fc:25:f4:5b:6e:f4:7e:3c:75:df:8b:53:97:79:65:
40:82:cb:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEEuQ7AjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODc5ZWI5ZGQ2MmQ1MWFmYTUwMTJlZmExYTlkMTBjNjY0MDBjNDQ1MB4XDTIyMDEw
MTA4NTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY1NDI0NmIzZDMx
OWI4YmRhZDQ2NjQ1MjY5ZjZkOWQyMmRkZTMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzpg7PaMbZRg8HTqPrBMEs9VXRI6Gtk333vurTatuy0rAw3
vC4yFDbaSYFUowNmoPWdJth1eaEN59Yny8g6yAPL1N/YFyAD9fgfC3GzYXlOQoAp
IulYQ/Wo4ZPJZNSdxFNnsYdQnIPuVMtaN1SwtgFXTDvi5ViSFJQlNELdoBXRl7AT
wFrF30qfapK65Snv9bC/jeHNjyOBLkyPG1hrezVbe/3RcWW9YHEfp/zVWPGKNiPD
F33YH1ROV5t7tanhI/LgnzaYyniD1nZ9IiZ6yp/SiFQkl2OC0mCzrxxjxmj8b69F
DMc39wCUkOD0LnWoEyhTMGndm3KllcDw5WEfjs0CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTWVCRrPTGbi9rUZkUmn22dIt3jETAfBgNVHSMEGDAWgBR4eeud1i1Rr6UB
LvoanRDGZADERTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VIbnJuZFl0VWEtbEFTNzZHcDBReG1RQXhFVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMmM1OGZhLTA2ZDUtNGQzOS04YjVkLTc0YWNmODJhZjU5Ni8x
LzFsUWthejB4bTR2YTFHWkZKcDl0blNMZDR4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MmM1OGZhLTA2ZDUtNGQzOS04YjVkLTc0YWNmODJhZjU5Ni8xL2VIbnJuZFl0VWEt
bEFTNzZHcDBReG1RQXhFVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEA1DxOAMEAFvG+gMEAFvfFAMEArlh
rAMEAMMK0DAPBAIAAjAJAwcAIAEGfCBQMA0GCSqGSIb3DQEBCwUAA4IBAQAUDzYK
Uo9T1w+H4yufn1ki2dGwgjSPNhszR0eO3rFglOKgA4SRT6eDlYczmDdMJTQjT0l4
H7q6GtsTVFQki9tmq6EV2X/tkTx/7O1kJUZkCHYb20q8HFNAy1DjUcO0DABwuNa8
yvkXHFr97SQN0DffNAgn/R23H44JEZzNlHTStLZQWZ88akqINIOCB3V3gWvOCPLB
St8X/4W+G29tUh11335Wzzj3N3bEEEDWafPo8WNSM+YRbMy31JDoHSeKP7j6v6G5
ubAvdXYFNzT9hGizLEg3OybUtmOk36ND3x1xmPFMrHhAi43IZtjGxL/8JfRbbvR+
PHXfi1OXeWVAgssM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:10 2025 by rpki-client