Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/Vxm9jcPGSWbw_YJssJJNfaiiyaQ.roa
File: Vxm9jcPGSWbw_YJssJJNfaiiyaQ.roa (raw, json)
Hash identifier: aCXkkU+niTg3iExrMqljZSrmAqY9YPFP8L0k6tAREg4=
Subject key identifier: 57:19:BD:8D:C3:C6:49:66:F0:FD:82:6C:B0:92:4D:7D:A8:A2:C9:A4
Certificate issuer: /CN=2d6f9bdaf69dca1cdb9e440c97c10a092ec1b39c
Certificate serial: 06ECC8DA
Authority key identifier: 2D:6F:9B:DA:F6:9D:CA:1C:DB:9E:44:0C:97:C1:0A:09:2E:C1:B3:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LW-b2vadyhzbnkQMl8EKCS7Bs5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/Vxm9jcPGSWbw_YJssJJNfaiiyaQ.roa
Signing time: Sat 01 Jan 2022 03:56:49 +0000
ROA not before: Sat 01 Jan 2022 03:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207857
IP address blocks: 91.209.227.0/24 maxlen: 24
91.212.11.0/24 maxlen: 24
91.212.14.0/24 maxlen: 24
91.212.19.0/24 maxlen: 24
2a0f:61c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116181210 (0x6ecc8da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d6f9bdaf69dca1cdb9e440c97c10a092ec1b39c
Validity
Not Before: Jan 1 03:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5719bd8dc3c64966f0fd826cb0924d7da8a2c9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b1:ff:8c:2f:fc:0f:8d:7d:41:5b:fa:f8:d8:
b1:60:1d:ec:5d:94:a1:44:b2:04:d8:29:69:f3:0c:
fb:d3:3c:07:72:99:54:da:44:b2:27:98:93:39:ab:
a7:d1:38:c7:e1:88:91:ff:7f:2d:31:36:7c:21:e3:
3f:73:0a:ad:15:a3:a6:84:97:94:83:dd:52:a4:96:
1f:21:3b:af:d0:dd:27:33:3f:04:1b:16:bd:3c:8c:
d1:66:e3:85:38:2b:af:7a:38:13:1e:a5:4c:28:16:
e4:00:89:c7:e9:e1:f0:f3:66:e1:d1:62:ce:64:1f:
73:dc:f7:d9:ee:2f:3b:e6:4d:eb:d4:31:b3:4e:d8:
b7:18:df:c4:c2:96:b6:90:aa:f9:00:f7:6a:5e:b3:
b0:16:6f:22:d1:87:25:b9:e9:bc:92:8c:d9:40:a4:
58:a5:ad:87:a4:a0:30:c4:12:e1:32:ae:e3:b3:7b:
c3:a9:90:06:97:ec:ca:4e:01:36:87:d6:af:54:13:
6e:3e:d7:5e:6d:d9:ac:d1:c3:fe:b9:02:50:23:d4:
d5:bf:98:37:40:5b:f7:6b:35:dc:4e:f9:42:d3:b8:
f9:76:d2:b1:89:f9:89:4e:48:e3:48:27:5d:64:29:
4d:75:7f:38:0e:f2:74:67:a2:49:3d:e2:b4:34:2b:
50:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:19:BD:8D:C3:C6:49:66:F0:FD:82:6C:B0:92:4D:7D:A8:A2:C9:A4
X509v3 Authority Key Identifier:
keyid:2D:6F:9B:DA:F6:9D:CA:1C:DB:9E:44:0C:97:C1:0A:09:2E:C1:B3:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LW-b2vadyhzbnkQMl8EKCS7Bs5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/Vxm9jcPGSWbw_YJssJJNfaiiyaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/LW-b2vadyhzbnkQMl8EKCS7Bs5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.227.0/24
91.212.11.0/24
91.212.14.0/24
91.212.19.0/24
IPv6:
2a0f:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:b6:bd:4f:61:18:68:10:fd:dc:3d:7b:e8:ca:de:00:26:bb:
28:9f:18:3b:40:25:3e:4b:01:a7:e6:e1:14:43:17:85:62:b1:
5c:da:a6:9a:4b:a8:bd:23:cc:3f:99:5f:83:a3:21:ce:3e:d5:
54:ed:bd:ae:17:8c:6d:60:3b:07:43:76:45:0e:d7:86:8c:20:
64:3e:15:f0:5c:3d:e1:66:6a:4e:e6:2b:c9:4a:23:4d:46:16:
56:9e:c2:d4:a9:27:c1:72:b7:e9:28:03:0a:ff:dc:55:c2:4a:
94:4a:8d:2b:3c:35:91:a2:37:3b:d6:75:88:05:a9:f4:fb:c1:
be:50:ab:39:80:f0:49:68:8a:aa:a9:64:07:7b:ed:94:76:e4:
6d:ab:af:3d:fa:cf:70:d6:77:33:4a:e8:33:e4:d8:3e:70:ff:
3d:1e:1c:a0:a5:12:74:fe:75:c4:aa:e4:53:8f:2d:91:f2:d1:
e0:bc:a5:b1:73:4e:d0:3e:4d:78:4d:7f:a2:03:43:37:cd:01:
5b:4e:21:db:65:ba:2c:ed:74:e4:2e:5a:f9:33:50:f0:7b:9b:
6a:50:71:ca:01:06:b2:7a:dc:fc:94:d9:fd:47:f5:0a:7f:8d:
5d:62:6a:0e:e3:da:4d:ad:6b:7d:8d:a5:87:2a:ed:bd:7b:59:
26:29:31:c2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBuzI2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDZmOWJkYWY2OWRjYTFjZGI5ZTQ0MGM5N2MxMGEwOTJlYzFiMzljMB4XDTIyMDEw
MTAzNTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTcxOWJkOGRjM2M2
NDk2NmYwZmQ4MjZjYjA5MjRkN2RhOGEyYzlhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWx/4wv/A+NfUFb+vjYsWAd7F2UoUSyBNgpafMM+9M8B3KZ
VNpEsieYkzmrp9E4x+GIkf9/LTE2fCHjP3MKrRWjpoSXlIPdUqSWHyE7r9DdJzM/
BBsWvTyM0WbjhTgrr3o4Ex6lTCgW5ACJx+nh8PNm4dFizmQfc9z32e4vO+ZN69Qx
s07YtxjfxMKWtpCq+QD3al6zsBZvItGHJbnpvJKM2UCkWKWth6SgMMQS4TKu47N7
w6mQBpfsyk4BNofWr1QTbj7XXm3ZrNHD/rkCUCPU1b+YN0Bb92s13E75QtO4+XbS
sYn5iU5I40gnXWQpTXV/OA7ydGeiST3itDQrULsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRXGb2Nw8ZJZvD9gmywkk19qKLJpDAfBgNVHSMEGDAWgBQtb5va9p3KHNue
RAyXwQoJLsGznDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xXLWIydmFkeWh6Ym5rUU1sOEVLQ1M3QnM1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvNDQ2NGYyLTZjMWMtNDA5Ni05NjBiLWUzOWIzYTMwMmNlZC8x
L1Z4bTlqY1BHU1did19ZSnNzSkpOZmFpaXlhUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
NDQ2NGYyLTZjMWMtNDA5Ni05NjBiLWUzOWIzYTMwMmNlZC8xL0xXLWIydmFkeWh6
Ym5rUU1sOEVLQ1M3QnM1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvR4wMEAFvUCwMEAFvUDgMEAFvU
EzANBAIAAjAHAwUDKg9hwDANBgkqhkiG9w0BAQsFAAOCAQEAO7a9T2EYaBD93D17
6MreACa7KJ8YO0AlPksBp+bhFEMXhWKxXNqmmkuovSPMP5lfg6Mhzj7VVO29rheM
bWA7B0N2RQ7XhowgZD4V8Fw94WZqTuYryUojTUYWVp7C1KknwXK36SgDCv/cVcJK
lEqNKzw1kaI3O9Z1iAWp9PvBvlCrOYDwSWiKqqlkB3vtlHbkbauvPfrPcNZ3M0ro
M+TYPnD/PR4coKUSdP51xKrkU48tkfLR4LylsXNO0D5NeE1/ogNDN80BW04h22W6
LO105C5a+TNQ8HubalBxygEGsnrc/JTZ/Uf1Cn+NXWJqDuPaTa1rfY2lhyrtvXtZ
Jikxwg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:29 2025 by rpki-client