Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/A1ld0ZBgGYORPhqJ9Bxc-xc2TkY.roa
File: A1ld0ZBgGYORPhqJ9Bxc-xc2TkY.roa (raw, json)
Hash identifier: MaEJyF/NrWZ+i30UXqUFwcxdepztjLzHTnsjw/gSTYI=
Subject key identifier: 03:59:5D:D1:90:60:19:83:91:3E:1A:89:F4:1C:5C:FB:17:36:4E:46
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 01856F798ED955A66F1E7A81938A749D58AE
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/A1ld0ZBgGYORPhqJ9Bxc-xc2TkY.roa
Signing time: Sun 01 Jan 2023 22:35:15 +0000
ROA not before: Sun 01 Jan 2023 22:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20525
IP address blocks: 79.141.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8e:d9:55:a6:6f:1e:7a:81:93:8a:74:9d:58:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: Jan 1 22:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03595dd190601983913e1a89f41c5cfb17364e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:07:5e:47:31:a3:a2:c6:b9:7b:4e:5a:ac:64:
01:91:d8:85:bf:20:91:cb:80:6f:9d:9c:18:ed:cf:
9c:2e:fb:32:ff:89:05:03:f7:cf:b3:a0:86:ca:b0:
10:cd:83:10:26:6b:4a:eb:21:79:cb:05:12:a7:4e:
3c:f0:f9:aa:05:09:08:bb:8a:34:2a:7b:ca:0c:cb:
c4:d7:b8:42:c7:52:b6:ee:f5:70:5e:a2:5e:71:57:
9c:36:5a:58:eb:18:e1:fc:3a:af:c3:a6:97:50:60:
ab:11:43:15:47:5f:02:1a:f3:40:4f:5d:54:93:53:
3a:0d:78:97:27:d7:55:17:c8:86:fb:44:91:c8:b0:
4f:8d:73:6c:7e:27:fa:67:37:97:13:07:d4:47:9b:
f8:d8:d0:d5:80:d5:b8:b6:08:2d:35:c2:bc:41:9b:
d2:2f:b8:df:20:3d:ed:12:f2:ad:3c:3d:40:99:32:
e1:84:60:46:cb:3b:a7:ff:af:a2:d6:e6:c4:13:b6:
58:09:31:bd:27:40:63:fe:10:ca:f5:79:d5:de:2e:
5a:ef:39:5b:95:1a:a5:eb:0e:ba:42:97:62:82:03:
32:7d:31:6e:ce:e8:54:21:8c:8b:7e:41:9e:b0:97:
4a:65:c3:c4:76:c7:0e:4e:0d:e9:a9:90:21:3e:4d:
2f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:59:5D:D1:90:60:19:83:91:3E:1A:89:F4:1C:5C:FB:17:36:4E:46
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/A1ld0ZBgGYORPhqJ9Bxc-xc2TkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.220.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:f2:e6:79:2b:83:ff:9b:8c:87:14:f0:90:93:3d:72:dd:42:
69:ca:6a:56:f7:ca:11:02:71:a4:e1:17:43:2e:5d:0c:0f:a6:
f7:f7:b8:e0:83:cd:2b:79:05:cd:8b:b4:65:c9:8e:c7:4a:3c:
41:99:5d:3c:6f:fe:f8:8e:b4:a8:01:60:43:d4:5a:da:10:00:
c0:90:cb:fd:cb:5c:b3:16:b8:11:91:a1:46:b3:d6:48:3e:32:
70:62:d9:60:59:c7:39:1b:c2:0c:47:d6:4a:04:61:a1:f1:e4:
36:6c:68:f0:08:65:26:9d:01:8a:9e:86:ea:1e:dc:57:72:f0:
1e:3a:01:e6:c8:af:05:e0:37:dd:68:a6:b1:29:8c:a6:93:55:
d4:61:35:0b:39:dc:65:55:8b:a1:db:59:60:ec:bf:7d:59:32:
46:1e:9c:5e:9e:d4:d2:94:2e:5d:71:02:0e:8f:64:a4:fb:f9:
ee:aa:a7:1e:25:4a:45:f5:8a:ad:dd:15:18:35:c1:2a:39:73:
46:2f:89:52:bd:44:8c:9d:69:3e:82:8f:f0:28:aa:ec:18:75:
61:fc:c5:93:53:b1:14:bd:e1:e8:9c:42:71:9f:58:7e:77:e7:
3f:da:84:bb:14:ac:30:ce:75:1b:e2:ea:de:3f:40:14:fd:65:
53:62:77:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveY7ZVaZvHnqBk4p0nViuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh
OWMwZjYwHhcNMjMwMTAxMjIzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU5NWRkMTkwNjAxOTgzOTEzZTFhODlmNDFjNWNmYjE3MzY0ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwdeRzGjosa5e05arGQBkdiFvyCR
y4BvnZwY7c+cLvsy/4kFA/fPs6CGyrAQzYMQJmtK6yF5ywUSp0488PmqBQkIu4o0
KnvKDMvE17hCx1K27vVwXqJecVecNlpY6xjh/Dqvw6aXUGCrEUMVR18CGvNAT11U
k1M6DXiXJ9dVF8iG+0SRyLBPjXNsfif6ZzeXEwfUR5v42NDVgNW4tggtNcK8QZvS
L7jfID3tEvKtPD1AmTLhhGBGyzun/6+i1ubEE7ZYCTG9J0Bj/hDK9XnV3i5a7zlb
lRql6w66QpdiggMyfTFuzuhUIYyLfkGesJdKZcPEdscOTg3pqZAhPk0vTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANZXdGQYBmDkT4aifQcXPsXNk5GMB8GA1UdIwQY
MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt
OGVhZThiNzVlOWNhLzEvQTFsZDBaQmdHWU9SUGhxSjlCeGMteGMyVGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh
LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT43cMA0G
CSqGSIb3DQEBCwUAA4IBAQCb8uZ5K4P/m4yHFPCQkz1y3UJpympW98oRAnGk4RdD
Ll0MD6b397jgg80reQXNi7RlyY7HSjxBmV08b/74jrSoAWBD1FraEADAkMv9y1yz
FrgRkaFGs9ZIPjJwYtlgWcc5G8IMR9ZKBGGh8eQ2bGjwCGUmnQGKnobqHtxXcvAe
OgHmyK8F4DfdaKaxKYymk1XUYTULOdxlVYuh21lg7L99WTJGHpxentTSlC5dcQIO
j2Sk+/nuqqceJUpF9Yqt3RUYNcEqOXNGL4lSvUSMnWk+go/wKKrsGHVh/MWTU7EU
veHonEJxn1h+d+c/2oS7FKwwznUb4ureP0AU/WVTYnft
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:05:34 2025 by rpki-client