Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/9cPZM9SL0WLtoD4_frUPxC4TgkY.roa
File: 9cPZM9SL0WLtoD4_frUPxC4TgkY.roa (raw, json)
Hash identifier: qBWzBGQWI7wZsuEj6fHOx9Zi4OTqxhcm3Idc+Y0qegk=
Subject key identifier: F5:C3:D9:33:D4:8B:D1:62:ED:A0:3E:3F:7E:B5:0F:C4:2E:13:82:46
Certificate issuer: /CN=28bebd4658618473ed4c83767c51de8e233c3292
Certificate serial: F1EA8B
Authority key identifier: 28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/9cPZM9SL0WLtoD4_frUPxC4TgkY.roa
Signing time: Sat 01 Jan 2022 08:02:56 +0000
ROA not before: Sat 01 Jan 2022 08:02:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199577
IP address blocks: 91.217.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15854219 (0xf1ea8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bebd4658618473ed4c83767c51de8e233c3292
Validity
Not Before: Jan 1 08:02:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5c3d933d48bd162eda03e3f7eb50fc42e138246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:eb:3f:ad:f9:22:cd:c9:8d:43:85:5d:06:7c:
bc:bc:49:84:0f:01:71:2d:88:9f:ef:10:64:0f:12:
d5:ef:03:27:32:3a:29:d9:b3:fd:70:6c:27:a9:8c:
28:eb:7a:33:8e:3d:5b:46:4c:61:f1:77:ec:5a:16:
89:ad:00:38:9d:3d:ee:a5:18:e4:b4:6b:ef:99:33:
25:99:f9:aa:6d:a2:ec:d9:22:7d:9c:67:6e:d9:b2:
85:1d:d4:80:a5:78:65:05:76:43:97:f9:d6:aa:d0:
d7:a6:cb:ea:2b:36:ac:69:95:4e:ea:94:d3:36:65:
78:d4:e6:1e:30:c9:7e:4d:b4:34:fd:fe:ee:e8:f6:
42:32:eb:d7:93:35:3a:6f:bb:ed:cb:1f:d4:a7:09:
b6:57:9f:e6:50:ff:87:79:55:41:20:a0:32:0b:d6:
dd:1f:82:54:a6:b3:e4:e5:f7:29:dd:49:7c:a2:99:
a0:6f:14:84:60:fe:db:bd:f1:f6:d7:a0:f5:3f:af:
f8:19:ae:06:19:d4:a1:8e:73:5c:34:24:c1:fa:c6:
47:dd:13:81:4b:99:88:e7:fb:76:c0:05:02:d6:31:
79:fa:83:ae:a4:2e:cc:47:45:1c:24:22:7e:3f:09:
40:91:91:eb:ce:59:a8:73:8c:be:71:3d:2d:23:1b:
0f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C3:D9:33:D4:8B:D1:62:ED:A0:3E:3F:7E:B5:0F:C4:2E:13:82:46
X509v3 Authority Key Identifier:
keyid:28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/9cPZM9SL0WLtoD4_frUPxC4TgkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.153.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ea:ab:99:ed:59:18:8f:6a:13:d8:21:3a:7d:47:b8:ad:d5:
21:f7:1c:f9:e8:63:2f:b2:ee:ca:d9:48:17:26:52:3b:54:da:
d2:0c:8e:a5:3e:88:2c:4a:6b:f5:54:f6:1c:15:c6:81:d8:3d:
f8:25:6e:11:97:44:bf:10:f8:78:2b:01:51:f8:57:90:c8:32:
de:dd:fd:cc:8b:48:a8:43:0d:70:30:31:31:3d:8c:9b:f4:db:
58:bb:4e:da:16:7a:5a:c1:16:d6:05:bf:70:63:50:71:57:a9:
b4:9d:56:5a:90:c1:b9:f7:61:cc:b7:8c:9c:3a:3b:63:ac:20:
9f:57:3a:ab:fe:84:c1:54:d3:10:79:a3:7b:cd:42:30:35:09:
a2:5e:5c:94:41:45:14:b1:00:42:b1:32:39:e5:9f:03:0c:60:
d8:50:44:22:4a:8b:00:65:76:ce:e5:d4:98:e1:30:9d:fc:c7:
b3:8e:6c:a4:e1:c6:a1:89:b1:2c:40:85:78:68:23:f2:52:b3:
8b:e4:9a:e2:7f:d4:5c:60:10:8e:07:8c:dc:ac:82:94:2c:29:
2a:b9:89:f5:79:d3:25:b9:f1:b7:f8:00:24:84:c9:70:1e:68:
88:5f:ae:87:d4:24:47:06:9e:d1:6e:a2:46:bd:10:c7:e4:d1:
4f:f4:52:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPHqizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OGJlYmQ0NjU4NjE4NDczZWQ0YzgzNzY3YzUxZGU4ZTIzM2MzMjkyMB4XDTIyMDEw
MTA4MDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVjM2Q5MzNkNDhi
ZDE2MmVkYTAzZTNmN2ViNTBmYzQyZTEzODI0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzrP635Is3JjUOFXQZ8vLxJhA8BcS2In+8QZA8S1e8DJzI6
Kdmz/XBsJ6mMKOt6M449W0ZMYfF37FoWia0AOJ097qUY5LRr75kzJZn5qm2i7Nki
fZxnbtmyhR3UgKV4ZQV2Q5f51qrQ16bL6is2rGmVTuqU0zZleNTmHjDJfk20NP3+
7uj2QjLr15M1Om+77csf1KcJtlef5lD/h3lVQSCgMgvW3R+CVKaz5OX3Kd1JfKKZ
oG8UhGD+273x9teg9T+v+BmuBhnUoY5zXDQkwfrGR90TgUuZiOf7dsAFAtYxefqD
rqQuzEdFHCQifj8JQJGR685ZqHOMvnE9LSMbD70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1w9kz1IvRYu2gPj9+tQ/ELhOCRjAfBgNVHSMEGDAWgBQovr1GWGGEc+1M
g3Z8Ud6OIzwykjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tMNjlSbGhoaEhQdFRJTjJmRkhlamlNOE1wSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvYWE5NzVjLWI5YjUtNDY1MS1iYzViLWJhNzk1NmIwZjJkZC8x
LzljUFpNOVNMMFdMdG9ENF9mclVQeEM0VGdrWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
YWE5NzVjLWI5YjUtNDY1MS1iYzViLWJhNzk1NmIwZjJkZC8xL0tMNjlSbGhoaEhQ
dFRJTjJmRkhlamlNOE1wSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvZmTANBgkqhkiG9w0BAQsFAAOC
AQEAE+qrme1ZGI9qE9ghOn1HuK3VIfcc+ehjL7LuytlIFyZSO1Ta0gyOpT6ILEpr
9VT2HBXGgdg9+CVuEZdEvxD4eCsBUfhXkMgy3t39zItIqEMNcDAxMT2Mm/TbWLtO
2hZ6WsEW1gW/cGNQcVeptJ1WWpDBufdhzLeMnDo7Y6wgn1c6q/6EwVTTEHmje81C
MDUJol5clEFFFLEAQrEyOeWfAwxg2FBEIkqLAGV2zuXUmOEwnfzHs45spOHGoYmx
LECFeGgj8lKzi+Sa4n/UXGAQjgeM3KyClCwpKrmJ9XnTJbnxt/gAJITJcB5oiF+u
h9QkRwae0W6iRr0Qx+TRT/RSow==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:52 2025 by rpki-client