Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/567876-8d17-46c6-8cdd-4b843e9d04f8/1/IpNZVVcfurW3LdbmtuxXS4K9ZCE.roa
File: IpNZVVcfurW3LdbmtuxXS4K9ZCE.roa (raw, json)
Hash identifier: s+7Zb/MNBk6hnbLmBc9+dFNBfgE5DTtrP//3XgXGn9c=
Subject key identifier: 22:93:59:55:57:1F:BA:B5:B7:2D:D6:E6:B6:EC:57:4B:82:BD:64:21
Certificate issuer: /CN=2ee29f7f3faa48a940ab8da212b4b1116883f273
Certificate serial: 0DF01539
Authority key identifier: 2E:E2:9F:7F:3F:AA:48:A9:40:AB:8D:A2:12:B4:B1:11:68:83:F2:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LuKffz-qSKlAq42iErSxEWiD8nM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/567876-8d17-46c6-8cdd-4b843e9d04f8/1/IpNZVVcfurW3LdbmtuxXS4K9ZCE.roa
Signing time: Sat 01 Jan 2022 08:04:19 +0000
ROA not before: Sat 01 Jan 2022 08:04:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41038
IP address blocks: 91.233.22.0/23 maxlen: 23
195.95.175.0/24 maxlen: 24
2001:678:250::/48 maxlen: 48
2001:67c:25b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233837881 (0xdf01539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee29f7f3faa48a940ab8da212b4b1116883f273
Validity
Not Before: Jan 1 08:04:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22935955571fbab5b72dd6e6b6ec574b82bd6421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d1:86:f1:41:93:d6:0a:eb:bd:34:bd:83:c5:
68:33:39:7d:07:65:51:08:0d:fe:62:28:99:6e:6e:
f4:0f:74:d9:45:99:82:14:88:b7:ca:ed:ea:18:10:
82:e0:41:4c:01:0e:7c:8b:54:89:3d:21:56:ff:68:
2d:32:12:77:12:28:26:f4:bd:f8:0d:f0:c6:65:4f:
0c:40:50:d4:7a:b3:bd:49:22:63:cf:86:78:1e:7f:
b7:de:e0:15:bb:77:23:18:c3:9a:e3:fc:17:91:45:
93:dc:c4:ff:6f:b0:4e:37:6c:63:02:8b:2e:7e:dc:
5f:fa:72:a8:2e:a6:3e:36:05:0b:5a:66:fb:17:ba:
32:a2:d6:af:75:b7:c2:b6:ed:ef:b7:dd:7f:af:38:
11:65:46:52:22:14:8f:b8:e5:45:40:f9:f5:7e:7b:
06:df:65:cd:10:38:ef:cd:0a:b4:d9:2a:b3:f5:b2:
14:f0:8a:c0:cc:01:de:7b:26:2c:81:5c:a7:d0:cd:
96:a6:28:16:d2:b5:8f:ce:02:06:1e:c7:a5:aa:e8:
4b:62:3e:b8:b6:92:73:12:ca:70:5d:4e:c1:ca:52:
2f:24:ca:34:0c:28:3f:8e:45:1f:3d:e5:6d:5d:bd:
39:12:7c:ba:e8:67:d9:1c:d7:9f:77:4c:b0:d9:cb:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:93:59:55:57:1F:BA:B5:B7:2D:D6:E6:B6:EC:57:4B:82:BD:64:21
X509v3 Authority Key Identifier:
keyid:2E:E2:9F:7F:3F:AA:48:A9:40:AB:8D:A2:12:B4:B1:11:68:83:F2:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuKffz-qSKlAq42iErSxEWiD8nM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/567876-8d17-46c6-8cdd-4b843e9d04f8/1/IpNZVVcfurW3LdbmtuxXS4K9ZCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/567876-8d17-46c6-8cdd-4b843e9d04f8/1/LuKffz-qSKlAq42iErSxEWiD8nM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.22.0/23
195.95.175.0/24
IPv6:
2001:678:250::/48
2001:67c:25b8::/48
Signature Algorithm: sha256WithRSAEncryption
90:b8:2b:b6:c2:4c:2b:21:3d:c5:7b:4b:8a:de:11:f7:23:d8:
a7:c7:26:6e:5a:4d:5c:6f:0e:4f:7b:b9:40:88:0b:0d:65:04:
5d:12:cf:0c:0d:28:31:ec:d3:89:5c:c1:c1:31:d7:b6:00:42:
d5:d7:53:6e:75:74:32:3a:c2:8d:87:56:60:fa:59:e8:56:f9:
f8:c1:d5:7e:03:b9:9a:8e:db:3d:33:e5:0f:fa:22:ef:99:b9:
11:12:42:e0:77:c7:7e:4b:4f:dd:4b:23:b4:1c:7a:fa:05:0d:
af:ac:fe:d7:81:2d:af:07:13:60:28:ab:8a:ed:02:9c:ff:93:
0f:cb:c4:0c:b7:fa:ae:b7:61:a8:7b:91:1e:f3:0c:01:c0:71:
42:6b:0a:86:4f:28:59:05:e6:7e:0c:50:30:7f:1c:d2:bf:ad:
ad:95:68:0b:59:63:36:cd:96:37:fa:b8:4d:da:37:58:61:5e:
90:12:eb:3f:d3:60:5b:23:79:02:2b:02:cb:03:00:d6:36:a4:
3b:0a:ec:90:f0:62:0c:4c:71:43:e8:98:92:ce:9d:22:b0:09:
91:1a:3f:4a:10:90:90:5f:9b:3f:4f:74:b8:79:78:8e:01:47:
3f:35:ff:7b:83:62:79:66:ff:8f:72:c3:34:08:cc:e4:50:64:
4a:46:48:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEDfAVOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWUyOWY3ZjNmYWE0OGE5NDBhYjhkYTIxMmI0YjExMTY4ODNmMjczMB4XDTIyMDEw
MTA4MDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI5MzU5NTU1NzFm
YmFiNWI3MmRkNmU2YjZlYzU3NGI4MmJkNjQyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrRhvFBk9YK6700vYPFaDM5fQdlUQgN/mIomW5u9A902UWZ
ghSIt8rt6hgQguBBTAEOfItUiT0hVv9oLTISdxIoJvS9+A3wxmVPDEBQ1HqzvUki
Y8+GeB5/t97gFbt3IxjDmuP8F5FFk9zE/2+wTjdsYwKLLn7cX/pyqC6mPjYFC1pm
+xe6MqLWr3W3wrbt77fdf684EWVGUiIUj7jlRUD59X57Bt9lzRA4780KtNkqs/Wy
FPCKwMwB3nsmLIFcp9DNlqYoFtK1j84CBh7HparoS2I+uLaScxLKcF1OwcpSLyTK
NAwoP45FHz3lbV29ORJ8uuhn2RzXn3dMsNnLmA8CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQik1lVVx+6tbct1ua27FdLgr1kITAfBgNVHSMEGDAWgBQu4p9/P6pIqUCr
jaIStLERaIPyczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x1S2Zmei1xU0tsQXE0MmlFclN4RVdpRDhuTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvNTY3ODc2LThkMTctNDZjNi04Y2RkLTRiODQzZTlkMDRmOC8x
L0lwTlpWVmNmdXJXM0xkYm10dXhYUzRLOVpDRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
NTY3ODc2LThkMTctNDZjNi04Y2RkLTRiODQzZTlkMDRmOC8xL0x1S2Zmei1xU0ts
QXE0MmlFclN4RVdpRDhuTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAVvpFgMEAMNfrzAYBAIAAjASAwcA
IAEGeAJQAwcAIAEGfCW4MA0GCSqGSIb3DQEBCwUAA4IBAQCQuCu2wkwrIT3Fe0uK
3hH3I9inxyZuWk1cbw5Pe7lAiAsNZQRdEs8MDSgx7NOJXMHBMde2AELV11NudXQy
OsKNh1Zg+lnoVvn4wdV+A7majts9M+UP+iLvmbkREkLgd8d+S0/dSyO0HHr6BQ2v
rP7XgS2vBxNgKKuK7QKc/5MPy8QMt/qut2Goe5Ee8wwBwHFCawqGTyhZBeZ+DFAw
fxzSv62tlWgLWWM2zZY3+rhN2jdYYV6QEus/02BbI3kCKwLLAwDWNqQ7CuyQ8GIM
THFD6JiSzp0isAmRGj9KEJCQX5s/T3S4eXiOAUc/Nf97g2J5Zv+PcsM0CMzkUGRK
Rkhq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:32 2025 by rpki-client