Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/ssd8kC7fUYhFE4qewPST3KM8Jl8.roa
File: ssd8kC7fUYhFE4qewPST3KM8Jl8.roa (raw, json)
Hash identifier: IOdufP54f2JUPoyfkIXezq/srskkz68j0jPfaXfM7HU=
Subject key identifier: B2:C7:7C:90:2E:DF:51:88:45:13:8A:9E:C0:F4:93:DC:A3:3C:26:5F
Certificate issuer: /CN=dbd382274b457662ba72d1886573a2c7dcc35486
Certificate serial: 03C5B101
Authority key identifier: DB:D3:82:27:4B:45:76:62:BA:72:D1:88:65:73:A2:C7:DC:C3:54:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29OCJ0tFdmK6ctGIZXOix9zDVIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/ssd8kC7fUYhFE4qewPST3KM8Jl8.roa
Signing time: Sat 01 Jan 2022 04:00:53 +0000
ROA not before: Sat 01 Jan 2022 04:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57780
IP address blocks: 91.210.153.0/24 maxlen: 24
2a06:5f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63287553 (0x3c5b101)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd382274b457662ba72d1886573a2c7dcc35486
Validity
Not Before: Jan 1 04:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2c77c902edf518845138a9ec0f493dca33c265f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:1d:69:7a:89:5b:76:05:dd:a5:10:98:34:
81:0c:46:e6:54:8a:59:8b:af:f5:c4:41:32:e3:8d:
be:91:70:7b:06:d6:2a:2b:b2:a5:d7:39:0c:91:49:
3b:cb:13:67:63:d5:ef:aa:68:db:0a:26:9c:5e:34:
95:81:23:b7:f3:aa:29:8b:60:d1:ce:9d:be:bc:2f:
e9:4a:99:ee:1c:66:6c:19:ba:8e:d2:64:75:ae:6b:
96:d9:5a:a4:f9:9b:76:fe:e6:58:ec:35:43:3e:f7:
7c:bf:ee:db:98:f2:f2:a8:49:86:24:1d:60:28:97:
e0:f1:58:be:04:49:56:8f:e9:67:f1:f6:cd:2d:64:
a4:32:3b:bf:5d:ca:06:34:84:fe:e0:3b:42:df:f7:
91:31:86:49:ca:89:16:f1:cb:51:af:2b:ca:57:d5:
8b:5e:ed:86:c0:7f:e3:54:17:c2:ac:51:2c:ee:25:
4d:57:3b:71:e8:8c:2a:66:c8:3b:94:94:73:59:3a:
e3:d1:d1:40:35:d1:57:99:8c:87:5f:f1:e9:df:79:
5b:e8:e0:42:f0:f9:44:ba:de:19:39:ee:dd:40:7b:
2e:fc:23:e6:4c:a7:38:83:58:a6:35:37:06:f9:35:
03:68:00:ce:93:01:a1:6d:4f:da:40:f0:a9:d2:05:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C7:7C:90:2E:DF:51:88:45:13:8A:9E:C0:F4:93:DC:A3:3C:26:5F
X509v3 Authority Key Identifier:
keyid:DB:D3:82:27:4B:45:76:62:BA:72:D1:88:65:73:A2:C7:DC:C3:54:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29OCJ0tFdmK6ctGIZXOix9zDVIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/ssd8kC7fUYhFE4qewPST3KM8Jl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/29OCJ0tFdmK6ctGIZXOix9zDVIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.153.0/24
IPv6:
2a06:5f80::/32
Signature Algorithm: sha256WithRSAEncryption
7a:fe:2b:46:c4:96:3e:6c:6e:21:c6:63:26:14:49:3f:94:88:
dc:cf:46:e2:9f:af:61:f8:d9:fe:c6:7c:44:a4:58:ef:ad:2b:
72:a4:2f:7b:7e:b0:32:ee:22:b0:71:d3:e5:75:b7:44:35:40:
fa:8b:72:8e:28:06:92:2b:4e:23:02:ac:4c:50:18:ad:70:49:
bb:f2:7e:20:5f:c2:58:3d:7d:77:cf:60:bc:58:a7:c9:7e:b3:
c7:24:a9:43:68:7b:73:eb:38:6e:59:78:ef:3d:de:f0:2f:65:
e3:9c:92:65:a2:9e:3a:a6:b6:2b:39:33:64:1f:b4:df:d1:8d:
cd:5b:a0:7d:7d:f2:d1:d6:0d:13:63:d7:78:22:e3:1e:6b:1c:
a3:82:48:68:cc:fd:a7:82:bd:a2:a7:9a:ab:e5:c1:1e:23:51:
e3:89:95:e9:a3:6e:3d:7a:0c:d1:1e:ce:c8:10:8d:fe:0d:82:
9a:b8:4d:81:d9:02:ec:68:83:6e:2e:6a:16:0f:bd:89:fb:a5:
04:98:f8:bf:d5:57:4c:9b:32:6b:7a:16:55:ea:18:94:95:fb:
9b:d4:fa:27:b9:69:86:d6:2e:58:66:89:8e:76:f2:88:7a:44:
77:9e:fb:4f:26:10:3d:d6:35:91:9e:d5:ca:01:16:ab:4a:3c:
aa:dd:e1:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA8WxATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmQzODIyNzRiNDU3NjYyYmE3MmQxODg2NTczYTJjN2RjYzM1NDg2MB4XDTIyMDEw
MTA0MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJjNzdjOTAyZWRm
NTE4ODQ1MTM4YTllYzBmNDkzZGNhMzNjMjY1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTVHWl6iVt2Bd2lEJg0gQxG5lSKWYuv9cRBMuONvpFwewbW
Kiuypdc5DJFJO8sTZ2PV76po2womnF40lYEjt/OqKYtg0c6dvrwv6UqZ7hxmbBm6
jtJkda5rltlapPmbdv7mWOw1Qz73fL/u25jy8qhJhiQdYCiX4PFYvgRJVo/pZ/H2
zS1kpDI7v13KBjSE/uA7Qt/3kTGGScqJFvHLUa8rylfVi17thsB/41QXwqxRLO4l
TVc7ceiMKmbIO5SUc1k649HRQDXRV5mMh1/x6d95W+jgQvD5RLreGTnu3UB7Lvwj
5kynOINYpjU3Bvk1A2gAzpMBoW1P2kDwqdIF2AkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSyx3yQLt9RiEUTip7A9JPcozwmXzAfBgNVHSMEGDAWgBTb04InS0V2Yrpy
0Yhlc6LH3MNUhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI5T0NKMHRGZG1LNmN0R0laWE9peDl6RFZJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvZjEyMDI5LTY3NTgtNDIzMy05ZGZjLWM2NTQzNTZiMDdjNC8x
L3NzZDhrQzdmVVloRkU0cWV3UFNUM0tNOEpsOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
ZjEyMDI5LTY3NTgtNDIzMy05ZGZjLWM2NTQzNTZiMDdjNC8xLzI5T0NKMHRGZG1L
NmN0R0laWE9peDl6RFZJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvSmTANBAIAAjAHAwUAKgZfgDAN
BgkqhkiG9w0BAQsFAAOCAQEAev4rRsSWPmxuIcZjJhRJP5SI3M9G4p+vYfjZ/sZ8
RKRY760rcqQve36wMu4isHHT5XW3RDVA+otyjigGkitOIwKsTFAYrXBJu/J+IF/C
WD19d89gvFinyX6zxySpQ2h7c+s4bll47z3e8C9l45ySZaKeOqa2KzkzZB+039GN
zVugfX3y0dYNE2PXeCLjHmsco4JIaMz9p4K9oqeaq+XBHiNR44mV6aNuPXoM0R7O
yBCN/g2CmrhNgdkC7GiDbi5qFg+9ifulBJj4v9VXTJsya3oWVeoYlJX7m9T6J7lp
htYuWGaJjnbyiHpEd577TyYQPdY1kZ7VygEWq0o8qt3heQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:59 2025 by rpki-client