Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/W2H9qwp4DqDe-LBUe1rJgfjiAGY.roa
File: W2H9qwp4DqDe-LBUe1rJgfjiAGY.roa (raw, json)
Hash identifier: O3QB5JpuAVC5vg8cjBn3zHOKDgggb0lI0Dnkl6Zlb+4=
Subject key identifier: 5B:61:FD:AB:0A:78:0E:A0:DE:F8:B0:54:7B:5A:C9:81:F8:E2:00:66
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 01823CF62F69B630E07AFE5F58EEA279CB4E
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/W2H9qwp4DqDe-LBUe1rJgfjiAGY.roa
Signing time: Wed 27 Jul 2022 00:02:23 +0000
ROA not before: Wed 27 Jul 2022 00:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25145
IP address blocks: 91.241.51.0/24 maxlen: 24
91.241.48.0/24 maxlen: 24
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc7::/32 maxlen: 32
2a0c:8dc4::/32 maxlen: 32
2a00:7540::/29 maxlen: 29
2a0c:8dc0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3c:f6:2f:69:b6:30:e0:7a:fe:5f:58:ee:a2:79:cb:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jul 27 00:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b61fdab0a780ea0def8b0547b5ac981f8e20066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:63:a8:4f:f7:84:aa:c0:6e:96:d2:f6:dc:55:
c7:f0:2e:fe:51:88:ca:3a:5e:a8:73:c4:0e:a7:8c:
73:80:4c:1b:d0:0f:0f:f8:f1:bc:36:86:89:3a:ed:
c0:3b:09:f4:6f:91:64:7f:09:29:de:a1:04:f7:37:
b9:fa:97:07:94:87:d6:d5:1c:a8:dc:93:35:ce:a7:
3e:52:a4:31:32:b6:a4:6c:12:e5:fc:9d:6d:3f:fb:
72:72:72:ae:e2:f6:54:a2:1f:62:d7:6a:cd:da:9b:
c7:d3:9e:df:8a:29:4c:bd:ba:b6:88:67:26:6a:5f:
3b:08:9b:00:71:40:ba:3d:ee:19:4a:65:8a:dc:ed:
25:9c:11:f1:b0:cc:a6:63:65:f6:42:88:45:a4:75:
c0:bd:2e:ad:5c:41:76:8e:93:12:b6:4b:db:f2:80:
de:01:f0:02:55:c0:7d:04:6f:42:7e:4d:07:fa:83:
9a:b8:75:d4:a4:37:be:47:30:33:62:83:b4:e6:8d:
7f:13:c1:f1:b5:a7:5d:d7:d5:86:63:31:57:f9:89:
17:bb:19:1d:a2:80:be:96:1f:18:c7:a4:8a:6d:30:
17:d1:6f:08:5c:f3:31:ae:8f:02:73:68:af:f6:be:
92:70:45:24:72:95:dc:aa:95:16:69:cf:0a:e3:cf:
c4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:61:FD:AB:0A:78:0E:A0:DE:F8:B0:54:7B:5A:C9:81:F8:E2:00:66
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/W2H9qwp4DqDe-LBUe1rJgfjiAGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.48.0/24
91.241.51.0/24
IPv6:
2a00:7540::/29
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
12:26:af:0c:83:c7:94:0e:be:f9:a2:dd:27:b6:13:27:8c:b4:
ab:83:81:db:58:72:9d:4e:e4:17:52:f8:ef:7b:3c:d5:ee:c5:
ef:19:49:29:4f:d6:f3:14:0f:fd:a0:41:aa:43:5d:ca:ca:88:
87:0a:1c:9d:b7:d2:cb:2c:61:e4:d8:77:ac:85:c9:91:06:f2:
78:bb:ef:f6:24:42:ad:2e:d8:ac:00:11:71:15:6e:cf:23:7e:
df:d0:bc:e1:d9:5c:69:d2:3f:e1:a0:1d:b4:13:0c:b3:c0:98:
e4:ab:d0:9a:e6:c5:18:8a:ca:41:f3:3a:6d:ae:d1:fc:e3:0c:
46:c2:af:fd:fe:4d:51:bd:71:17:df:b6:81:10:51:04:59:fd:
b3:51:27:52:55:16:c1:e6:86:26:59:3c:30:94:81:a5:20:e3:
11:c0:cd:f7:c6:47:42:46:f5:2b:f3:5d:ee:2e:c8:a0:01:f3:
e4:89:8e:5f:da:a3:00:31:6d:4b:87:e7:da:3a:cf:e5:f2:60:
2a:52:73:a4:04:1c:22:96:dd:22:77:23:4e:c3:87:19:5d:0f:
7c:93:75:b8:2b:a2:6c:6f:de:29:4f:63:1b:40:69:de:72:83:
17:37:cf:3c:c3:7b:80:52:41:be:c5:2e:9c:1a:2e:ac:e1:9a:
60:b7:8c:ab
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYI89i9ptjDgev5fWO6iectOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjIwNzI3MDAwMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYxZmRhYjBhNzgwZWEwZGVmOGIwNTQ3YjVhYzk4MWY4ZTIwMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWOoT/eEqsBultL23FXH8C7+UYjK
Ol6oc8QOp4xzgEwb0A8P+PG8NoaJOu3AOwn0b5Fkfwkp3qEE9ze5+pcHlIfW1Ryo
3JM1zqc+UqQxMrakbBLl/J1tP/tycnKu4vZUoh9i12rN2pvH057fiilMvbq2iGcm
al87CJsAcUC6Pe4ZSmWK3O0lnBHxsMymY2X2QohFpHXAvS6tXEF2jpMStkvb8oDe
AfACVcB9BG9Cfk0H+oOauHXUpDe+RzAzYoO05o1/E8Hxtadd19WGYzFX+YkXuxkd
ooC+lh8Yx6SKbTAX0W8IXPMxro8Cc2iv9r6ScEUkcpXcqpUWac8K48/ERwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFth/asKeA6g3viwVHtayYH44gBmMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvVzJIOXF3cDREcURlLUxCVWUxckpnZmppQUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW/EwAwQA
W/EzMBQEAgACMA4DBQMqAHVAAwUDKgyNwDANBgkqhkiG9w0BAQsFAAOCAQEAEiav
DIPHlA6++aLdJ7YTJ4y0q4OB21hynU7kF1L473s81e7F7xlJKU/W8xQP/aBBqkNd
ysqIhwocnbfSyyxh5Nh3rIXJkQbyeLvv9iRCrS7YrAARcRVuzyN+39C84dlcadI/
4aAdtBMMs8CY5KvQmubFGIrKQfM6ba7R/OMMRsKv/f5NUb1xF9+2gRBRBFn9s1En
UlUWweaGJlk8MJSBpSDjEcDN98ZHQkb1K/Nd7i7IoAHz5ImOX9qjADFtS4fn2jrP
5fJgKlJzpAQcIpbdIncjTsOHGV0PfJN1uCuibG/eKU9jG0Bp3nKDFzfPPMN7gFJB
vsUunBourOGaYLeMqw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 01:49:46 2025 by rpki-client