Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/SaA79OqmzFW2hXVmR_EklD_Ckow.roa
File: SaA79OqmzFW2hXVmR_EklD_Ckow.roa (raw, json)
Hash identifier: LLnmLS0liGofusqkxGtAcD579WI66ZMzWZEYrZjTC9E=
Subject key identifier: 49:A0:3B:F4:EA:A6:CC:55:B6:85:75:66:47:F1:24:94:3F:C2:92:8C
Certificate issuer: /CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Certificate serial: 059BC65A
Authority key identifier: 13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/SaA79OqmzFW2hXVmR_EklD_Ckow.roa
Signing time: Sat 01 Jan 2022 05:00:12 +0000
ROA not before: Sat 01 Jan 2022 05:00:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43858
IP address blocks: 185.11.160.0/22 maxlen: 22
185.80.176.0/22 maxlen: 22
91.198.199.0/24 maxlen: 24
146.255.168.0/21 maxlen: 21
2a03:39c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94094938 (0x59bc65a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Validity
Not Before: Jan 1 05:00:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49a03bf4eaa6cc55b685756647f124943fc2928c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8e:ac:36:b8:e0:c7:47:56:10:86:55:1d:db:
48:3f:54:26:b3:c3:73:25:31:46:11:d6:70:86:91:
6f:aa:50:87:ef:f8:e5:69:94:ad:26:aa:34:4d:71:
d8:6a:65:1f:96:a6:d5:4c:a3:c7:ab:46:8b:63:91:
16:3b:72:80:9b:10:bb:eb:11:65:da:6c:1d:fa:7f:
51:d8:8e:72:58:b9:8d:44:f6:aa:d8:45:3d:61:a8:
ef:79:f9:ca:cd:08:a1:f0:8a:88:c5:81:bc:b5:e8:
b4:4f:ea:30:08:bf:3e:27:20:30:f3:9b:e1:60:f2:
fb:ac:44:ab:53:9d:68:fe:ac:13:96:d0:89:7a:11:
5d:24:b4:90:dd:ec:bb:7c:97:05:0f:63:36:b3:7e:
90:98:7f:ca:a9:dd:b7:f1:f6:a7:bc:6e:44:da:c8:
ab:fd:a1:f1:0c:f8:95:26:c5:72:aa:41:12:08:6a:
1d:00:dd:7a:bf:cf:d5:64:97:45:b9:fb:66:39:5d:
f8:f6:ce:23:3b:68:70:07:5c:70:f4:4f:2f:b7:af:
dd:82:f0:20:13:55:43:7a:d5:bb:a3:68:8a:a9:80:
9f:f2:05:56:2f:f4:98:b3:41:98:d3:11:29:b7:e5:
ff:da:36:af:c9:78:06:85:f9:f8:f5:1a:4f:b3:30:
ab:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A0:3B:F4:EA:A6:CC:55:B6:85:75:66:47:F1:24:94:3F:C2:92:8C
X509v3 Authority Key Identifier:
keyid:13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/SaA79OqmzFW2hXVmR_EklD_Ckow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.199.0/24
146.255.168.0/21
185.11.160.0/22
185.80.176.0/22
IPv6:
2a03:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:ec:93:5a:7d:bc:1a:df:57:b4:51:55:c0:db:c1:bb:29:2b:
96:14:8f:83:ac:97:3c:00:e3:2b:84:de:0d:34:07:1c:ad:85:
1d:eb:47:ea:c1:18:a9:d6:64:21:3e:47:ce:7f:0c:cd:36:36:
8b:3f:3d:e1:ff:05:a3:cf:f9:db:2f:ef:e4:55:57:07:92:ed:
ba:86:f2:e1:de:87:ff:42:3d:4d:a1:23:bd:31:ed:5f:18:c8:
bb:f1:e0:3b:22:7e:40:11:da:2e:0e:1e:8a:7e:8c:9f:10:2d:
e6:51:ce:09:7c:8e:73:45:09:da:36:ce:5d:26:f1:e1:ea:b4:
ef:43:22:9a:33:2e:aa:7d:f8:18:1c:50:d2:65:ad:8a:f2:55:
01:36:a2:54:af:9c:32:b2:72:84:b4:f9:53:4e:58:90:77:b8:
02:27:eb:e2:ff:3d:2a:f4:4f:5d:1a:14:57:9e:32:5b:0a:ef:
60:f2:22:8e:10:91:83:3d:15:65:37:fc:d9:26:d3:d8:2a:a0:
0e:76:a4:68:21:c0:6a:27:69:54:34:97:36:bf:37:0b:fe:11:
f5:dd:16:e2:e4:33:05:7c:69:48:27:81:60:e9:29:28:e0:16:
9b:57:81:c7:07:6e:e0:dc:18:85:4f:fb:8f:07:b6:c0:1b:88:
86:c3:b9:6d
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBZvGWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2Q4M2IyMjVkZDMzODYwYzUxZGM0NGFhODhkYjVmMDNkYzE1YTc0MB4XDTIyMDEw
MTA1MDAxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlhMDNiZjRlYWE2
Y2M1NWI2ODU3NTY2NDdmMTI0OTQzZmMyOTI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeOrDa44MdHVhCGVR3bSD9UJrPDcyUxRhHWcIaRb6pQh+/4
5WmUrSaqNE1x2GplH5am1Uyjx6tGi2ORFjtygJsQu+sRZdpsHfp/UdiOcli5jUT2
qthFPWGo73n5ys0IofCKiMWBvLXotE/qMAi/PicgMPOb4WDy+6xEq1OdaP6sE5bQ
iXoRXSS0kN3su3yXBQ9jNrN+kJh/yqndt/H2p7xuRNrIq/2h8Qz4lSbFcqpBEghq
HQDder/P1WSXRbn7Zjld+PbOIztocAdccPRPL7ev3YLwIBNVQ3rVu6NoiqmAn/IF
Vi/0mLNBmNMRKbfl/9o2r8l4BoX5+PUaT7MwqxECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRJoDv06qbMVbaFdWZH8SSUP8KSjDAfBgNVHSMEGDAWgBQT2DsiXdM4YMUd
xEqojbXwPcFadDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U5ZzdJbDNUT0dERkhjUktxSTIxOEQzQlduUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvZjIxMTFhLTNmNDctNGZmMC1hNTFkLWIyNTEzNzdhZGQ4Ni8x
L1NhQTc5T3FtekZXMmhYVm1SX0VrbERfQ2tvdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
ZjIxMTFhLTNmNDctNGZmMC1hNTFkLWIyNTEzNzdhZGQ4Ni8xL0U5ZzdJbDNUT0dE
RkhjUktxSTIxOEQzQlduUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvGxwMEA5L/qAMEArkLoAMEArlQ
sDANBAIAAjAHAwUDKgM5wDANBgkqhkiG9w0BAQsFAAOCAQEAe+yTWn28Gt9XtFFV
wNvBuykrlhSPg6yXPADjK4TeDTQHHK2FHetH6sEYqdZkIT5Hzn8MzTY2iz894f8F
o8/52y/v5FVXB5Ltuoby4d6H/0I9TaEjvTHtXxjIu/HgOyJ+QBHaLg4ein6MnxAt
5lHOCXyOc0UJ2jbOXSbx4eq070MimjMuqn34GBxQ0mWtivJVATaiVK+cMrJyhLT5
U05YkHe4Aifr4v89KvRPXRoUV54yWwrvYPIijhCRgz0VZTf82SbT2CqgDnakaCHA
aidpVDSXNr83C/4R9d0W4uQzBXxpSCeBYOkpKOAWm1eBxwdu4NwYhU/7jwe2wBuI
hsO5bQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:27 2025 by rpki-client