Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/8lziHGqwFa3SDazDlRfjY-XZMfc.roa
File: 8lziHGqwFa3SDazDlRfjY-XZMfc.roa (raw, json)
Hash identifier: BybeDwOQu3ouvR5PCS6ONSPgvJAM3TmA3UieCZ5joIw=
Subject key identifier: F2:5C:E2:1C:6A:B0:15:AD:D2:0D:AC:C3:95:17:E3:63:E5:D9:31:F7
Certificate issuer: /CN=fc48e6506ec6d53c5915dc8f29644485df92fce9
Certificate serial: 035882A5
Authority key identifier: FC:48:E6:50:6E:C6:D5:3C:59:15:DC:8F:29:64:44:85:DF:92:FC:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EjmUG7G1TxZFdyPKWREhd-S_Ok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/8lziHGqwFa3SDazDlRfjY-XZMfc.roa
Signing time: Sat 01 Jan 2022 05:05:37 +0000
ROA not before: Sat 01 Jan 2022 05:05:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9208
IP address blocks: 91.220.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56132261 (0x35882a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc48e6506ec6d53c5915dc8f29644485df92fce9
Validity
Not Before: Jan 1 05:05:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f25ce21c6ab015add20dacc39517e363e5d931f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:61:0c:47:7d:4f:75:7a:36:b4:c1:9e:83:46:
92:17:93:70:6f:a6:25:cf:db:10:a5:7c:31:bb:86:
eb:f7:7c:8c:af:3c:fb:e8:e8:de:85:76:5c:40:47:
2a:3a:09:df:68:8e:b7:8b:a0:cc:28:3f:3a:9e:7b:
bd:ab:b7:bb:6d:d5:0c:a5:fb:ed:9f:51:eb:12:86:
3f:41:47:a6:2f:3b:bf:e0:b1:1d:73:c3:e0:72:cc:
6e:96:95:c5:19:fe:6c:d8:62:4e:e3:c6:ca:8b:23:
06:1c:df:c5:a0:66:7f:34:16:08:2f:e9:99:44:fd:
40:1c:95:48:f9:21:f0:8f:b8:09:bb:b7:9c:da:9b:
10:83:28:73:d6:80:26:4b:fe:b1:7b:df:f6:60:63:
cf:f3:67:f3:c7:3f:23:76:05:37:63:65:c3:b5:6e:
db:f5:be:a9:8b:81:07:5e:1c:b4:d0:0e:3b:36:d9:
fb:c1:49:ab:77:08:6f:94:9f:6f:fa:00:bd:ec:d3:
c1:79:95:40:99:05:74:69:97:35:90:06:36:04:ba:
bb:d9:04:01:7e:1d:75:b9:59:d3:5e:a5:21:ed:31:
e2:f1:f3:63:15:c1:3c:8d:8a:09:46:15:cc:45:dd:
ea:55:01:c6:21:a7:18:bc:07:a8:d2:80:83:f5:df:
23:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5C:E2:1C:6A:B0:15:AD:D2:0D:AC:C3:95:17:E3:63:E5:D9:31:F7
X509v3 Authority Key Identifier:
keyid:FC:48:E6:50:6E:C6:D5:3C:59:15:DC:8F:29:64:44:85:DF:92:FC:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EjmUG7G1TxZFdyPKWREhd-S_Ok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/8lziHGqwFa3SDazDlRfjY-XZMfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/3ab6cf-99cd-4ac4-9013-f5bee16ed3a7/1/_EjmUG7G1TxZFdyPKWREhd-S_Ok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.68.0/24
Signature Algorithm: sha256WithRSAEncryption
32:01:bb:1c:01:56:2b:e8:bb:ad:e2:99:c4:50:a7:4a:f9:2c:
8d:dd:c1:de:59:90:03:8e:8a:3e:c1:51:27:09:30:f8:80:0c:
81:41:98:05:91:9f:2a:e7:8c:1c:c1:94:36:18:cd:49:27:cb:
1f:a8:70:e1:64:d9:9c:65:da:eb:d5:02:f0:45:59:02:25:9f:
52:96:65:31:89:10:64:7b:78:33:a6:7b:9e:25:8a:6f:4a:3e:
0e:44:3c:c2:54:c4:9d:2a:cc:b2:6b:9a:d2:31:f5:35:79:2b:
12:56:c4:dd:88:3c:1c:01:95:67:12:75:59:a1:73:f0:41:cc:
1a:76:5e:f7:1c:87:68:98:9c:07:5c:d4:24:ec:47:7f:06:9b:
ac:c5:60:37:3e:35:14:8d:37:d4:28:ca:92:ed:a9:64:30:2f:
e2:df:07:c2:17:f6:a5:43:2e:70:1e:07:c8:6d:99:8b:dc:2f:
40:f7:dd:74:b8:07:45:a7:ea:46:89:8c:8e:2f:c1:0a:5f:59:
94:31:da:61:1f:30:bd:56:37:0b:51:0f:da:7d:46:fd:51:e2:
43:f3:76:4c:49:70:71:f4:04:7c:a4:a4:3c:fb:92:26:e1:95:
e5:3d:a4:0f:99:89:d5:68:17:e8:58:fc:84:0e:a0:23:b0:b3:
e8:80:74:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1iCpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzQ4ZTY1MDZlYzZkNTNjNTkxNWRjOGYyOTY0NDQ4NWRmOTJmY2U5MB4XDTIyMDEw
MTA1MDUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI1Y2UyMWM2YWIw
MTVhZGQyMGRhY2MzOTUxN2UzNjNlNWQ5MzFmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1hDEd9T3V6NrTBnoNGkheTcG+mJc/bEKV8MbuG6/d8jK88
++jo3oV2XEBHKjoJ32iOt4ugzCg/Op57vau3u23VDKX77Z9R6xKGP0FHpi87v+Cx
HXPD4HLMbpaVxRn+bNhiTuPGyosjBhzfxaBmfzQWCC/pmUT9QByVSPkh8I+4Cbu3
nNqbEIMoc9aAJkv+sXvf9mBjz/Nn88c/I3YFN2Nlw7Vu2/W+qYuBB14ctNAOOzbZ
+8FJq3cIb5Sfb/oAvezTwXmVQJkFdGmXNZAGNgS6u9kEAX4ddblZ016lIe0x4vHz
YxXBPI2KCUYVzEXd6lUBxiGnGLwHqNKAg/XfI/MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyXOIcarAVrdINrMOVF+Nj5dkx9zAfBgNVHSMEGDAWgBT8SOZQbsbVPFkV
3I8pZESF35L86TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19Fam1VRzdHMVR4WkZkeVBLV1JFaGQtU19Pay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvM2FiNmNmLTk5Y2QtNGFjNC05MDEzLWY1YmVlMTZlZDNhNy8x
LzhsemlIR3F3RmEzU0RhekRsUmZqWS1YWk1mYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
M2FiNmNmLTk5Y2QtNGFjNC05MDEzLWY1YmVlMTZlZDNhNy8xL19Fam1VRzdHMVR4
WkZkeVBLV1JFaGQtU19Pay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcRDANBgkqhkiG9w0BAQsFAAOC
AQEAMgG7HAFWK+i7reKZxFCnSvksjd3B3lmQA46KPsFRJwkw+IAMgUGYBZGfKueM
HMGUNhjNSSfLH6hw4WTZnGXa69UC8EVZAiWfUpZlMYkQZHt4M6Z7niWKb0o+DkQ8
wlTEnSrMsmua0jH1NXkrElbE3Yg8HAGVZxJ1WaFz8EHMGnZe9xyHaJicB1zUJOxH
fwabrMVgNz41FI031CjKku2pZDAv4t8Hwhf2pUMucB4HyG2Zi9wvQPfddLgHRafq
RomMji/BCl9ZlDHaYR8wvVY3C1EP2n1G/VHiQ/N2TElwcfQEfKSkPPuSJuGV5T2k
D5mJ1WgX6Fj8hA6gI7Cz6IB0Aw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:41 2025 by rpki-client