Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/1-Swn5pGP8q3gaWdTmtmsVh5MLbc.roa
File: 1-Swn5pGP8q3gaWdTmtmsVh5MLbc.roa (raw, json)
Hash identifier: 9G6oc68qKC6aRbLX9EFK8hoSFp6KSQFLRO8WJHf2TjI=
Subject key identifier: F9:2C:27:E6:91:8F:F2:AD:E0:69:67:53:9A:D9:AC:56:1E:4C:2D:B7
Certificate issuer: /CN=4afacad2798856f0f065a265a109706941aca8ea
Certificate serial: 01856C1C781447FC4B471C309B73614F9C4D
Authority key identifier: 4A:FA:CA:D2:79:88:56:F0:F0:65:A2:65:A1:09:70:69:41:AC:A8:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/1-Swn5pGP8q3gaWdTmtmsVh5MLbc.roa
Signing time: Sun 01 Jan 2023 06:54:43 +0000
ROA not before: Sun 01 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47176
IP address blocks: 91.222.84.0/22 maxlen: 22
185.94.100.0/22 maxlen: 22
2a04:aa40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:78:14:47:fc:4b:47:1c:30:9b:73:61:4f:9c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afacad2798856f0f065a265a109706941aca8ea
Validity
Not Before: Jan 1 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f92c27e6918ff2ade06967539ad9ac561e4c2db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:2f:2c:99:84:16:12:e0:cf:47:f5:d2:e1:
3d:82:dd:6a:d6:6c:64:98:27:0e:59:e1:b1:4b:16:
b8:08:5c:c1:71:c4:80:5f:71:94:0c:42:f2:48:9f:
27:1a:11:65:5a:72:eb:70:55:7f:e0:c2:c2:c3:5b:
f5:d1:47:69:dd:ad:74:df:ae:6c:2b:f7:e9:f8:90:
37:ce:bf:88:b3:56:26:21:de:67:cb:0e:2e:b7:57:
32:88:28:b3:11:5e:ce:24:69:3a:1b:38:0a:95:05:
f6:16:47:71:c1:f7:f7:9d:fb:ee:24:df:d1:fa:c1:
03:a3:1c:7d:44:b6:1b:2b:90:a0:5d:2e:cd:12:12:
d2:a8:51:8c:17:dd:e5:3d:1c:0d:95:72:b9:f4:56:
94:66:ad:e4:9c:14:cc:7d:16:10:5f:10:c4:43:3b:
ea:65:30:a6:a4:31:e6:fd:53:a8:16:69:70:72:02:
62:53:1a:4b:26:0d:c4:be:e2:f2:fe:95:97:5f:20:
eb:2d:d6:e3:68:32:92:a8:54:fd:d2:62:63:9e:89:
b0:12:28:80:86:fd:bd:83:d5:57:29:e5:4d:2b:80:
d5:53:4a:d1:7e:0a:fe:6b:66:c0:64:e0:db:e3:e4:
b9:25:fc:5d:4c:8e:10:ab:91:17:97:66:cb:be:53:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2C:27:E6:91:8F:F2:AD:E0:69:67:53:9A:D9:AC:56:1E:4C:2D:B7
X509v3 Authority Key Identifier:
keyid:4A:FA:CA:D2:79:88:56:F0:F0:65:A2:65:A1:09:70:69:41:AC:A8:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/1-Swn5pGP8q3gaWdTmtmsVh5MLbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/SvrK0nmIVvDwZaJloQlwaUGsqOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.84.0/22
185.94.100.0/22
IPv6:
2a04:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
b7:48:13:5b:d1:36:32:50:1a:09:0a:a8:e8:1a:ed:42:df:09:
d3:63:1c:e4:cc:e8:75:4a:0b:8d:13:e7:61:ba:1f:26:77:e1:
d7:1b:98:81:ca:97:70:40:e5:b7:c6:26:74:bb:43:4a:a8:ec:
e3:a9:37:37:dc:fd:0f:93:a5:1f:f7:75:05:bc:c3:e1:76:52:
f5:cc:7a:32:19:59:2d:ed:ec:4b:c4:b9:48:90:db:9d:dc:6a:
a7:e7:0f:2c:f4:4c:c7:0b:a3:ba:be:b0:8a:dc:d8:06:39:99:
1a:2c:2d:32:48:64:1f:2c:00:0d:ea:99:71:98:48:e9:42:e8:
11:0e:c3:df:2c:6b:2a:9f:23:fa:49:2d:4b:bf:b3:2b:66:52:
95:96:07:a8:5c:ac:90:61:4d:2b:26:69:24:4a:3f:2d:ea:16:
3b:0e:2d:93:a3:b9:16:58:70:23:4b:4c:d6:a4:b6:be:36:b8:
47:19:b7:a7:b0:c3:68:2e:4b:52:e7:77:cd:60:52:48:f4:7e:
f4:4c:51:de:9c:3b:a0:71:a2:b8:33:5f:00:6e:a9:bc:27:75:
26:47:fb:97:f8:bd:99:21:5a:cf:2d:ff:22:46:24:10:12:db:
f7:77:a6:b6:a3:53:61:af:8c:31:cc:67:56:eb:f6:df:b8:e1:
8d:37:ba:32
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVsHHgUR/xLRxwwm3NhT5xNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmFjYWQyNzk4ODU2ZjBmMDY1YTI2NWExMDk3MDY5NDFh
Y2E4ZWEwHhcNMjMwMTAxMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTJjMjdlNjkxOGZmMmFkZTA2OTY3NTM5YWQ5YWM1NjFlNGMyZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWovLJmEFhLgz0f10uE9gt1q1mxk
mCcOWeGxSxa4CFzBccSAX3GUDELySJ8nGhFlWnLrcFV/4MLCw1v10Udp3a10365s
K/fp+JA3zr+Is1YmId5nyw4ut1cyiCizEV7OJGk6GzgKlQX2Fkdxwff3nfvuJN/R
+sEDoxx9RLYbK5CgXS7NEhLSqFGMF93lPRwNlXK59FaUZq3knBTMfRYQXxDEQzvq
ZTCmpDHm/VOoFmlwcgJiUxpLJg3EvuLy/pWXXyDrLdbjaDKSqFT90mJjnomwEiiA
hv29g9VXKeVNK4DVU0rRfgr+a2bAZODb4+S5JfxdTI4Qq5EXl2bLvlNcqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPksJ+aRj/Kt4GlnU5rZrFYeTC23MB8GA1UdIwQY
MBaAFEr6ytJ5iFbw8GWiZaEJcGlBrKjqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3ZySzBubUlWdkR3WmFKbG9RbHdhVUdzcU9vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lODJkMmEtNDA0MS00ODExLTg3YTUt
NzgzNDY5MjY5YjM1LzEvMS1Td241cEdQOHEzZ2FXZFRtdG1zVmg1TUxiYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzEvZTgyZDJhLTQwNDEtNDgxMS04N2E1LTc4MzQ2OTI2OWIz
NS8xL1N2ckswbm1JVnZEd1phSmxvUWx3YVVHc3FPby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlveVAME
ArleZDANBAIAAjAHAwUDKgSqQDANBgkqhkiG9w0BAQsFAAOCAQEAt0gTW9E2MlAa
CQqo6BrtQt8J02Mc5MzodUoLjRPnYbofJnfh1xuYgcqXcEDlt8YmdLtDSqjs46k3
N9z9D5OlH/d1BbzD4XZS9cx6MhlZLe3sS8S5SJDbndxqp+cPLPRMxwujur6witzY
BjmZGiwtMkhkHywADeqZcZhI6ULoEQ7D3yxrKp8j+kktS7+zK2ZSlZYHqFyskGFN
KyZpJEo/LeoWOw4tk6O5FlhwI0tM1qS2vja4Rxm3p7DDaC5LUud3zWBSSPR+9ExR
3pw7oHGiuDNfAG6pvCd1Jkf7l/i9mSFazy3/IkYkEBLb93emtqNTYa+MMcxnVuv2
37jhjTe6Mg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:52:16 2025 by rpki-client