Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/smWRtKT0vXnA5CsEfRunpu3OmlY.roa
File: smWRtKT0vXnA5CsEfRunpu3OmlY.roa (raw, json)
Hash identifier: MrF+p5lTbGvRazo6rUiPbMmxSLuDbIqytmLfhRETo3A=
Subject key identifier: B2:65:91:B4:A4:F4:BD:79:C0:E4:2B:04:7D:1B:A7:A6:ED:CE:9A:56
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0ACF657AD2CA18ACA7DCF32247B453
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/smWRtKT0vXnA5CsEfRunpu3OmlY.roa
Signing time: Sun 01 Jan 2023 11:15:03 +0000
ROA not before: Sun 01 Jan 2023 11:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29372
IP address blocks: 91.68.249.0/24 maxlen: 24
91.68.247.0/24 maxlen: 24
91.68.248.0/24 maxlen: 24
91.68.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:cf:65:7a:d2:ca:18:ac:a7:dc:f3:22:47:b4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b26591b4a4f4bd79c0e42b047d1ba7a6edce9a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7e:63:2b:68:aa:33:b3:b1:eb:92:f0:6d:ca:
63:26:4f:88:52:aa:46:6f:f9:d4:18:59:70:c1:b2:
25:0d:ba:d2:a3:fc:2e:76:6f:b4:0f:27:d2:c6:65:
b8:1d:14:42:3e:4f:74:7f:59:17:0f:e5:8c:e8:7c:
74:de:54:09:13:86:8b:4f:25:a2:a4:6e:9e:54:3c:
a2:a3:d3:0e:36:d9:4d:6f:34:c6:12:44:3f:3b:a6:
a9:ba:95:ee:a3:65:2a:b7:41:c2:f4:8c:5d:59:66:
b6:ce:cc:0c:33:64:17:62:88:b7:90:ad:b9:9b:08:
f3:e1:c0:70:72:b5:b4:ff:f8:18:84:da:12:f1:9f:
7c:a9:87:bd:9d:0e:82:e4:b1:0d:4c:47:b5:4e:02:
62:f5:e3:cf:79:40:38:d3:3b:c4:08:a6:1d:9d:66:
bc:a5:67:67:fd:a5:28:ec:70:13:58:75:19:e2:e7:
3a:75:0c:35:d9:b0:20:af:63:8e:47:87:95:a3:32:
e3:a0:0a:92:44:cb:f5:49:65:43:ad:51:86:70:86:
66:01:6c:d8:21:29:ee:8f:6e:25:15:79:78:9c:7c:
1c:f8:79:5c:fc:29:4c:b9:7c:c5:70:9f:e8:14:6b:
a5:ef:60:f1:8e:ce:11:79:da:f9:07:bb:3e:a7:4a:
a8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:65:91:B4:A4:F4:BD:79:C0:E4:2B:04:7D:1B:A7:A6:ED:CE:9A:56
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/smWRtKT0vXnA5CsEfRunpu3OmlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.68.247.0-91.68.250.255
Signature Algorithm: sha256WithRSAEncryption
8f:19:08:c1:25:83:f0:2a:c6:49:f6:c1:4e:8f:65:a0:c8:bc:
40:10:30:22:0a:47:83:61:4b:c8:f9:28:5d:0b:b9:24:4d:e4:
f6:9e:38:43:3a:7c:ff:d3:f8:ff:c4:8f:9a:6a:6d:fa:87:6b:
17:4d:bd:80:e6:30:87:5f:51:54:75:ba:53:6c:29:07:e2:05:
85:7e:3d:e3:ce:c8:b1:b9:42:20:b1:d7:53:b4:23:6c:31:67:
b1:ba:8f:25:20:1e:e1:40:e6:ab:9b:03:bc:9a:bd:91:ec:2b:
c2:f0:bf:27:22:c0:04:e5:cc:49:b4:dd:49:7d:04:f7:dd:b1:
bf:c6:aa:11:35:4d:bf:7b:44:2d:ec:ea:1c:64:c7:e7:96:3a:
27:b7:af:4c:66:9a:07:e4:44:bd:af:ec:aa:c3:5d:ee:89:26:
da:2c:20:b3:96:0c:e3:1f:44:dd:6c:92:c4:8e:64:84:fd:a9:
35:a1:b6:d9:61:ba:80:55:0b:71:60:af:b6:00:b4:cd:24:fe:
ff:f2:84:c6:22:ef:3c:19:3f:7e:53:30:0e:76:c4:7f:6b:23:
da:b6:fa:9c:a6:d5:cc:9e:58:d5:a5:36:e3:39:7d:9e:54:21:
8c:67:23:e8:aa:7d:38:3c:9c:cd:ec:70:38:bb:b9:ad:20:47:
9b:09:79:fb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtCs9letLKGKyn3PMiR7RTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY1OTFiNGE0ZjRiZDc5YzBlNDJiMDQ3ZDFiYTdhNmVkY2U5YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX5jK2iqM7Ox65LwbcpjJk+IUqpG
b/nUGFlwwbIlDbrSo/wudm+0DyfSxmW4HRRCPk90f1kXD+WM6Hx03lQJE4aLTyWi
pG6eVDyio9MONtlNbzTGEkQ/O6apupXuo2Uqt0HC9IxdWWa2zswMM2QXYoi3kK25
mwjz4cBwcrW0//gYhNoS8Z98qYe9nQ6C5LENTEe1TgJi9ePPeUA40zvECKYdnWa8
pWdn/aUo7HATWHUZ4uc6dQw12bAgr2OOR4eVozLjoAqSRMv1SWVDrVGGcIZmAWzY
ISnuj24lFXl4nHwc+Hlc/ClMuXzFcJ/oFGul72Dxjs4Redr5B7s+p0qoywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLJlkbSk9L15wOQrBH0bp6btzppWMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvc21XUnRLVDB2WG5BNUNzRWZSdW5wdTNPbWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABbRPcD
BABbRPowDQYJKoZIhvcNAQELBQADggEBAI8ZCMElg/Aqxkn2wU6PZaDIvEAQMCIK
R4NhS8j5KF0LuSRN5PaeOEM6fP/T+P/Ej5pqbfqHaxdNvYDmMIdfUVR1ulNsKQfi
BYV+PePOyLG5QiCx11O0I2wxZ7G6jyUgHuFA5qubA7yavZHsK8LwvyciwATlzEm0
3Ul9BPfdsb/GqhE1Tb97RC3s6hxkx+eWOie3r0xmmgfkRL2v7KrDXe6JJtosILOW
DOMfRN1sksSOZIT9qTWhttlhuoBVC3Fgr7YAtM0k/v/yhMYi7zwZP35TMA52xH9r
I9q2+pym1cyeWNWlNuM5fZ5UIYxnI+iqfTg8nM3scDi7ua0gR5sJefs=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:00:15 2025 by rpki-client