Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/lM6opg4_gtvVhta30hsoUkU28vw.roa
File: lM6opg4_gtvVhta30hsoUkU28vw.roa (raw, json)
Hash identifier: PrvTrbX+RafSgZkXWnGWEXHlppbaCppxMKVz1sDLD2k=
Subject key identifier: 94:CE:A8:A6:0E:3F:82:DB:D5:86:D6:B7:D2:1B:28:52:45:36:F2:FC
Certificate issuer: /CN=5134d1320645644e2eaf3685879d693f72522c76
Certificate serial: 048507BB
Authority key identifier: 51:34:D1:32:06:45:64:4E:2E:AF:36:85:87:9D:69:3F:72:52:2C:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UTTRMgZFZE4urzaFh51pP3JSLHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/lM6opg4_gtvVhta30hsoUkU28vw.roa
Signing time: Sat 01 Jan 2022 06:53:25 +0000
ROA not before: Sat 01 Jan 2022 06:53:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208098
IP address blocks: 91.194.24.0/24 maxlen: 24
91.194.24.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75827131 (0x48507bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5134d1320645644e2eaf3685879d693f72522c76
Validity
Not Before: Jan 1 06:53:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94cea8a60e3f82dbd586d6b7d21b28524536f2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0b:e8:d8:ee:a1:ff:a4:bd:05:1f:7f:92:8f:
83:25:e6:26:5a:65:ac:fa:23:2d:45:39:81:95:77:
24:67:bb:19:69:9f:a1:84:e5:39:03:41:c1:7d:ef:
79:73:65:ca:28:1d:7c:6b:5a:52:b0:2e:4d:ab:ac:
fa:c9:1c:52:7d:61:47:55:f7:a3:d6:94:cf:d6:12:
2d:26:4b:76:e9:ed:23:a0:12:4f:d1:8f:a0:88:12:
4a:c5:ca:a3:a5:11:a7:cb:42:7d:79:9d:6c:e6:ff:
8c:51:e0:7d:b0:d1:8a:91:3e:c4:39:4a:a1:42:a9:
1e:7e:7e:42:81:44:18:4b:05:c5:8c:5d:ab:e9:6e:
4a:05:97:a9:af:76:37:f2:e4:dc:2a:cd:e9:88:8d:
c7:50:d1:08:57:b7:9e:2f:95:d4:63:33:ac:32:7a:
e3:a8:e4:47:a3:ae:a3:c3:60:7c:33:55:38:52:de:
a6:9f:17:5f:62:7f:be:d0:6b:e8:08:cb:ff:c0:0a:
58:29:c4:86:3f:3c:e2:d5:e7:b3:71:53:e9:8f:b1:
af:3d:fe:64:02:a9:00:95:f9:94:14:37:ef:f0:2f:
ae:83:09:59:f8:d1:a7:ea:cd:bd:16:88:f6:88:d7:
55:5e:de:e1:40:15:ef:84:24:dd:db:37:7c:a3:0a:
b2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CE:A8:A6:0E:3F:82:DB:D5:86:D6:B7:D2:1B:28:52:45:36:F2:FC
X509v3 Authority Key Identifier:
keyid:51:34:D1:32:06:45:64:4E:2E:AF:36:85:87:9D:69:3F:72:52:2C:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTTRMgZFZE4urzaFh51pP3JSLHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/lM6opg4_gtvVhta30hsoUkU28vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/UTTRMgZFZE4urzaFh51pP3JSLHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.24.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:aa:08:ff:58:c3:a7:d0:3d:22:78:7f:f2:3e:1b:b5:44:c2:
9a:24:a5:86:39:26:90:54:0e:d8:7a:a2:2c:16:6c:37:c0:b9:
c8:83:00:4b:df:74:2d:a5:5f:ca:93:16:d8:7e:2e:7f:ff:00:
d5:39:14:6d:7a:70:e0:fb:3c:50:62:96:7f:18:50:00:f2:d0:
6e:32:a4:ba:8b:3b:10:7d:98:29:f3:0e:04:ad:52:94:67:3f:
07:07:55:68:63:61:ef:63:67:3d:82:d5:fe:25:0d:32:f3:d6:
bc:f1:5f:30:d1:8a:c6:d6:82:90:a6:9b:49:84:47:e1:d9:f0:
2a:11:02:b3:e7:68:b7:9b:50:23:c5:9d:4f:8e:43:34:76:92:
22:3e:c7:02:06:a5:05:05:46:33:eb:59:30:ff:8c:71:b8:c2:
aa:d1:a6:94:fe:5b:32:5e:54:8f:72:d2:2f:ca:03:c0:25:c0:
b1:68:84:d9:58:e1:d3:83:57:c8:78:6b:c5:6c:3b:97:00:2c:
d2:48:92:9a:77:7a:8e:ed:44:27:3a:8e:e4:af:ec:4c:61:3f:
68:cf:cf:5a:9d:d8:09:dc:3b:40:fe:ff:dc:a1:cd:3b:2f:36:
88:49:f3:4a:ba:4e:5f:3b:d7:b1:17:fe:bb:7f:0b:a7:ee:d1:
de:e5:11:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBIUHuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTM0ZDEzMjA2NDU2NDRlMmVhZjM2ODU4NzlkNjkzZjcyNTIyYzc2MB4XDTIyMDEw
MTA2NTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRjZWE4YTYwZTNm
ODJkYmQ1ODZkNmI3ZDIxYjI4NTI0NTM2ZjJmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4L6Njuof+kvQUff5KPgyXmJlplrPojLUU5gZV3JGe7GWmf
oYTlOQNBwX3veXNlyigdfGtaUrAuTaus+skcUn1hR1X3o9aUz9YSLSZLduntI6AS
T9GPoIgSSsXKo6URp8tCfXmdbOb/jFHgfbDRipE+xDlKoUKpHn5+QoFEGEsFxYxd
q+luSgWXqa92N/Lk3CrN6YiNx1DRCFe3ni+V1GMzrDJ646jkR6Ouo8NgfDNVOFLe
pp8XX2J/vtBr6AjL/8AKWCnEhj884tXns3FT6Y+xrz3+ZAKpAJX5lBQ37/AvroMJ
WfjRp+rNvRaI9ojXVV7e4UAV74Qk3ds3fKMKspECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUzqimDj+C29WG1rfSGyhSRTby/DAfBgNVHSMEGDAWgBRRNNEyBkVkTi6v
NoWHnWk/clIsdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VUVFJNZ1pGWkU0dXJ6YUZoNTFwUDNKU0xIWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvOWZiMWQ3LTg0MjQtNGM4NC1iMGNiLTJmNTFlY2QxYWEwZS8x
L2xNNm9wZzRfZ3R2Vmh0YTMwaHNvVWtVMjh2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
OWZiMWQ3LTg0MjQtNGM4NC1iMGNiLTJmNTFlY2QxYWEwZS8xL1VUVFJNZ1pGWkU0
dXJ6YUZoNTFwUDNKU0xIWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvCGDANBgkqhkiG9w0BAQsFAAOC
AQEAzqoI/1jDp9A9Inh/8j4btUTCmiSlhjkmkFQO2HqiLBZsN8C5yIMAS990LaVf
ypMW2H4uf/8A1TkUbXpw4Ps8UGKWfxhQAPLQbjKkuos7EH2YKfMOBK1SlGc/BwdV
aGNh72NnPYLV/iUNMvPWvPFfMNGKxtaCkKabSYRH4dnwKhECs+dot5tQI8WdT45D
NHaSIj7HAgalBQVGM+tZMP+McbjCqtGmlP5bMl5Uj3LSL8oDwCXAsWiE2Vjh04NX
yHhrxWw7lwAs0kiSmnd6ju1EJzqO5K/sTGE/aM/PWp3YCdw7QP7/3KHNOy82iEnz
SrpOXzvXsRf+u38Lp+7R3uURNw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:29 2025 by rpki-client