Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/mECfF-vK2Lf5iSM5ubT8DiaoNgA.roa
File: mECfF-vK2Lf5iSM5ubT8DiaoNgA.roa (raw, json)
Hash identifier: h2qLo1qJYiOSOwRtK5yWCPPXYb1kQ2suEPGbIK3YEak=
Subject key identifier: 98:40:9F:17:EB:CA:D8:B7:F9:89:23:39:B9:B4:FC:0E:26:A8:36:00
Certificate issuer: /CN=db418bcf3194317b9c2881193196feb598fd9eee
Certificate serial: 0BC486A5
Authority key identifier: DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/mECfF-vK2Lf5iSM5ubT8DiaoNgA.roa
Signing time: Sat 01 Jan 2022 04:00:53 +0000
ROA not before: Sat 01 Jan 2022 04:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48571
IP address blocks: 91.216.80.0/24 maxlen: 24
194.55.152.0/22 maxlen: 24
91.209.189.0/24 maxlen: 24
2a0c:cb40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197428901 (0xbc486a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db418bcf3194317b9c2881193196feb598fd9eee
Validity
Not Before: Jan 1 04:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98409f17ebcad8b7f9892339b9b4fc0e26a83600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:23:ee:3c:8e:ee:46:fe:6d:50:50:07:be:f2:
21:93:28:7d:83:8e:d5:1e:c9:25:96:ab:8b:90:94:
1b:7c:3c:27:c9:6f:f6:c8:19:79:66:78:74:3a:4e:
64:87:3b:d4:06:0d:42:ea:fa:92:e2:9b:6a:9e:5a:
38:43:38:66:f3:1c:89:73:a9:ee:6a:b4:70:07:00:
c5:76:2f:ad:1d:4d:ea:13:6a:f4:8e:ad:5b:9e:fe:
e2:89:3a:f3:ca:49:c0:a8:e9:98:15:5b:37:1d:46:
37:e8:1d:70:8e:98:e9:b7:25:cf:6b:5d:e4:e2:58:
32:a2:25:5c:a2:4e:f1:d8:fb:0f:6b:35:b2:f0:2c:
9a:3d:e4:a4:41:5d:cb:59:04:4c:36:a8:e1:f8:33:
cf:a1:88:0c:4a:b9:d8:fa:2b:ae:7b:d7:2f:2c:ab:
55:ee:e3:c3:2f:f9:15:38:c0:31:a6:43:f8:76:9a:
61:f5:5e:13:6b:7e:76:9c:2c:31:4e:b4:1b:95:9f:
c9:08:21:b8:61:a8:c1:1b:0d:09:1d:1d:ea:8d:10:
4f:8d:28:59:d0:00:05:61:78:bc:bc:6c:b6:fd:6a:
bb:43:d0:1b:be:86:d9:1a:ee:17:dc:d8:a1:86:16:
23:25:28:5d:b1:91:ed:76:ef:ac:be:40:bb:d3:17:
a0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:40:9F:17:EB:CA:D8:B7:F9:89:23:39:B9:B4:FC:0E:26:A8:36:00
X509v3 Authority Key Identifier:
keyid:DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/mECfF-vK2Lf5iSM5ubT8DiaoNgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/20GLzzGUMXucKIEZMZb-tZj9nu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.189.0/24
91.216.80.0/24
194.55.152.0/22
IPv6:
2a0c:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:57:d1:6d:cc:84:28:0b:9e:ba:08:d1:c3:02:42:45:53:98:
e8:0e:56:ea:2d:92:c6:23:ea:ed:f7:ac:08:3f:b6:90:d6:55:
ca:66:95:95:29:d9:32:11:eb:ab:04:a2:69:c9:73:9c:8a:1d:
03:93:96:9a:a8:e0:c5:cb:be:f1:0d:6e:03:be:e9:06:4e:44:
7e:6f:e7:eb:71:5b:19:72:d9:80:a6:49:e9:64:7c:9d:e3:05:
fb:93:d9:b0:d7:df:5f:4b:8a:49:88:4a:89:f6:63:ad:19:b4:
bc:db:27:96:33:57:e1:a1:04:c5:d3:88:3a:a6:bb:65:0a:44:
7d:0c:b8:83:97:7b:9f:a8:4a:e2:08:d5:39:86:dd:7f:6d:43:
70:2b:55:ea:ca:ae:73:ce:16:c8:60:0f:5d:46:d8:3b:cc:1a:
c2:be:55:8d:c4:cc:02:d1:c4:c7:66:f7:bc:cd:1b:d6:2e:f8:
af:90:aa:a8:58:d2:98:ec:2d:6e:2d:63:59:71:9f:4a:46:64:
9a:b6:0e:68:9d:13:4a:4e:fe:00:44:55:00:02:c0:91:88:57:
a3:81:ff:71:6d:1d:e8:51:2b:8b:d7:cd:8d:c9:c9:2b:52:ea:
d0:43:26:bc:f8:25:7b:4e:90:27:d0:29:c7:6c:e4:dd:93:50:
27:11:1c:6e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEC8SGpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjQxOGJjZjMxOTQzMTdiOWMyODgxMTkzMTk2ZmViNTk4ZmQ5ZWVlMB4XDTIyMDEw
MTA0MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg0MDlmMTdlYmNh
ZDhiN2Y5ODkyMzM5YjliNGZjMGUyNmE4MzYwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOYj7jyO7kb+bVBQB77yIZMofYOO1R7JJZari5CUG3w8J8lv
9sgZeWZ4dDpOZIc71AYNQur6kuKbap5aOEM4ZvMciXOp7mq0cAcAxXYvrR1N6hNq
9I6tW57+4ok688pJwKjpmBVbNx1GN+gdcI6Y6bclz2td5OJYMqIlXKJO8dj7D2s1
svAsmj3kpEFdy1kETDao4fgzz6GIDEq52PorrnvXLyyrVe7jwy/5FTjAMaZD+Haa
YfVeE2t+dpwsMU60G5WfyQghuGGowRsNCR0d6o0QT40oWdAABWF4vLxstv1qu0PQ
G76G2RruF9zYoYYWIyUoXbGR7XbvrL5Au9MXoDMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSYQJ8X68rYt/mJIzm5tPwOJqg2ADAfBgNVHSMEGDAWgBTbQYvPMZQxe5wo
gRkxlv61mP2e7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzIwR0x6ekdVTVh1Y0tJRVpNWmItdFpqOW51NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvYjg5N2FkLTVkNDEtNDBhMi05MGMzLWUyOWVlM2Q5MTM5NS8x
L21FQ2ZGLXZLMkxmNWlTTTV1YlQ4RGlhb05nQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Yjg5N2FkLTVkNDEtNDBhMi05MGMzLWUyOWVlM2Q5MTM5NS8xLzIwR0x6ekdVTVh1
Y0tJRVpNWmItdFpqOW51NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFvRvQMEAFvYUAMEAsI3mDANBAIA
AjAHAwUDKgzLQDANBgkqhkiG9w0BAQsFAAOCAQEAOlfRbcyEKAueugjRwwJCRVOY
6A5W6i2SxiPq7fesCD+2kNZVymaVlSnZMhHrqwSiaclznIodA5OWmqjgxcu+8Q1u
A77pBk5Efm/n63FbGXLZgKZJ6WR8neMF+5PZsNffX0uKSYhKifZjrRm0vNsnljNX
4aEExdOIOqa7ZQpEfQy4g5d7n6hK4gjVOYbdf21DcCtV6squc84WyGAPXUbYO8wa
wr5VjcTMAtHEx2b3vM0b1i74r5CqqFjSmOwtbi1jWXGfSkZkmrYOaJ0TSk7+AERV
AALAkYhXo4H/cW0d6FEri9fNjcnJK1Lq0EMmvPgle06QJ9Apx2zk3ZNQJxEcbg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:11:07 2025 by rpki-client