Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/urVllV2wq8Hb8GTxC_Nj__pWJqE.roa
File: urVllV2wq8Hb8GTxC_Nj__pWJqE.roa (raw, json)
Hash identifier: gUVSdgnir4MYNvjBMuW4r89hKJfHzLpJiK6u51u5jFM=
Subject key identifier: BA:B5:65:95:5D:B0:AB:C1:DB:F0:64:F1:0B:F3:63:FF:FA:56:26:A1
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 01840A44E1225C6695092A9535FD1725B402
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/urVllV2wq8Hb8GTxC_Nj__pWJqE.roa
Signing time: Mon 24 Oct 2022 13:53:16 +0000
ROA not before: Mon 24 Oct 2022 13:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59729
IP address blocks: 91.247.36.0/23 maxlen: 23
91.215.152.0/24 maxlen: 24
91.215.153.0/24 maxlen: 24
91.215.154.0/24 maxlen: 24
91.215.155.0/24 maxlen: 24
91.210.166.0/23 maxlen: 23
2001:67c:2f4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:44:e1:22:5c:66:95:09:2a:95:35:fd:17:25:b4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Oct 24 13:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bab565955db0abc1dbf064f10bf363fffa5626a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8b:36:ba:8b:92:a8:cb:ae:d9:d7:1e:3d:75:
49:8c:4e:b0:d4:1c:07:3d:d0:54:9c:5d:bf:f4:96:
ce:dd:40:4e:38:b9:92:9c:a6:17:0b:dc:41:d5:b5:
ae:5e:1b:8b:b7:e0:6c:f8:42:22:c9:67:e6:b5:2f:
c0:91:ee:63:83:30:51:d2:68:64:27:ae:d3:98:1e:
09:8d:ea:14:a1:b9:c2:92:9d:f6:82:f7:80:15:0d:
79:2e:4b:61:0c:c6:cc:3e:ae:72:20:e0:13:15:39:
a9:c0:9e:dc:a6:9f:aa:d0:6e:85:56:8a:ed:d2:64:
e0:8c:d5:59:df:b1:66:df:42:eb:15:0b:ad:7f:2f:
0f:91:09:83:4f:61:18:1d:38:6b:39:e4:08:d6:46:
8d:b7:2e:f8:b7:14:96:3e:1a:33:33:3f:1c:12:a8:
36:fc:56:d5:6b:13:ae:bd:b2:cb:08:81:2a:30:61:
03:0c:d7:e7:88:be:8f:0b:34:29:0c:e3:24:3a:c4:
f9:69:72:d5:df:b9:bd:24:1e:71:c0:81:5e:a2:d5:
53:a4:03:38:69:d2:72:37:78:3e:cb:42:e2:d6:e4:
c6:66:0c:7b:73:2b:ec:b8:c2:49:fb:b3:48:38:05:
1a:22:83:7b:a4:b0:0f:51:78:0f:43:02:66:53:60:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B5:65:95:5D:B0:AB:C1:DB:F0:64:F1:0B:F3:63:FF:FA:56:26:A1
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/urVllV2wq8Hb8GTxC_Nj__pWJqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.166.0/23
91.215.152.0/22
91.247.36.0/23
IPv6:
2001:67c:2f4c::/48
Signature Algorithm: sha256WithRSAEncryption
2f:02:9b:01:65:cc:86:98:64:bd:55:1e:ed:cc:a1:72:e5:21:
c8:7e:c3:12:b2:fc:e9:5b:d1:f8:74:21:29:94:36:6e:e5:50:
a2:34:91:eb:66:83:39:8f:38:2e:4b:7c:42:6c:cc:b4:a6:36:
9f:39:0d:3e:58:12:c4:19:29:82:a2:e3:bb:2f:f7:6a:4f:36:
0a:2f:3b:fd:55:38:fa:c9:98:a2:ce:f5:5d:de:ca:12:52:94:
6c:9d:90:c2:08:92:9e:1a:b9:82:d7:a8:91:bb:99:8a:ec:5f:
5f:5e:db:d9:90:68:19:65:f1:58:a2:a2:24:64:b6:0f:c8:a7:
e8:6b:92:61:7b:61:55:8a:d6:41:e3:3d:72:c7:a8:2a:cd:d4:
22:d4:17:49:49:23:e7:7a:da:67:dd:35:e1:7c:64:ce:3a:84:
c0:7b:82:cc:79:6e:65:42:13:7d:1d:19:3f:dc:f9:9c:eb:00:
dd:40:8a:eb:3e:92:27:b4:07:c1:7f:bb:84:36:bb:7f:21:06:
6d:14:c1:4b:a1:51:d1:0c:de:8c:f1:4a:73:ef:d2:21:6d:6f:
b7:41:fd:7b:80:ac:45:5c:6d:ac:b9:8b:20:6d:a8:08:18:56:
32:ce:b5:8e:f5:60:77:37:ee:f9:92:54:73:aa:f6:a2:8f:7c:
5f:d4:00:e2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYQKROEiXGaVCSqVNf0XJbQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjIxMDI0MTM1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI1NjU5NTVkYjBhYmMxZGJmMDY0ZjEwYmYzNjNmZmZhNTYyNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4s2uouSqMuu2dcePXVJjE6w1BwH
PdBUnF2/9JbO3UBOOLmSnKYXC9xB1bWuXhuLt+Bs+EIiyWfmtS/Ake5jgzBR0mhk
J67TmB4JjeoUobnCkp32gveAFQ15LkthDMbMPq5yIOATFTmpwJ7cpp+q0G6FVort
0mTgjNVZ37Fm30LrFQutfy8PkQmDT2EYHThrOeQI1kaNty74txSWPhozMz8cEqg2
/FbVaxOuvbLLCIEqMGEDDNfniL6PCzQpDOMkOsT5aXLV37m9JB5xwIFeotVTpAM4
adJyN3g+y0Li1uTGZgx7cyvsuMJJ+7NIOAUaIoN7pLAPUXgPQwJmU2AnGwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLq1ZZVdsKvB2/Bk8QvzY//6ViahMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvdXJWbGxWMndxOEhiOEdUeENfTmpfX3BXSnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW9KmAwQC
W9eYAwQBW/ckMA8EAgACMAkDBwAgAQZ8L0wwDQYJKoZIhvcNAQELBQADggEBAC8C
mwFlzIaYZL1VHu3MoXLlIch+wxKy/Olb0fh0ISmUNm7lUKI0ketmgzmPOC5LfEJs
zLSmNp85DT5YEsQZKYKi47sv92pPNgovO/1VOPrJmKLO9V3eyhJSlGydkMIIkp4a
uYLXqJG7mYrsX19e29mQaBll8ViioiRktg/Ip+hrkmF7YVWK1kHjPXLHqCrN1CLU
F0lJI+d62mfdNeF8ZM46hMB7gsx5bmVCE30dGT/c+ZzrAN1Aius+kie0B8F/u4Q2
u38hBm0UwUuhUdEM3ozxSnPv0iFtb7dB/XuArEVcbay5iyBtqAgYVjLOtY71YHc3
7vmSVHOq9qKPfF/UAOI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:12 2025 by rpki-client