Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9e9559-8f3c-45d0-851c-68f2174c79ee/1/Sa1TMZgjBVFXNNUmUK3EmzIPhr4.roa
File: Sa1TMZgjBVFXNNUmUK3EmzIPhr4.roa (raw, json)
Hash identifier: Pevds7NKP9BD3NfBNvzHKMHUNq0uCkxCS6VAsyRiGdw=
Subject key identifier: 49:AD:53:31:98:23:05:51:57:34:D5:26:50:AD:C4:9B:32:0F:86:BE
Certificate issuer: /CN=449e4252bcb22ea2c6cfb3924c8f84bdde7a7471
Certificate serial: 3274DE13
Authority key identifier: 44:9E:42:52:BC:B2:2E:A2:C6:CF:B3:92:4C:8F:84:BD:DE:7A:74:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJ5CUryyLqLGz7OSTI-Evd56dHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9e9559-8f3c-45d0-851c-68f2174c79ee/1/Sa1TMZgjBVFXNNUmUK3EmzIPhr4.roa
Signing time: Sat 01 Jan 2022 08:53:21 +0000
ROA not before: Sat 01 Jan 2022 08:53:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59407
IP address blocks: 91.192.202.0/23 maxlen: 23
5.134.16.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 846519827 (0x3274de13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449e4252bcb22ea2c6cfb3924c8f84bdde7a7471
Validity
Not Before: Jan 1 08:53:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49ad5331982305515734d52650adc49b320f86be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:46:49:11:63:35:d1:2c:e2:eb:76:b1:39:73:
97:25:e1:9f:1d:d8:0a:13:1b:74:4c:ca:14:7d:df:
14:c1:a2:05:fa:33:d2:f0:e1:d0:6f:27:3d:b8:85:
14:3b:f1:68:19:22:fd:75:77:b5:ff:31:1c:c5:c8:
33:ca:a8:a3:68:e5:8d:d2:2a:6c:83:a4:3f:1f:81:
49:85:04:38:84:01:81:5c:c8:d8:ac:02:3a:d8:60:
92:65:56:fb:c6:ee:f8:6b:1b:86:c2:03:69:30:a1:
3f:a7:c5:54:f0:65:88:5b:29:1b:d8:3c:b5:21:b9:
1d:fe:c8:3c:a0:9a:e4:8f:87:10:a0:ff:de:ff:50:
85:cc:7d:26:2e:c7:a5:5d:b3:91:94:55:a1:6d:51:
a1:b5:d7:72:af:b7:20:de:cf:fa:37:ac:c6:a9:79:
84:61:1e:c4:73:04:e3:80:27:93:2a:ec:70:af:96:
31:97:f9:cb:e2:d7:e8:81:05:e7:84:21:f6:06:98:
f8:2f:21:6c:93:fa:79:8a:d0:04:07:17:2c:78:11:
4c:55:51:17:82:20:03:d9:5f:6e:25:50:68:3b:66:
cb:ab:95:5a:e4:f5:b4:a0:55:7a:43:30:d7:e2:6c:
d9:8f:19:21:90:45:d0:69:cc:cf:fa:d0:62:cf:16:
ee:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AD:53:31:98:23:05:51:57:34:D5:26:50:AD:C4:9B:32:0F:86:BE
X509v3 Authority Key Identifier:
keyid:44:9E:42:52:BC:B2:2E:A2:C6:CF:B3:92:4C:8F:84:BD:DE:7A:74:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJ5CUryyLqLGz7OSTI-Evd56dHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9e9559-8f3c-45d0-851c-68f2174c79ee/1/Sa1TMZgjBVFXNNUmUK3EmzIPhr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9e9559-8f3c-45d0-851c-68f2174c79ee/1/RJ5CUryyLqLGz7OSTI-Evd56dHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.16.0/21
91.192.202.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:9d:36:fb:73:1f:9b:3a:cc:e8:61:16:cb:38:84:d8:43:e6:
fe:11:18:2d:47:55:40:ee:69:5a:41:1b:9b:56:cf:51:f4:a3:
a4:fd:bb:14:d1:0d:23:85:46:39:d8:54:e0:b5:1c:df:2d:51:
87:68:0a:1a:54:a9:21:2e:d3:18:ab:d4:20:f7:a8:48:aa:0f:
f5:dc:95:ff:31:fd:76:b4:ce:f3:9e:10:95:d2:7e:cc:32:0f:
af:30:fa:6f:b4:e7:81:55:12:04:53:c8:70:2a:91:6e:ca:e0:
68:f8:cf:4d:83:9a:16:4a:3c:18:ec:0a:e6:a7:38:90:e7:7a:
65:33:04:29:6d:cf:4b:3f:e2:43:6b:53:58:b1:a8:9e:1c:24:
08:29:97:32:fd:f6:09:d4:4c:40:42:b9:ac:f4:70:9c:43:af:
d2:fe:11:97:eb:68:fd:e5:2d:ca:84:f3:af:a1:e5:fe:fc:7e:
9f:0b:ae:eb:26:2f:1b:4c:80:46:f3:20:97:a1:f1:c6:7a:2a:
1e:ac:e1:be:b3:6c:7e:bb:52:ed:d7:91:00:7a:7d:d2:0e:78:
e8:28:54:c0:ea:1e:a6:fb:9f:e5:0d:f8:b3:e7:ad:7c:8e:83:
fe:be:52:ad:5b:fa:50:96:65:5e:41:81:d3:76:66:eb:3e:6c:
60:a8:40:6c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMnTeEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDllNDI1MmJjYjIyZWEyYzZjZmIzOTI0YzhmODRiZGRlN2E3NDcxMB4XDTIyMDEw
MTA4NTMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlhZDUzMzE5ODIz
MDU1MTU3MzRkNTI2NTBhZGM0OWIzMjBmODZiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9GSRFjNdEs4ut2sTlzlyXhnx3YChMbdEzKFH3fFMGiBfoz
0vDh0G8nPbiFFDvxaBki/XV3tf8xHMXIM8qoo2jljdIqbIOkPx+BSYUEOIQBgVzI
2KwCOthgkmVW+8bu+GsbhsIDaTChP6fFVPBliFspG9g8tSG5Hf7IPKCa5I+HEKD/
3v9Qhcx9Ji7HpV2zkZRVoW1RobXXcq+3IN7P+jesxql5hGEexHME44AnkyrscK+W
MZf5y+LX6IEF54Qh9gaY+C8hbJP6eYrQBAcXLHgRTFVRF4IgA9lfbiVQaDtmy6uV
WuT1tKBVekMw1+Js2Y8ZIZBF0GnMz/rQYs8W7qECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRJrVMxmCMFUVc01SZQrcSbMg+GvjAfBgNVHSMEGDAWgBREnkJSvLIuosbP
s5JMj4S93np0cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JKNUNVcnl5THFMR3o3T1NUSS1FdmQ1NmRIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvOWU5NTU5LThmM2MtNDVkMC04NTFjLTY4ZjIxNzRjNzllZS8x
L1NhMVRNWmdqQlZGWE5OVW1VSzNFbXpJUGhyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
OWU5NTU5LThmM2MtNDVkMC04NTFjLTY4ZjIxNzRjNzllZS8xL1JKNUNVcnl5THFM
R3o3T1NUSS1FdmQ1NmRIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAwWGEAMEAVvAyjANBgkqhkiG9w0B
AQsFAAOCAQEAH502+3MfmzrM6GEWyziE2EPm/hEYLUdVQO5pWkEbm1bPUfSjpP27
FNENI4VGOdhU4LUc3y1Rh2gKGlSpIS7TGKvUIPeoSKoP9dyV/zH9drTO854QldJ+
zDIPrzD6b7TngVUSBFPIcCqRbsrgaPjPTYOaFko8GOwK5qc4kOd6ZTMEKW3PSz/i
Q2tTWLGonhwkCCmXMv32CdRMQEK5rPRwnEOv0v4Rl+to/eUtyoTzr6Hl/vx+nwuu
6yYvG0yARvMgl6HxxnoqHqzhvrNsfrtS7deRAHp90g546ChUwOoepvuf5Q34s+et
fI6D/r5SrVv6UJZlXkGB03Zm6z5sYKhAbA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:11 2025 by rpki-client