Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/X9ortmzAhHQr3itb5qUXpD0eGw8.roa
File: X9ortmzAhHQr3itb5qUXpD0eGw8.roa (raw, json)
Hash identifier: 2Xc71ZNzyQu0HncZgCITDwe+MwXHSAGdewQZLP0G+Pw=
Subject key identifier: 5F:DA:2B:B6:6C:C0:84:74:2B:DE:2B:5B:E6:A5:17:A4:3D:1E:1B:0F
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 05DAE973
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/X9ortmzAhHQr3itb5qUXpD0eGw8.roa
Signing time: Sat 01 Jan 2022 11:02:35 +0000
ROA not before: Sat 01 Jan 2022 11:02:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19551
IP address blocks: 91.109.251.0/24 maxlen: 24
91.109.250.0/24 maxlen: 24
91.109.249.0/24 maxlen: 24
91.109.248.0/24 maxlen: 24
91.109.253.0/24 maxlen: 24
91.109.252.0/24 maxlen: 24
91.109.254.0/24 maxlen: 24
217.147.125.0/24 maxlen: 24
217.147.124.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.127.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98232691 (0x5dae973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 11:02:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fda2bb66cc084742bde2b5be6a517a43d1e1b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:83:24:85:94:3b:d6:b4:82:ff:fb:0d:6a:bc:
07:f4:d9:e5:3f:8d:d4:f3:cb:e9:00:7c:98:9a:74:
f8:7a:ac:1e:9d:49:f5:a4:94:c5:e5:e9:da:99:e8:
e8:e5:5a:7c:53:4b:de:92:ac:a4:b7:8c:60:ae:e7:
3d:81:c8:ac:3a:01:ed:66:f6:af:f7:c7:d4:52:d5:
db:86:03:d2:97:e8:cf:2f:a5:20:13:bf:0f:c0:e3:
bc:46:b7:dc:00:cb:9e:1f:49:16:11:d4:96:76:8e:
b8:8d:54:7a:71:3a:5e:b5:bf:77:1f:34:91:53:ac:
88:2d:c9:43:d2:e3:12:5e:5e:d8:aa:fc:fd:69:89:
c5:8b:af:ee:2f:66:10:3a:57:78:4f:e0:92:c3:6d:
50:0e:1c:27:97:f7:ff:f0:c7:30:64:73:3c:45:ba:
32:43:e0:59:bb:ce:c8:87:3a:36:11:8e:a4:5b:1d:
f3:4f:16:20:3a:61:a2:88:c3:9e:a7:c1:b2:9f:da:
3e:9e:c9:db:24:8b:2a:a5:f5:77:28:03:c8:c3:e3:
a5:ae:c8:30:05:59:d4:c6:42:de:63:00:e1:23:e7:
27:bc:23:17:91:02:b7:cf:55:d4:1a:fc:b2:8b:27:
d4:21:4c:c0:74:ea:8a:97:23:9a:4c:cc:58:c2:7b:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DA:2B:B6:6C:C0:84:74:2B:DE:2B:5B:E6:A5:17:A4:3D:1E:1B:0F
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/X9ortmzAhHQr3itb5qUXpD0eGw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.248.0-91.109.254.255
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
38:9e:e1:ac:19:69:da:a7:42:46:4f:99:39:e8:40:3e:ce:ca:
93:bf:dc:98:5d:34:6e:d9:f5:f5:aa:64:15:0a:be:27:80:2a:
46:ba:7c:08:b6:c1:62:c5:a5:c3:c6:eb:2d:f1:f5:39:cb:45:
c0:8d:d3:d3:7b:e0:23:d4:53:e0:fe:d1:1e:08:e5:34:ba:83:
20:5d:da:d8:76:f1:21:c9:49:fa:59:e2:26:29:91:f5:ed:05:
34:7c:13:33:14:94:6f:97:3e:80:7f:8b:60:92:4f:7e:4d:5b:
ee:b1:62:87:a5:06:76:0d:3e:e5:ba:65:1b:b2:07:d4:23:90:
64:3b:46:bf:cf:cf:41:ca:eb:cf:69:b0:14:4b:94:1e:6e:94:
4f:1e:bf:d9:7b:55:a8:c4:e5:6e:71:8f:ac:96:1f:5d:20:90:
b6:d1:d5:38:73:a9:03:97:a4:74:56:06:00:c0:86:ee:0a:6d:
44:1d:8c:5a:05:ac:fe:a7:4c:02:37:d1:e8:89:ef:de:45:11:
a8:25:01:17:79:8f:2f:40:f2:0e:ae:87:b5:17:98:16:3e:43:
de:86:82:2d:4c:7d:bd:24:3c:57:f9:a5:cc:37:cc:7f:c4:c9:
e1:46:fc:59:26:15:34:01:a9:38:5f:47:71:1f:a4:ea:ad:ee:
38:3a:11:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBdrpczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2Y5MTBmMzYyOTFjM2MyMjRkZGI1OTZkOTU2NTQzMTk3ZjE2M2RlMB4XDTIyMDEw
MTExMDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkYTJiYjY2Y2Mw
ODQ3NDJiZGUyYjViZTZhNTE3YTQzZDFlMWIwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyDJIWUO9a0gv/7DWq8B/TZ5T+N1PPL6QB8mJp0+HqsHp1J
9aSUxeXp2pno6OVafFNL3pKspLeMYK7nPYHIrDoB7Wb2r/fH1FLV24YD0pfozy+l
IBO/D8DjvEa33ADLnh9JFhHUlnaOuI1UenE6XrW/dx80kVOsiC3JQ9LjEl5e2Kr8
/WmJxYuv7i9mEDpXeE/gksNtUA4cJ5f3//DHMGRzPEW6MkPgWbvOyIc6NhGOpFsd
808WIDphoojDnqfBsp/aPp7J2ySLKqX1dygDyMPjpa7IMAVZ1MZC3mMA4SPnJ7wj
F5ECt89V1Br8sosn1CFMwHTqipcjmkzMWMJ7EyECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRf2iu2bMCEdCveK1vmpRekPR4bDzAfBgNVHSMEGDAWgBSs+RDzYpHDwiTd
tZbZVlQxl/Fj3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JQa1E4MktSdzhJazNiV1cyVlpVTVpmeFk5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMWY1ZTA3LTMyYjYtNDExNC04YjBkLWQzYjU4ZjY5ODE0OC8x
L1g5b3J0bXpBaEhRcjNpdGI1cVVYcEQwZUd3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MWY1ZTA3LTMyYjYtNDExNC04YjBkLWQzYjU4ZjY5ODE0OC8xL3JQa1E4MktSdzhJ
azNiV1cyVlpVTVpmeFk5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQDW234AwQAW23+AwQC2ZN8MA0G
CSqGSIb3DQEBCwUAA4IBAQA4nuGsGWnap0JGT5k56EA+zsqTv9yYXTRu2fX1qmQV
Cr4ngCpGunwItsFixaXDxust8fU5y0XAjdPTe+Aj1FPg/tEeCOU0uoMgXdrYdvEh
yUn6WeImKZH17QU0fBMzFJRvlz6Af4tgkk9+TVvusWKHpQZ2DT7lumUbsgfUI5Bk
O0a/z89ByuvPabAUS5QebpRPHr/Ze1WoxOVucY+slh9dIJC20dU4c6kDl6R0VgYA
wIbuCm1EHYxaBaz+p0wCN9Hoie/eRRGoJQEXeY8vQPIOroe1F5gWPkPehoItTH29
JDxX+aXMN8x/xMnhRvxZJhU0Aak4X0dxH6Tqre44OhGP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:37 2025 by rpki-client