Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/ByJ1fJg7-H9fAt3nazTHlLtWGoU.roa
File: ByJ1fJg7-H9fAt3nazTHlLtWGoU.roa (raw, json)
Hash identifier: Wr3nlPZFhwcEccJS+pcZhSYbErYLXcOs5D5iD0h/d58=
Subject key identifier: 07:22:75:7C:98:3B:F8:7F:5F:02:DD:E7:6B:34:C7:94:BB:56:1A:85
Certificate issuer: /CN=a9a073b31d888e4439e272e007c9532fc305c80d
Certificate serial: 018E0C
Authority key identifier: A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/ByJ1fJg7-H9fAt3nazTHlLtWGoU.roa
Signing time: Mon 09 May 2022 08:00:48 +0000
ROA not before: Mon 09 May 2022 08:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40975
IP address blocks: 195.138.214.0/24 maxlen: 24
91.197.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101900 (0x18e0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a073b31d888e4439e272e007c9532fc305c80d
Validity
Not Before: May 9 08:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0722757c983bf87f5f02dde76b34c794bb561a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:e3:ad:02:a9:28:ff:c6:23:70:ed:dd:4c:
44:24:c3:5a:29:1d:32:42:1a:5d:42:ac:71:26:25:
e3:50:33:1e:d5:5a:b2:d8:41:2f:f7:41:0b:ff:73:
c2:92:53:d2:25:a1:e5:4b:8f:74:da:80:7f:15:dd:
41:4a:88:4e:f0:40:e6:5e:e8:0f:b5:7c:88:63:ec:
b0:70:68:c2:7d:24:a6:79:e7:0e:96:dd:cc:8c:42:
23:e2:19:48:c0:96:0c:b5:5f:80:92:e2:e4:06:28:
cc:f3:f9:4a:60:a0:b9:c3:d0:62:b0:d8:cb:15:db:
d9:bb:7d:0e:31:b1:1a:a2:bb:40:16:74:70:dd:f2:
ff:0b:4a:d5:4d:03:03:66:26:e9:12:c9:4d:da:be:
f8:93:77:be:b7:08:ad:d3:f6:d9:8d:8c:f9:97:86:
fa:70:60:77:5c:ac:89:76:d5:91:b6:0b:1a:44:98:
7c:a0:8b:52:34:ca:38:59:5d:38:d2:56:10:84:7e:
20:99:96:60:cc:f3:82:c3:54:61:af:bf:08:f7:21:
a5:42:60:31:0b:a8:f4:0f:61:4f:79:dd:ac:ac:87:
26:95:a5:17:59:5c:3c:38:36:67:38:98:92:f5:a4:
53:76:78:d0:a9:d5:ec:00:36:ff:4e:a5:87:1c:eb:
83:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:22:75:7C:98:3B:F8:7F:5F:02:DD:E7:6B:34:C7:94:BB:56:1A:85
X509v3 Authority Key Identifier:
keyid:A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/ByJ1fJg7-H9fAt3nazTHlLtWGoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.244.0/22
195.138.214.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e1:5e:88:e0:0e:ab:50:7a:30:07:45:a2:38:fe:07:f0:5f:
10:0c:3a:41:ca:34:ae:31:c9:c6:9d:c9:61:c6:3b:72:8e:cb:
81:ba:cb:e5:cd:65:83:52:2e:da:7e:6c:74:6c:47:9c:7d:78:
21:c2:b6:64:bb:e6:55:91:2d:c6:04:bf:ae:3c:4f:f7:1b:59:
a7:f9:3c:14:fe:31:ae:ff:87:4f:4a:7a:77:7b:92:f4:4b:fd:
83:b4:2b:f9:e7:11:d5:5c:e4:83:17:fb:75:9a:0d:78:d6:ea:
8b:99:80:39:e0:a4:83:45:44:07:e6:87:1b:84:ea:b6:85:2c:
48:d3:65:0f:a0:0b:55:12:e7:04:8c:58:fd:91:11:c0:1e:3a:
34:95:38:96:65:57:8f:45:7c:44:83:18:59:45:c7:74:41:d0:
b6:92:c0:ce:4d:8d:57:12:1a:bf:9e:40:f8:ee:37:e7:83:3b:
d9:c5:17:bd:35:00:08:e7:19:fd:da:98:28:8a:c1:ac:72:70:
68:5f:70:e1:ed:2e:72:be:0c:ee:4f:12:7e:b7:61:2a:16:31:
60:c7:d6:fe:40:5a:6d:fe:10:78:2b:d7:cc:27:76:7d:eb:a1:
4b:5a:58:0d:e8:74:61:bc:52:a2:e0:21:1a:d5:14:80:ab:b0:
04:28:21:87
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAY4MMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE5
YTA3M2IzMWQ4ODhlNDQzOWUyNzJlMDA3Yzk1MzJmYzMwNWM4MGQwHhcNMjIwNTA5
MDgwMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNzIyNzU3Yzk4M2Jm
ODdmNWYwMmRkZTc2YjM0Yzc5NGJiNTYxYTg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtGHjrQKpKP/GI3Dt3UxEJMNaKR0yQhpdQqxxJiXjUDMe1Vqy
2EEv90EL/3PCklPSJaHlS4902oB/Fd1BSohO8EDmXugPtXyIY+ywcGjCfSSmeecO
lt3MjEIj4hlIwJYMtV+AkuLkBijM8/lKYKC5w9BisNjLFdvZu30OMbEaortAFnRw
3fL/C0rVTQMDZibpEslN2r74k3e+twit0/bZjYz5l4b6cGB3XKyJdtWRtgsaRJh8
oItSNMo4WV040lYQhH4gmZZgzPOCw1Rhr78I9yGlQmAxC6j0D2FPed2srIcmlaUX
WVw8ODZnOJiS9aRTdnjQqdXsADb/TqWHHOuDAwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFAcidXyYO/h/XwLd52s0x5S7VhqFMB8GA1UdIwQYMBaAFKmgc7MdiI5EOeJy
4AfJUy/DBcgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgtNGU3MzdlMDZkMjkwLzEv
QnlKMWZKZzctSDlmQXQzbmF6VEhsTHRXR29VLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9i
YTNiMmYtYTI4OS00MDRlLWFlZjgtNGU3MzdlMDZkMjkwLzEvcWFCenN4Mklqa1E1
NG5MZ0I4bFRMOE1GeUEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8X0AwQAw4rWMA0GCSqGSIb3DQEB
CwUAA4IBAQBV4V6I4A6rUHowB0WiOP4H8F8QDDpByjSuMcnGnclhxjtyjsuBusvl
zWWDUi7afmx0bEecfXghwrZku+ZVkS3GBL+uPE/3G1mn+TwU/jGu/4dPSnp3e5L0
S/2DtCv55xHVXOSDF/t1mg141uqLmYA54KSDRUQH5ocbhOq2hSxI02UPoAtVEucE
jFj9kRHAHjo0lTiWZVePRXxEgxhZRcd0QdC2ksDOTY1XEhq/nkD47jfngzvZxRe9
NQAI5xn92pgoisGscnBoX3Dh7S5yvgzuTxJ+t2EqFjFgx9b+QFpt/hB4K9fMJ3Z9
66FLWlgN6HRhvFKi4CEa1RSAq7AEKCGH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:49 2025 by rpki-client