Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/421UZ0aISifZMRfPpqVn0X4XwsQ.roa
File: 421UZ0aISifZMRfPpqVn0X4XwsQ.roa (raw, json)
Hash identifier: LbKpsujJm2YVHJdb61bjJVPhgZX8TylenOjFxsGtGnE=
Subject key identifier: E3:6D:54:67:46:88:4A:27:D9:31:17:CF:A6:A5:67:D1:7E:17:C2:C4
Certificate issuer: /CN=ea2c4ea79ddb7b003de01f1d05f6dbf716b11336
Certificate serial: 124756DF
Authority key identifier: EA:2C:4E:A7:9D:DB:7B:00:3D:E0:1F:1D:05:F6:DB:F7:16:B1:13:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ixOp53bewA94B8dBfbb9xaxEzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/421UZ0aISifZMRfPpqVn0X4XwsQ.roa
Signing time: Sat 01 Jan 2022 10:01:12 +0000
ROA not before: Sat 01 Jan 2022 10:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206314
IP address blocks: 91.241.24.0/22 maxlen: 22
91.238.172.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306665183 (0x124756df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea2c4ea79ddb7b003de01f1d05f6dbf716b11336
Validity
Not Before: Jan 1 10:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e36d546746884a27d93117cfa6a567d17e17c2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3f:e6:52:d8:39:11:b8:79:0e:c8:59:eb:0a:
44:c5:75:e9:a6:07:63:10:ca:87:2e:5f:6c:de:61:
af:a3:13:f5:6d:60:fe:6f:e5:80:64:b7:f6:b3:77:
32:f3:53:00:ca:74:1c:ba:c2:0b:33:85:04:bc:11:
db:5c:49:fb:20:87:9c:b2:96:b1:01:e2:e3:7a:11:
be:1c:0e:74:9e:1e:f9:7f:77:b1:41:f9:da:f5:3d:
7c:74:7b:53:af:b1:f5:02:23:93:12:03:85:dc:07:
f7:78:d6:d6:f3:2a:30:d7:a7:0b:06:3b:fa:a3:0b:
0c:db:45:e2:5a:e5:15:0e:6f:8c:07:ae:72:a5:db:
94:50:82:5b:3e:15:0f:9b:cf:cc:92:fc:1d:f6:14:
58:8f:e0:ab:a0:83:a3:ec:ae:ea:28:bb:3c:4f:22:
24:9f:71:1b:e1:08:18:3d:57:9b:ef:a0:b8:2a:25:
2c:96:54:bb:cb:19:39:72:97:4a:31:a1:5a:33:3d:
8a:85:06:a3:54:a0:e5:bb:ff:14:e0:df:3a:53:a9:
c9:c0:b9:b6:69:a5:1f:55:6d:1d:ec:6e:a1:29:99:
cc:f6:c4:21:6a:b4:aa:ae:c4:2e:9b:2c:4d:f4:91:
26:88:d2:42:78:ba:d3:ac:4f:b2:ba:03:98:5f:d5:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6D:54:67:46:88:4A:27:D9:31:17:CF:A6:A5:67:D1:7E:17:C2:C4
X509v3 Authority Key Identifier:
keyid:EA:2C:4E:A7:9D:DB:7B:00:3D:E0:1F:1D:05:F6:DB:F7:16:B1:13:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ixOp53bewA94B8dBfbb9xaxEzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/421UZ0aISifZMRfPpqVn0X4XwsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/6ixOp53bewA94B8dBfbb9xaxEzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.172.0/22
91.241.24.0/22
Signature Algorithm: sha256WithRSAEncryption
40:f0:4d:44:bc:58:55:68:6d:3e:71:d0:e8:ee:81:7a:2f:84:
73:a0:db:06:2f:37:d2:fd:a2:97:fc:8b:d3:68:33:a5:96:9d:
e9:f6:75:14:6d:4d:4d:ee:14:e8:21:9c:45:80:b3:9f:37:30:
83:7d:51:2f:b9:4d:39:69:db:8e:4f:7e:f1:bc:93:e0:2f:c8:
2e:8c:7c:af:a7:9f:af:22:8f:8d:a7:70:52:f6:03:c0:ce:74:
7f:13:64:1d:91:8b:0a:d4:12:07:c6:96:11:78:4d:81:ce:e7:
41:90:a9:70:7e:1b:7d:5c:c0:9f:5c:5b:9b:f1:5a:b7:42:41:
25:0a:f1:98:25:37:34:05:be:bd:ad:d9:49:22:e7:ba:14:6e:
fd:15:ee:93:51:b4:83:fd:6b:75:ad:c4:33:6f:f3:0d:ca:68:
8c:a0:fd:cd:9f:26:df:15:34:fa:0b:d0:c2:b8:a5:4b:93:83:
2d:7a:8f:98:82:c5:5b:c9:64:54:b6:52:bf:fd:60:27:14:25:
1b:e3:e4:78:27:67:28:7a:70:22:4a:77:97:a1:68:46:ec:31:
4f:5b:0a:94:23:1a:f2:c7:d9:c2:08:d0:8c:e2:14:9e:f8:12:
ca:de:d2:95:c0:ea:18:3d:f9:ac:cc:ab:53:53:6a:03:89:42:
d6:5b:dc:6a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEkdW3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTJjNGVhNzlkZGI3YjAwM2RlMDFmMWQwNWY2ZGJmNzE2YjExMzM2MB4XDTIyMDEw
MTEwMDExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM2ZDU0Njc0Njg4
NGEyN2Q5MzExN2NmYTZhNTY3ZDE3ZTE3YzJjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKM/5lLYORG4eQ7IWesKRMV16aYHYxDKhy5fbN5hr6MT9W1g
/m/lgGS39rN3MvNTAMp0HLrCCzOFBLwR21xJ+yCHnLKWsQHi43oRvhwOdJ4e+X93
sUH52vU9fHR7U6+x9QIjkxIDhdwH93jW1vMqMNenCwY7+qMLDNtF4lrlFQ5vjAeu
cqXblFCCWz4VD5vPzJL8HfYUWI/gq6CDo+yu6ii7PE8iJJ9xG+EIGD1Xm++guCol
LJZUu8sZOXKXSjGhWjM9ioUGo1Sg5bv/FODfOlOpycC5tmmlH1VtHexuoSmZzPbE
IWq0qq7ELpssTfSRJojSQni606xPsroDmF/VtbcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTjbVRnRohKJ9kxF8+mpWfRfhfCxDAfBgNVHSMEGDAWgBTqLE6nndt7AD3g
Hx0F9tv3FrETNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZpeE9wNTNiZXdBOTRCOGRCZmJiOXhheEV6WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvOGU3ZTFkLTE1OGYtNGM2ZS1hYmEzLTM5ZjEzZTc2YWZhMy8x
LzQyMVVaMGFJU2lmWk1SZlBwcVZuMFg0WHdzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
OGU3ZTFkLTE1OGYtNGM2ZS1hYmEzLTM5ZjEzZTc2YWZhMy8xLzZpeE9wNTNiZXdB
OTRCOGRCZmJiOXhheEV6WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvurAMEAlvxGDANBgkqhkiG9w0B
AQsFAAOCAQEAQPBNRLxYVWhtPnHQ6O6Bei+Ec6DbBi830v2il/yL02gzpZad6fZ1
FG1NTe4U6CGcRYCznzcwg31RL7lNOWnbjk9+8byT4C/ILox8r6efryKPjadwUvYD
wM50fxNkHZGLCtQSB8aWEXhNgc7nQZCpcH4bfVzAn1xbm/Fat0JBJQrxmCU3NAW+
va3ZSSLnuhRu/RXuk1G0g/1rda3EM2/zDcpojKD9zZ8m3xU0+gvQwrilS5ODLXqP
mILFW8lkVLZSv/1gJxQlG+PkeCdnKHpwIkp3l6FoRuwxT1sKlCMa8sfZwgjQjOIU
nvgSyt7SlcDqGD35rMyrU1NqA4lC1lvcag==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:52 2025 by rpki-client