Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ca686d-f35f-43f3-b889-9ffb0e41c4ef/1/6K1deTgRzdHmEg4CHoOOdHYKTjM.roa
File: 6K1deTgRzdHmEg4CHoOOdHYKTjM.roa (raw, json)
Hash identifier: RJXuCcyV0RJnXI7ttPfym7yCSOV28e+azw0Z8q0VIR8=
Subject key identifier: E8:AD:5D:79:38:11:CD:D1:E6:12:0E:02:1E:83:8E:74:76:0A:4E:33
Certificate issuer: /CN=f02e28e8ac7ab18c73079de84c8097d782aab69a
Certificate serial: 01856FA710028B57CA2692F30A2099A1B1E5
Authority key identifier: F0:2E:28:E8:AC:7A:B1:8C:73:07:9D:E8:4C:80:97:D7:82:AA:B6:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C4o6Kx6sYxzB53oTICX14Kqtpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ca686d-f35f-43f3-b889-9ffb0e41c4ef/1/6K1deTgRzdHmEg4CHoOOdHYKTjM.roa
Signing time: Sun 01 Jan 2023 23:24:57 +0000
ROA not before: Sun 01 Jan 2023 23:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8896
IP address blocks: 91.188.232.0/22 maxlen: 22
2a09:a300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:10:02:8b:57:ca:26:92:f3:0a:20:99:a1:b1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02e28e8ac7ab18c73079de84c8097d782aab69a
Validity
Not Before: Jan 1 23:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8ad5d793811cdd1e6120e021e838e74760a4e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f4:29:db:56:e1:40:48:83:df:82:54:02:b6:
57:3c:17:4e:10:c3:67:a4:e0:c3:0b:53:2d:f0:b3:
84:96:0d:11:4f:5d:31:9c:16:30:34:6f:cf:00:94:
c4:49:7f:41:29:d7:18:e8:02:45:5e:c3:86:87:17:
f5:65:6a:62:9b:84:86:dc:50:9e:14:69:de:f3:f7:
02:72:37:b2:95:ea:1c:06:b9:e6:88:a0:a5:d6:6d:
bf:65:47:e8:63:54:c9:4a:cf:e8:a0:3c:ab:27:63:
9c:9e:05:71:5f:86:b4:46:89:db:16:03:9c:d4:83:
cb:76:61:e9:94:b5:4c:c9:54:ec:93:39:bc:e5:25:
94:ec:55:6c:95:74:0f:c3:ef:da:85:2c:f6:81:d9:
2f:ed:92:ea:ce:e5:66:1d:cb:eb:27:5c:60:97:bb:
0d:ce:93:b1:91:0b:63:b2:c5:10:d0:a7:1a:1f:3f:
7d:03:83:3a:df:9b:b3:1f:e7:0d:25:fa:35:97:ae:
fb:54:c6:4a:f5:2a:7a:0c:6c:6f:08:dd:5a:1c:c0:
da:c8:00:ca:ca:58:df:a8:35:cd:ab:3c:0d:69:62:
9a:91:7c:ac:51:9d:13:03:06:03:f2:b4:56:63:a6:
a6:7c:59:14:7e:2b:95:0e:3a:1b:fd:6f:76:28:7d:
94:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AD:5D:79:38:11:CD:D1:E6:12:0E:02:1E:83:8E:74:76:0A:4E:33
X509v3 Authority Key Identifier:
keyid:F0:2E:28:E8:AC:7A:B1:8C:73:07:9D:E8:4C:80:97:D7:82:AA:B6:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C4o6Kx6sYxzB53oTICX14Kqtpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ca686d-f35f-43f3-b889-9ffb0e41c4ef/1/6K1deTgRzdHmEg4CHoOOdHYKTjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ca686d-f35f-43f3-b889-9ffb0e41c4ef/1/8C4o6Kx6sYxzB53oTICX14Kqtpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.232.0/22
IPv6:
2a09:a300::/32
Signature Algorithm: sha256WithRSAEncryption
67:64:eb:1b:05:52:ae:e4:45:23:9b:23:a4:8f:fd:85:2a:2d:
b7:2c:22:7a:8a:1c:c7:6b:89:74:ed:73:96:60:e6:ed:0c:2e:
82:56:24:2f:f3:ad:dc:9d:cc:ca:99:d2:c5:5a:27:a7:a5:08:
2e:06:02:2e:c7:88:3a:db:6d:4d:03:a9:bc:70:95:20:16:f5:
10:f7:1f:fe:76:61:83:7f:61:a6:91:e7:e7:af:c1:e7:63:ba:
f2:ef:f3:7e:5b:07:16:fb:b1:5f:1b:b3:0a:87:2d:cb:79:c9:
46:ed:13:27:15:70:72:d7:6a:5f:eb:fd:71:1b:67:0a:29:cf:
f4:5b:59:56:e5:9d:82:1b:37:b1:48:97:b9:d1:29:96:b3:05:
5b:c5:26:69:d6:71:43:f3:47:29:ba:d6:7f:04:34:04:19:36:
db:10:a7:76:aa:f1:ea:87:f7:36:c0:5c:f5:e7:3b:1a:7b:3f:
04:30:b6:73:6e:e6:e5:a3:36:61:bb:a6:be:12:e7:a7:e6:f0:
87:f3:32:01:bd:d1:e2:88:d6:a7:80:72:dc:fb:c3:23:04:36:
66:f9:24:89:52:8d:24:1b:17:3c:1d:04:88:02:c9:c9:d5:3c:
dd:ac:d3:2d:ea:22:69:b1:33:32:34:9b:44:ee:52:55:7a:b9:
dc:33:95:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpxACi1fKJpLzCiCZobHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmUyOGU4YWM3YWIxOGM3MzA3OWRlODRjODA5N2Q3ODJh
YWI2OWEwHhcNMjMwMTAxMjMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFkNWQ3OTM4MTFjZGQxZTYxMjBlMDIxZTgzOGU3NDc2MGE0ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfQp21bhQEiD34JUArZXPBdOEMNn
pODDC1Mt8LOElg0RT10xnBYwNG/PAJTESX9BKdcY6AJFXsOGhxf1ZWpim4SG3FCe
FGne8/cCcjeyleocBrnmiKCl1m2/ZUfoY1TJSs/ooDyrJ2OcngVxX4a0RonbFgOc
1IPLdmHplLVMyVTskzm85SWU7FVslXQPw+/ahSz2gdkv7ZLqzuVmHcvrJ1xgl7sN
zpOxkQtjssUQ0KcaHz99A4M635uzH+cNJfo1l677VMZK9Sp6DGxvCN1aHMDayADK
yljfqDXNqzwNaWKakXysUZ0TAwYD8rRWY6amfFkUfiuVDjob/W92KH2UDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOitXXk4Ec3R5hIOAh6DjnR2Ck4zMB8GA1UdIwQY
MBaAFPAuKOiserGMcwed6EyAl9eCqraaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEM0bzZLeDZzWXh6QjUzb1RJQ1gxNEtxdHBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jYTY4NmQtZjM1Zi00M2YzLWI4ODkt
OWZmYjBlNDFjNGVmLzEvNksxZGVUZ1J6ZEhtRWc0Q0hvT09kSFlLVGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jYTY4NmQtZjM1Zi00M2YzLWI4ODktOWZmYjBlNDFjNGVm
LzEvOEM0bzZLeDZzWXh6QjUzb1RJQ1gxNEtxdHBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW7zoMA0E
AgACMAcDBQAqCaMAMA0GCSqGSIb3DQEBCwUAA4IBAQBnZOsbBVKu5EUjmyOkj/2F
Ki23LCJ6ihzHa4l07XOWYObtDC6CViQv863cnczKmdLFWienpQguBgIux4g6221N
A6m8cJUgFvUQ9x/+dmGDf2Gmkefnr8HnY7ry7/N+WwcW+7FfG7MKhy3LeclG7RMn
FXBy12pf6/1xG2cKKc/0W1lW5Z2CGzexSJe50SmWswVbxSZp1nFD80cputZ/BDQE
GTbbEKd2qvHqh/c2wFz15zsaez8EMLZzbublozZhu6a+Euen5vCH8zIBvdHiiNan
gHLc+8MjBDZm+SSJUo0kGxc8HQSIAsnJ1TzdrNMt6iJpsTMyNJtE7lJVerncM5XX
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:40:13 2025 by rpki-client