Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/hGegYxNz-aWXhrJU5GlOUD6fzn0.roa
File: hGegYxNz-aWXhrJU5GlOUD6fzn0.roa (raw, json)
Hash identifier: EKB64XAVhM1uJDiaAZ0GbybBBfINI/feh+L8W502Zig=
Subject key identifier: 84:67:A0:63:13:73:F9:A5:97:86:B2:54:E4:69:4E:50:3E:9F:CE:7D
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 08A9E3B1
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/hGegYxNz-aWXhrJU5GlOUD6fzn0.roa
Signing time: Sat 01 Jan 2022 09:00:56 +0000
ROA not before: Sat 01 Jan 2022 09:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 91.228.74.0/24 maxlen: 24
91.228.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145351601 (0x8a9e3b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 1 09:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8467a0631373f9a59786b254e4694e503e9fce7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:a9:1f:c0:1b:c4:fe:59:69:5d:ad:8a:ad:
56:7f:eb:c9:21:1b:8c:f9:4f:7a:68:5d:d0:3c:e0:
11:2b:e7:1f:c6:2b:02:d2:86:0f:a0:4f:3d:9e:06:
80:8c:dc:ab:01:f9:2b:d5:b3:cd:14:eb:db:9a:e5:
c5:75:14:25:cc:92:46:74:d7:49:f5:6a:99:db:6a:
1d:d1:2b:7b:81:bd:1c:04:9d:38:40:23:02:51:51:
3e:ba:5d:04:db:e9:e3:95:47:e6:30:7f:9c:8d:ba:
24:a8:90:ee:f5:2c:d1:7c:4d:4b:fd:2d:3c:81:62:
be:3a:51:c4:3e:22:a4:2a:b9:d5:b1:2a:ec:05:d1:
99:34:48:f3:98:99:59:14:0b:ae:35:0e:88:f9:d4:
70:34:03:0a:db:dd:9c:45:e7:65:77:4d:b9:1a:d5:
66:77:a2:10:d0:47:5c:4b:95:98:16:ca:35:e7:6e:
97:7f:bc:28:2a:e2:2f:77:cf:58:90:e9:53:71:45:
28:e4:b2:3e:2f:55:74:fc:52:dd:37:78:dd:2d:b4:
8f:23:7b:0f:30:44:07:f1:02:8d:e2:1a:1d:24:f0:
59:e1:01:63:d2:25:1c:e0:24:c0:8d:7a:15:7b:32:
16:aa:60:e1:fd:9e:18:60:4c:70:5a:61:f4:2c:64:
92:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:67:A0:63:13:73:F9:A5:97:86:B2:54:E4:69:4E:50:3E:9F:CE:7D
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/hGegYxNz-aWXhrJU5GlOUD6fzn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/24
91.228.74.0/24
Signature Algorithm: sha256WithRSAEncryption
46:de:28:50:9a:c9:0c:cb:d1:75:a7:40:87:e1:87:0d:28:f6:
bc:62:94:20:ab:c8:a7:29:c0:a4:84:21:35:42:45:3a:23:3f:
1c:28:ad:b6:01:b4:ba:46:3e:b0:e3:f0:46:30:83:80:a8:61:
87:d9:bd:64:92:b7:9e:13:d2:e8:0a:ee:1b:e3:a3:33:19:47:
fb:f0:2f:f3:a5:1d:d1:31:88:bd:72:a4:fc:28:59:aa:4b:1b:
44:be:b6:fe:19:06:d1:e9:dc:92:91:51:66:09:9a:3f:ce:e8:
14:43:55:be:3f:f4:92:32:e8:de:0e:a7:37:35:25:b8:97:db:
b7:d5:2d:b1:03:74:84:4d:a6:7a:e1:35:10:ec:43:d0:e1:90:
88:52:d8:bc:8e:da:a5:f6:c1:b1:79:0c:5e:89:d5:6e:e7:7d:
a2:55:f5:e2:28:90:a7:64:4d:9c:01:f5:45:3b:f3:56:87:74:
80:2f:b2:30:2e:11:37:32:cc:27:70:79:78:31:ca:ce:95:0b:
40:60:9d:f5:df:30:e3:43:18:e3:8e:e2:7c:11:fb:69:d0:64:
61:33:c8:b3:1c:be:52:48:fd:5e:a2:95:59:1f:17:b1:86:47:
ef:b4:a0:c1:90:cb:14:d3:e3:b5:42:15:35:fb:23:25:30:19:
db:e5:42:c4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECKnjsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWJjODUwZDE3Y2E2ZDNjN2I0ZDAwZTUwMWUyZDM1NmYwOGE1ODVlMB4XDTIyMDEw
MTA5MDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ2N2EwNjMxMzcz
ZjlhNTk3ODZiMjU0ZTQ2OTRlNTAzZTlmY2U3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk/qR/AG8T+WWldrYqtVn/rySEbjPlPemhd0DzgESvnH8Yr
AtKGD6BPPZ4GgIzcqwH5K9WzzRTr25rlxXUUJcySRnTXSfVqmdtqHdEre4G9HASd
OEAjAlFRPrpdBNvp45VH5jB/nI26JKiQ7vUs0XxNS/0tPIFivjpRxD4ipCq51bEq
7AXRmTRI85iZWRQLrjUOiPnUcDQDCtvdnEXnZXdNuRrVZneiENBHXEuVmBbKNedu
l3+8KCriL3fPWJDpU3FFKOSyPi9VdPxS3Td43S20jyN7DzBEB/ECjeIaHSTwWeEB
Y9IlHOAkwI16FXsyFqpg4f2eGGBMcFph9CxkkokCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSEZ6BjE3P5pZeGslTkaU5QPp/OfTAfBgNVHSMEGDAWgBSxvIUNF8ptPHtN
AOUB4tNW8IpYXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NieUZEUmZLYlR4N1RRRGxBZUxUVnZDS1dGNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvOGFhMDJkLTk0YzgtNDY3OC05MmFjLTE3ZmI0ZmZiOWZhZC8x
L2hHZWdZeE56LWFXWGhySlU1R2xPVUQ2ZnpuMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
OGFhMDJkLTk0YzgtNDY3OC05MmFjLTE3ZmI0ZmZiOWZhZC8xL3NieUZEUmZLYlR4
N1RRRGxBZUxUVnZDS1dGNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvkSAMEAFvkSjANBgkqhkiG9w0B
AQsFAAOCAQEARt4oUJrJDMvRdadAh+GHDSj2vGKUIKvIpynApIQhNUJFOiM/HCit
tgG0ukY+sOPwRjCDgKhhh9m9ZJK3nhPS6AruG+OjMxlH+/Av86Ud0TGIvXKk/ChZ
qksbRL62/hkG0enckpFRZgmaP87oFENVvj/0kjLo3g6nNzUluJfbt9UtsQN0hE2m
euE1EOxD0OGQiFLYvI7apfbBsXkMXonVbud9olX14iiQp2RNnAH1RTvzVod0gC+y
MC4RNzLMJ3B5eDHKzpULQGCd9d8w40MY447ifBH7adBkYTPIsxy+Ukj9XqKVWR8X
sYZH77SgwZDLFNPjtUIVNfsjJTAZ2+VCxA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:08 2025 by rpki-client