Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/55rK4MB4i6fbKodiqLkncWV3ccE.roa
File: 55rK4MB4i6fbKodiqLkncWV3ccE.roa (raw, json)
Hash identifier: PwYE3HCCmY9J1TckdTTl/T/IEh2Vt7cQmKyJc21ofqc=
Subject key identifier: E7:9A:CA:E0:C0:78:8B:A7:DB:2A:87:62:A8:B9:27:71:65:77:71:C1
Certificate issuer: /CN=c77171a5e45506c86c9016bbe5b14b3db8bc6cc3
Certificate serial: 01857082AF125067684C337474A36A10AF08
Authority key identifier: C7:71:71:A5:E4:55:06:C8:6C:90:16:BB:E5:B1:4B:3D:B8:BC:6C:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/55rK4MB4i6fbKodiqLkncWV3ccE.roa
Signing time: Mon 02 Jan 2023 03:24:50 +0000
ROA not before: Mon 02 Jan 2023 03:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49250
IP address blocks: 91.223.233.0/24 maxlen: 28
185.191.12.0/22 maxlen: 24
91.212.183.0/24 maxlen: 28
37.1.104.0/21 maxlen: 24
2a00:d540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:af:12:50:67:68:4c:33:74:74:a3:6a:10:af:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77171a5e45506c86c9016bbe5b14b3db8bc6cc3
Validity
Not Before: Jan 2 03:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e79acae0c0788ba7db2a8762a8b92771657771c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b8:c8:21:c4:95:f3:a5:eb:92:50:b0:d9:f2:
47:0b:fc:f4:3b:c6:99:5d:c6:5a:e3:19:10:02:bf:
9d:b6:e5:c2:54:fa:49:54:fa:89:4d:3a:28:d2:f1:
84:58:b4:eb:63:fe:91:5e:2b:d3:85:f1:f2:f6:41:
48:77:cd:39:b8:9e:e0:85:f4:7c:73:71:e9:e7:78:
29:86:7b:4b:9b:9e:4d:a6:80:8c:d6:e4:99:b1:df:
2d:1c:a2:15:80:46:6c:0b:8f:5e:92:cd:25:be:ec:
eb:66:0e:9a:88:64:57:3c:81:f7:80:8f:29:0d:8e:
57:78:01:63:7a:a3:83:93:26:16:e9:6d:91:26:ab:
5e:a1:75:1f:a0:f5:df:56:06:bd:54:65:ff:3b:2d:
80:00:be:51:bd:6d:90:3a:da:e0:6b:5a:71:d1:ad:
94:8c:64:e2:a5:06:86:1d:34:9e:67:a0:85:cd:b0:
a3:b4:4f:05:2a:d8:9e:6c:77:0a:f5:5a:d6:ca:00:
5e:60:eb:13:d7:a6:6e:de:66:51:b8:fc:4a:7a:5c:
20:ea:59:d3:b5:74:40:ec:69:06:45:19:4f:b8:93:
aa:53:de:d2:db:19:86:50:fd:90:47:33:ad:51:cc:
b5:29:50:d9:d6:df:72:a7:6f:3e:bd:39:4c:46:de:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9A:CA:E0:C0:78:8B:A7:DB:2A:87:62:A8:B9:27:71:65:77:71:C1
X509v3 Authority Key Identifier:
keyid:C7:71:71:A5:E4:55:06:C8:6C:90:16:BB:E5:B1:4B:3D:B8:BC:6C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/55rK4MB4i6fbKodiqLkncWV3ccE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/x3FxpeRVBshskBa75bFLPbi8bMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.104.0/21
91.212.183.0/24
91.223.233.0/24
185.191.12.0/22
IPv6:
2a00:d540::/29
Signature Algorithm: sha256WithRSAEncryption
aa:c7:5f:6e:7a:5e:da:38:e6:39:48:b0:b9:6e:fa:bd:27:0c:
ec:d5:c2:ce:ed:65:0f:ce:5c:12:83:61:72:4e:cb:c2:ac:ab:
6e:a4:8b:ca:d3:b7:c1:b2:4b:45:fa:44:0f:f9:94:c5:ca:2e:
f3:f3:bd:9f:b7:0e:3e:ad:e9:02:6b:46:63:2c:f2:d8:18:ea:
52:2a:a8:66:7b:21:89:7b:a2:fb:1c:bc:eb:2e:30:6f:6f:93:
2c:61:1e:c5:3f:15:88:78:20:43:6e:95:68:51:e7:42:d6:35:
0a:13:c5:9d:bb:97:fa:54:90:30:fa:b4:3b:3c:23:b2:0d:63:
92:ef:f0:a8:55:9d:39:30:bb:2f:79:ae:a1:6b:c7:bf:aa:eb:
dc:3b:d4:d5:76:59:5a:b8:e5:08:77:24:c2:07:af:82:f5:56:
0e:1e:0f:75:c4:2f:7f:2b:39:28:1d:90:09:4c:3e:d6:28:54:
02:da:1a:26:44:10:dd:2a:a6:8d:9b:a2:f9:da:49:9b:68:68:
df:35:f7:52:25:f2:2d:95:52:58:9e:38:cd:83:10:0c:0c:d2:
a6:2c:cb:33:9d:76:6a:72:14:b6:d0:22:ac:4b:89:57:77:24:
3d:f9:53:74:8c:03:93:a7:10:82:ee:11:7b:95:61:7c:c6:08:
ee:fe:a8:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwgq8SUGdoTDN0dKNqEK8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzE3MWE1ZTQ1NTA2Yzg2YzkwMTZiYmU1YjE0YjNkYjhi
YzZjYzMwHhcNMjMwMTAyMDMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzlhY2FlMGMwNzg4YmE3ZGIyYTg3NjJhOGI5Mjc3MTY1Nzc3MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLjIIcSV86XrklCw2fJHC/z0O8aZ
XcZa4xkQAr+dtuXCVPpJVPqJTToo0vGEWLTrY/6RXivThfHy9kFId805uJ7ghfR8
c3Hp53gphntLm55NpoCM1uSZsd8tHKIVgEZsC49eks0lvuzrZg6aiGRXPIH3gI8p
DY5XeAFjeqODkyYW6W2RJqteoXUfoPXfVga9VGX/Oy2AAL5RvW2QOtrga1px0a2U
jGTipQaGHTSeZ6CFzbCjtE8FKtiebHcK9VrWygBeYOsT16Zu3mZRuPxKelwg6lnT
tXRA7GkGRRlPuJOqU97S2xmGUP2QRzOtUcy1KVDZ1t9yp28+vTlMRt7q1QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOeayuDAeIun2yqHYqi5J3Fld3HBMB8GA1UdIwQY
MBaAFMdxcaXkVQbIbJAWu+WxSz24vGzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNGeHBlUlZCc2hza0JhNzViRkxQYmk4Yk1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZjhmNTgtZDgzYy00NDBlLTk5MGIt
YjQzOGI1Yjg4Y2YyLzEvNTVySzRNQjRpNmZiS29kaXFMa25jV1YzY2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZjhmNTgtZDgzYy00NDBlLTk5MGItYjQzOGI1Yjg4Y2Yy
LzEveDNGeHBlUlZCc2hza0JhNzViRkxQYmk4Yk1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJQFoAwQA
W9S3AwQAW9/pAwQCub8MMA0EAgACMAcDBQMqANVAMA0GCSqGSIb3DQEBCwUAA4IB
AQCqx19uel7aOOY5SLC5bvq9Jwzs1cLO7WUPzlwSg2FyTsvCrKtupIvK07fBsktF
+kQP+ZTFyi7z872ftw4+rekCa0ZjLPLYGOpSKqhmeyGJe6L7HLzrLjBvb5MsYR7F
PxWIeCBDbpVoUedC1jUKE8Wdu5f6VJAw+rQ7PCOyDWOS7/CoVZ05MLsvea6ha8e/
quvcO9TVdllauOUIdyTCB6+C9VYOHg91xC9/KzkoHZAJTD7WKFQC2homRBDdKqaN
m6L52kmbaGjfNfdSJfItlVJYnjjNgxAMDNKmLMsznXZqchS20CKsS4lXdyQ9+VN0
jAOTpxCC7hF7lWF8xgju/qjl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:43 2025 by rpki-client