Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/rFj3QInTiy7YbHuTlzHe_K4nGWk.roa
File: rFj3QInTiy7YbHuTlzHe_K4nGWk.roa (raw, json)
Hash identifier: +4D+I02tk/qDx7Ujfg+ZzVSgpYKvSz4Jby24VMFKOWU=
Subject key identifier: AC:58:F7:40:89:D3:8B:2E:D8:6C:7B:93:97:31:DE:FC:AE:27:19:69
Certificate issuer: /CN=dd9c30399f638555f4c02e8d1b55bc927225cb51
Certificate serial: 018572D5D7F28F161192E2B120CD134D7941
Authority key identifier: DD:9C:30:39:9F:63:85:55:F4:C0:2E:8D:1B:55:BC:92:72:25:CB:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZwwOZ9jhVX0wC6NG1W8knIly1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/rFj3QInTiy7YbHuTlzHe_K4nGWk.roa
Signing time: Mon 02 Jan 2023 14:14:55 +0000
ROA not before: Mon 02 Jan 2023 14:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49773
IP address blocks: 91.218.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:d7:f2:8f:16:11:92:e2:b1:20:cd:13:4d:79:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd9c30399f638555f4c02e8d1b55bc927225cb51
Validity
Not Before: Jan 2 14:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac58f74089d38b2ed86c7b939731defcae271969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:97:c9:6d:ea:48:dd:c0:2a:ce:6c:9b:cd:93:
67:d7:f6:3f:87:53:75:5e:98:f8:e0:95:d9:30:07:
90:a3:e4:ed:d1:db:8d:ff:8c:51:56:92:6c:2e:85:
da:08:19:40:2c:ab:6a:53:25:aa:e3:78:64:cc:f1:
89:21:d5:e2:bf:bb:89:45:51:f7:28:fe:f4:4c:4a:
00:54:e6:11:dc:93:41:39:12:06:4f:e2:cc:46:9b:
4e:24:12:80:86:49:a3:f1:52:97:e1:e5:cf:ab:2f:
c2:58:92:1f:7b:b2:70:5d:8b:cb:d6:be:91:65:ad:
42:a4:b4:0c:0d:b9:6f:5e:10:b2:29:f7:1b:1a:24:
62:c5:29:e7:c4:84:5d:84:6e:3d:65:18:3a:7c:a7:
00:c1:29:77:4c:3b:27:f4:2d:37:a0:82:23:64:4f:
f1:3a:3b:ed:75:51:6d:25:c6:c4:e0:dc:e3:60:79:
f5:ea:a7:c6:97:bb:e1:37:8c:bd:82:d5:06:db:51:
a0:5b:61:11:5c:28:f5:34:f9:0f:ad:f7:d5:c6:68:
2c:bd:9a:f5:fa:eb:83:fb:cd:d5:d0:0c:38:0f:55:
a1:ca:35:04:db:78:7d:b5:f0:22:70:c3:e8:10:0f:
94:00:4b:6d:3e:36:38:11:74:3b:e2:77:e0:44:9b:
32:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:58:F7:40:89:D3:8B:2E:D8:6C:7B:93:97:31:DE:FC:AE:27:19:69
X509v3 Authority Key Identifier:
keyid:DD:9C:30:39:9F:63:85:55:F4:C0:2E:8D:1B:55:BC:92:72:25:CB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZwwOZ9jhVX0wC6NG1W8knIly1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/rFj3QInTiy7YbHuTlzHe_K4nGWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.80.0/22
Signature Algorithm: sha256WithRSAEncryption
17:f9:1a:78:69:13:1d:cf:26:aa:27:5a:ba:02:3f:74:1f:c1:
d3:4d:cc:87:b1:3e:94:4d:15:78:df:97:26:a4:5f:84:1a:18:
ca:be:87:1e:89:8b:93:78:6c:00:31:9d:1f:ac:14:44:a7:8f:
cc:f6:78:69:c1:26:d9:01:6a:da:ae:4f:87:4b:d7:67:fd:64:
70:8e:c9:a5:9a:f5:fb:22:f2:2f:8f:04:c7:65:d4:3f:3a:e9:
0f:f0:aa:1d:21:15:2b:d5:e5:fa:8d:d9:07:b6:b4:d0:f6:7a:
48:3d:7e:4a:9b:7b:d3:15:7e:4e:f6:a3:fb:b5:e0:cc:3b:68:
c5:68:f2:31:28:03:a8:15:ce:5f:4d:4e:32:b3:58:4d:ed:44:
bb:50:b0:4b:b5:11:0d:f3:f9:ee:08:17:bf:f3:68:ed:a7:83:
6b:e0:42:05:20:d9:a9:89:a1:d6:5e:4b:91:73:0a:ae:98:38:
1c:2c:38:e1:65:c3:61:e4:85:aa:38:ea:e2:42:b2:45:95:09:
d3:65:35:8e:0e:57:94:6e:13:95:75:20:00:9f:5b:b6:f7:b0:
9c:f6:4a:54:75:9d:1c:37:7e:f1:27:d4:e1:18:aa:af:59:67:
76:02:52:0d:ec:e8:8d:9a:43:df:45:05:da:16:6e:28:a2:a9:
1c:af:e0:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1dfyjxYRkuKxIM0TTXlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOWMzMDM5OWY2Mzg1NTVmNGMwMmU4ZDFiNTViYzkyNzIy
NWNiNTEwHhcNMjMwMTAyMTQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU4Zjc0MDg5ZDM4YjJlZDg2YzdiOTM5NzMxZGVmY2FlMjcxOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZfJbepI3cAqzmybzZNn1/Y/h1N1
Xpj44JXZMAeQo+Tt0duN/4xRVpJsLoXaCBlALKtqUyWq43hkzPGJIdXiv7uJRVH3
KP70TEoAVOYR3JNBORIGT+LMRptOJBKAhkmj8VKX4eXPqy/CWJIfe7JwXYvL1r6R
Za1CpLQMDblvXhCyKfcbGiRixSnnxIRdhG49ZRg6fKcAwSl3TDsn9C03oIIjZE/x
OjvtdVFtJcbE4NzjYHn16qfGl7vhN4y9gtUG21GgW2ERXCj1NPkPrffVxmgsvZr1
+uuD+83V0Aw4D1WhyjUE23h9tfAicMPoEA+UAEttPjY4EXQ74nfgRJsyIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxY90CJ04su2Gx7k5cx3vyuJxlpMB8GA1UdIwQY
MBaAFN2cMDmfY4VV9MAujRtVvJJyJctRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1p3d09aOWpoVlgwd0M2TkcxVzhrbklseTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iZWNhNGQtNzBjYy00Y2E0LWI0NTIt
MGU1MTQwNjJjNTkwLzEvckZqM1FJblRpeTdZYkh1VGx6SGVfSzRuR1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iZWNhNGQtNzBjYy00Y2E0LWI0NTItMGU1MTQwNjJjNTkw
LzEvM1p3d09aOWpoVlgwd0M2TkcxVzhrbklseTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9pQMA0G
CSqGSIb3DQEBCwUAA4IBAQAX+Rp4aRMdzyaqJ1q6Aj90H8HTTcyHsT6UTRV435cm
pF+EGhjKvoceiYuTeGwAMZ0frBREp4/M9nhpwSbZAWrark+HS9dn/WRwjsmlmvX7
IvIvjwTHZdQ/OukP8KodIRUr1eX6jdkHtrTQ9npIPX5Km3vTFX5O9qP7teDMO2jF
aPIxKAOoFc5fTU4ys1hN7US7ULBLtREN8/nuCBe/82jtp4Nr4EIFINmpiaHWXkuR
cwqumDgcLDjhZcNh5IWqOOriQrJFlQnTZTWODleUbhOVdSAAn1u297Cc9kpUdZ0c
N37xJ9ThGKqvWWd2AlIN7OiNmkPfRQXaFm4ooqkcr+Bx
-----END CERTIFICATE-----
Generated at Wed Apr 23 00:53:06 2025 by rpki-client