Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/e5b5ab-6af5-43d5-b4e2-4966b3cfc87d/1/1TFi-IFm3ryTzQMj_u3kXSt-WR0.roa
File: 1TFi-IFm3ryTzQMj_u3kXSt-WR0.roa (raw, json)
Hash identifier: hXyihqqM0IfPqU1NhXanMaBrX1aEMdCUJRksYVQ1Tb4=
Subject key identifier: D5:31:62:F8:81:66:DE:BC:93:CD:03:23:FE:ED:E4:5D:2B:7E:59:1D
Certificate issuer: /CN=2895fbcbcf88d1ad9b19fc42c7aa11ad3d2a7ea0
Certificate serial: 051E21B0
Authority key identifier: 28:95:FB:CB:CF:88:D1:AD:9B:19:FC:42:C7:AA:11:AD:3D:2A:7E:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJX7y8-I0a2bGfxCx6oRrT0qfqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/e5b5ab-6af5-43d5-b4e2-4966b3cfc87d/1/1TFi-IFm3ryTzQMj_u3kXSt-WR0.roa
Signing time: Sat 01 Jan 2022 06:00:43 +0000
ROA not before: Sat 01 Jan 2022 06:00:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43050
IP address blocks: 176.119.232.0/21 maxlen: 21
91.215.124.0/22 maxlen: 22
91.194.50.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85860784 (0x51e21b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2895fbcbcf88d1ad9b19fc42c7aa11ad3d2a7ea0
Validity
Not Before: Jan 1 06:00:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d53162f88166debc93cd0323feede45d2b7e591d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:f5:49:3e:22:63:7d:3f:a6:27:26:e4:a1:
32:6c:1e:4a:9b:28:cd:57:69:23:e5:f8:78:8b:92:
80:6f:52:a5:3d:75:ff:11:ff:df:6e:50:4d:e1:88:
e8:7c:66:1b:bf:f9:50:0d:6f:9e:47:7f:38:e0:88:
a8:cb:ef:17:2c:66:41:7c:8a:68:80:f6:e4:b2:63:
6b:73:3b:c2:47:d4:56:e8:59:18:1b:e1:5e:bc:02:
0a:a9:42:e8:e4:cc:d7:69:95:a5:c6:8a:14:87:09:
56:e6:4d:8a:d7:fc:6c:7a:b5:65:2f:c5:f9:02:83:
43:b1:c5:6c:7b:47:73:5d:88:41:54:09:c6:33:85:
f1:51:e8:ad:f6:b6:86:a7:e1:c9:c2:94:a4:d9:69:
88:c9:b3:9e:6c:0e:e2:dd:ad:f0:1c:23:d4:e2:e7:
77:bc:82:36:14:e8:9a:f2:57:bb:31:d7:61:75:a4:
e1:ac:2b:1f:e9:ff:d0:af:ba:f7:76:25:a5:0d:ae:
3f:fa:bd:25:5f:33:59:bc:0c:3b:63:89:b1:c1:c3:
40:16:a7:8b:26:be:3a:ad:24:d4:50:bd:07:85:04:
23:48:d7:7c:20:86:2c:91:9a:96:ce:49:c1:af:cf:
cd:08:36:dc:10:24:db:07:0b:af:d9:29:bb:a8:56:
f7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:31:62:F8:81:66:DE:BC:93:CD:03:23:FE:ED:E4:5D:2B:7E:59:1D
X509v3 Authority Key Identifier:
keyid:28:95:FB:CB:CF:88:D1:AD:9B:19:FC:42:C7:AA:11:AD:3D:2A:7E:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJX7y8-I0a2bGfxCx6oRrT0qfqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e5b5ab-6af5-43d5-b4e2-4966b3cfc87d/1/1TFi-IFm3ryTzQMj_u3kXSt-WR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e5b5ab-6af5-43d5-b4e2-4966b3cfc87d/1/KJX7y8-I0a2bGfxCx6oRrT0qfqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.50.0/23
91.215.124.0/22
176.119.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:5a:5f:4f:01:a6:fb:b1:d4:29:51:f2:39:5d:93:11:c4:46:
35:b5:59:15:9b:dc:ad:68:7e:59:a6:0a:5a:82:ce:d9:ca:6d:
15:ad:39:df:34:b6:9c:72:f0:10:5a:c7:13:64:79:bb:83:d4:
d0:bf:20:95:a0:a6:1e:d1:2a:0f:93:0c:bc:41:7b:35:57:e3:
44:56:e9:45:e3:ae:5b:f4:bf:e6:32:40:49:a5:6d:1d:85:82:
8b:e1:0e:42:a2:7a:be:12:12:b2:15:03:05:dd:55:0c:d7:0a:
f8:2f:18:7e:96:9a:30:db:54:24:27:d8:bd:74:ee:42:dc:5d:
cd:8e:c1:79:72:a9:00:1f:b6:30:7a:3b:74:13:e2:a0:d7:c5:
34:f5:e2:77:06:71:6e:43:b8:e2:06:02:51:22:46:9b:a5:e5:
a2:5f:4a:40:b5:5b:97:a6:9e:b9:e4:83:c2:ff:cd:64:d1:d6:
f2:06:f2:72:55:e6:93:ba:cf:d3:91:2e:8b:fa:08:4f:89:a5:
1d:0c:40:0a:46:2e:71:31:4d:67:70:c8:13:f2:50:cb:05:e5:
42:d3:32:b0:f7:23:c7:35:bd:e2:f0:14:93:f5:56:a1:8f:2b:
49:4e:06:5a:a2:4c:66:5e:84:c4:4d:b6:24:0d:9b:7e:78:5c:
00:30:68:9f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBR4hsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODk1ZmJjYmNmODhkMWFkOWIxOWZjNDJjN2FhMTFhZDNkMmE3ZWEwMB4XDTIyMDEw
MTA2MDA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUzMTYyZjg4MTY2
ZGViYzkzY2QwMzIzZmVlZGU0NWQyYjdlNTkxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOr9Uk+ImN9P6YnJuShMmweSpsozVdpI+X4eIuSgG9SpT11
/xH/325QTeGI6HxmG7/5UA1vnkd/OOCIqMvvFyxmQXyKaID25LJja3M7wkfUVuhZ
GBvhXrwCCqlC6OTM12mVpcaKFIcJVuZNitf8bHq1ZS/F+QKDQ7HFbHtHc12IQVQJ
xjOF8VHorfa2hqfhycKUpNlpiMmznmwO4t2t8Bwj1OLnd7yCNhTomvJXuzHXYXWk
4awrH+n/0K+693YlpQ2uP/q9JV8zWbwMO2OJscHDQBaniya+Oq0k1FC9B4UEI0jX
fCCGLJGals5Jwa/PzQg23BAk2wcLr9kpu6hW9zECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTVMWL4gWbevJPNAyP+7eRdK35ZHTAfBgNVHSMEGDAWgBQolfvLz4jRrZsZ
/ELHqhGtPSp+oDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tKWDd5OC1JMGEyYkdmeEN4Nm9SclQwcWZxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvZTViNWFiLTZhZjUtNDNkNS1iNGUyLTQ5NjZiM2NmYzg3ZC8x
LzFURmktSUZtM3J5VHpRTWpfdTNrWFN0LVdSMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
ZTViNWFiLTZhZjUtNDNkNS1iNGUyLTQ5NjZiM2NmYzg3ZC8xL0tKWDd5OC1JMGEy
YkdmeEN4Nm9SclQwcWZxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvCMgMEAlvXfAMEA7B36DANBgkq
hkiG9w0BAQsFAAOCAQEAbVpfTwGm+7HUKVHyOV2TEcRGNbVZFZvcrWh+WaYKWoLO
2cptFa053zS2nHLwEFrHE2R5u4PU0L8glaCmHtEqD5MMvEF7NVfjRFbpReOuW/S/
5jJASaVtHYWCi+EOQqJ6vhISshUDBd1VDNcK+C8YfpaaMNtUJCfYvXTuQtxdzY7B
eXKpAB+2MHo7dBPioNfFNPXidwZxbkO44gYCUSJGm6Xlol9KQLVbl6aeueSDwv/N
ZNHW8gbyclXmk7rP05Eui/oIT4mlHQxACkYucTFNZ3DIE/JQywXlQtMysPcjxzW9
4vAUk/VWoY8rSU4GWqJMZl6ExE22JA2bfnhcADBonw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:53 2025 by rpki-client