Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/me3d1gTzT_S6wPm2w_zw9XN365o.roa
File: me3d1gTzT_S6wPm2w_zw9XN365o.roa (raw, json)
Hash identifier: ElqsN4M/seXz2HnuSfyFrBdFo3QEJdg+EJ1SV3PxdVo=
Subject key identifier: 99:ED:DD:D6:04:F3:4F:F4:BA:C0:F9:B6:C3:FC:F0:F5:73:77:EB:9A
Certificate issuer: /CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Certificate serial: 072BA88D
Authority key identifier: BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/me3d1gTzT_S6wPm2w_zw9XN365o.roa
Signing time: Sat 01 Jan 2022 02:54:12 +0000
ROA not before: Sat 01 Jan 2022 02:54:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200031
IP address blocks: 91.195.57.0/24 maxlen: 24
91.195.56.0/23 maxlen: 23
91.195.56.0/24 maxlen: 24
45.159.165.0/24 maxlen: 24
45.159.164.0/23 maxlen: 23
45.159.164.0/22 maxlen: 22
45.159.164.0/24 maxlen: 24
45.159.166.0/24 maxlen: 24
45.159.167.0/24 maxlen: 24
45.159.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120301709 (0x72ba88d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Validity
Not Before: Jan 1 02:54:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99edddd604f34ff4bac0f9b6c3fcf0f57377eb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f1:87:fd:aa:01:76:2a:88:66:9f:eb:04:12:
ae:06:de:f2:42:17:ba:e3:ee:4c:3f:ff:ab:bc:e4:
38:72:82:ca:0d:86:c7:1e:7b:b5:8e:c2:92:f0:4f:
ef:c0:a8:66:76:36:97:c2:6c:d4:29:7c:8a:ae:28:
0d:52:a9:a4:2f:83:98:32:7e:c6:d3:63:55:ae:01:
61:e0:63:45:ac:0f:07:f2:a4:09:3c:1b:13:75:1d:
f2:9e:a6:35:f6:a6:eb:03:04:84:05:12:c6:5d:e6:
49:dd:26:bf:ab:0e:01:08:9c:ec:3e:76:66:ee:8d:
9b:ae:65:a5:0f:f6:e6:95:73:df:34:26:31:eb:d0:
ad:b6:8e:40:9b:b3:17:6b:42:43:aa:ee:4f:19:2c:
b2:b6:9a:47:c4:78:08:56:f3:15:30:3e:c0:47:63:
df:3f:4d:a2:c7:71:a0:dd:64:36:bb:d8:b6:52:a7:
57:78:26:f0:d2:f9:d3:b7:e3:d2:10:22:cc:ad:29:
f6:cb:23:0d:15:2b:da:7f:06:84:33:06:c7:e2:f7:
ff:49:3f:9e:1a:00:18:e6:fc:4b:cc:69:b1:af:c2:
73:d4:4d:3e:15:65:87:1a:de:5c:91:99:59:07:28:
da:1b:60:d7:42:ae:d2:fe:75:a4:01:d1:cb:2f:14:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:ED:DD:D6:04:F3:4F:F4:BA:C0:F9:B6:C3:FC:F0:F5:73:77:EB:9A
X509v3 Authority Key Identifier:
keyid:BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/me3d1gTzT_S6wPm2w_zw9XN365o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/v85V0V6xGeUtb6_NOXPi9tTyI_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.164.0/22
91.195.56.0/23
Signature Algorithm: sha256WithRSAEncryption
79:34:21:8a:b0:90:aa:f9:05:ba:62:a6:b1:ea:6d:95:24:17:
5f:34:07:5b:68:be:4a:ad:f5:9f:a8:0d:77:97:6d:d3:46:ad:
ce:ed:df:2d:92:1f:20:b4:f5:22:b4:47:ac:2f:bb:8a:7f:25:
ff:92:e6:bd:b8:dc:a5:d8:89:db:e9:55:7a:64:46:01:74:f0:
98:8b:4f:d3:c7:2e:aa:f4:56:b2:cc:15:d6:a4:0b:bf:ed:56:
50:f3:15:23:75:80:f7:27:9f:90:2c:09:34:6d:db:5b:2e:61:
7f:2a:51:fb:9f:de:29:50:74:12:ab:3d:e6:19:94:ff:eb:7a:
80:30:22:5d:6c:a6:b9:0a:b5:f5:6b:c5:d8:97:16:e1:13:5e:
a3:07:56:fc:cf:34:6a:f0:90:dd:6b:9a:b7:39:30:66:d8:3a:
e1:c4:8d:4a:9b:56:4b:30:ad:61:4e:22:54:31:e8:65:ab:6c:
a7:41:c3:be:7d:f8:f8:dd:62:45:4b:fe:f3:67:9f:cc:20:6b:
8e:46:a3:ba:2e:08:9a:82:5a:1d:11:72:9b:44:b7:d4:94:6f:
b7:f1:71:24:6e:ea:c2:53:0d:42:93:c2:28:37:43:be:34:fd:
8a:83:d2:83:42:cf:50:f3:09:62:a2:eb:c2:b7:77:9a:ee:c3:
8a:3e:aa:71
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEByuojTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmNlNTVkMTVlYjExOWU1MmQ2ZmFmY2QzOTczZTJmNmQ0ZjIyM2YyMB4XDTIyMDEw
MTAyNTQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTllZGRkZDYwNGYz
NGZmNGJhYzBmOWI2YzNmY2YwZjU3Mzc3ZWI5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzxh/2qAXYqiGaf6wQSrgbe8kIXuuPuTD//q7zkOHKCyg2G
xx57tY7CkvBP78CoZnY2l8Js1Cl8iq4oDVKppC+DmDJ+xtNjVa4BYeBjRawPB/Kk
CTwbE3Ud8p6mNfam6wMEhAUSxl3mSd0mv6sOAQic7D52Zu6Nm65lpQ/25pVz3zQm
MevQrbaOQJuzF2tCQ6ruTxkssraaR8R4CFbzFTA+wEdj3z9NosdxoN1kNrvYtlKn
V3gm8NL507fj0hAizK0p9ssjDRUr2n8GhDMGx+L3/0k/nhoAGOb8S8xpsa/Cc9RN
PhVlhxreXJGZWQco2htg10Ku0v51pAHRyy8UxpsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSZ7d3WBPNP9LrA+bbD/PD1c3frmjAfBgNVHSMEGDAWgBS/zlXRXrEZ5S1v
r805c+L21PIj8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y4NVYwVjZ4R2VVdGI2X05PWFBpOXRUeUlfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZWNlNWM3LTIxNDMtNGRiNC05ODU3LTA1MmNmMDFkMjA0OC8x
L21lM2QxZ1R6VF9TNndQbTJ3X3p3OVhOMzY1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZWNlNWM3LTIxNDMtNGRiNC05ODU3LTA1MmNmMDFkMjA0OC8xL3Y4NVYwVjZ4R2VV
dGI2X05PWFBpOXRUeUlfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2fpAMEAVvDODANBgkqhkiG9w0B
AQsFAAOCAQEAeTQhirCQqvkFumKmseptlSQXXzQHW2i+Sq31n6gNd5dt00atzu3f
LZIfILT1IrRHrC+7in8l/5LmvbjcpdiJ2+lVemRGAXTwmItP08cuqvRWsswV1qQL
v+1WUPMVI3WA9yefkCwJNG3bWy5hfypR+5/eKVB0Eqs95hmU/+t6gDAiXWymuQq1
9WvF2JcW4RNeowdW/M80avCQ3WuatzkwZtg64cSNSptWSzCtYU4iVDHoZatsp0HD
vn34+N1iRUv+82efzCBrjkajui4ImoJaHRFym0S31JRvt/FxJG7qwlMNQpPCKDdD
vjT9ioPSg0LPUPMJYqLrwrd3mu7Dij6qcQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:57:11 2025 by rpki-client