Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/_DMEZXDE1CSd49PgxTz5YU-OAp4.roa
File: _DMEZXDE1CSd49PgxTz5YU-OAp4.roa (raw, json)
Hash identifier: 55QK3QSIApYD40HRyvr3PHScAMXeM45STBBbDHZD0DQ=
Subject key identifier: FC:33:04:65:70:C4:D4:24:9D:E3:D3:E0:C5:3C:F9:61:4F:8E:02:9E
Certificate issuer: /CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Certificate serial: 095C0BA0
Authority key identifier: 1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/_DMEZXDE1CSd49PgxTz5YU-OAp4.roa
Signing time: Sat 01 Jan 2022 03:52:43 +0000
ROA not before: Sat 01 Jan 2022 03:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 141.98.172.0/24 maxlen: 24
2a09:28c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157027232 (0x95c0ba0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Validity
Not Before: Jan 1 03:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc33046570c4d4249de3d3e0c53cf9614f8e029e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:96:d6:9b:e0:a2:c4:0c:b8:52:06:24:5c:0d:
6f:43:22:8f:0b:13:9c:26:ce:16:f4:de:03:fb:04:
84:2a:60:b6:d7:39:37:a7:4f:38:6f:76:72:a9:7a:
2f:1e:63:e7:9e:cb:be:51:a0:fa:7c:16:65:b5:7b:
0e:7a:bb:57:dc:bf:fa:de:03:72:4a:ae:d4:d3:28:
9d:38:f3:6a:c8:b5:2b:19:34:de:b3:6b:2a:82:dd:
e5:10:85:21:a1:16:94:e7:95:30:a7:71:12:73:be:
2e:d4:87:cb:be:f5:30:71:b5:95:27:df:c9:a6:cd:
b8:58:07:6e:2c:25:b1:1e:d7:0b:a3:34:e2:c2:6b:
40:7e:69:ad:ef:30:b4:d6:b9:9a:ee:44:42:2c:c1:
52:c6:b3:47:47:d9:e1:07:4d:6e:f2:1e:33:9e:2b:
95:da:f1:97:7c:af:4d:00:80:31:21:77:42:d0:3a:
4a:06:7c:3a:c0:6f:f2:13:fd:38:e8:5f:28:24:2f:
40:ea:c1:48:0e:70:43:20:2e:2d:4d:20:b2:5a:45:
c2:81:24:0f:32:c2:13:71:e3:02:42:73:8d:33:55:
a6:89:58:3d:6c:c8:e1:10:1a:be:8f:23:75:f2:fd:
e3:ed:ac:3e:15:b9:68:e5:e4:59:5c:59:3a:e7:ff:
1f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:33:04:65:70:C4:D4:24:9D:E3:D3:E0:C5:3C:F9:61:4F:8E:02:9E
X509v3 Authority Key Identifier:
keyid:1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/_DMEZXDE1CSd49PgxTz5YU-OAp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.172.0/24
IPv6:
2a09:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
59:9c:d3:7f:e3:e8:4b:57:6d:c0:b6:62:03:2b:3c:41:98:a2:
e8:06:0d:77:81:e3:d4:89:0b:6d:b7:b1:30:30:f5:dd:b4:82:
ee:ae:99:cf:98:3d:0e:4c:d9:01:b2:62:92:d2:de:63:d1:1a:
95:4d:d7:1c:b6:b4:77:56:bb:1a:0a:8e:8d:33:2f:6b:18:7a:
80:09:55:55:ce:a9:d1:be:bc:7d:eb:37:f2:d3:a1:4e:b4:8c:
e6:76:e5:d3:12:92:d5:10:49:85:10:e8:cc:70:6e:34:80:5f:
63:7f:d1:94:06:ac:80:81:77:3c:9c:ef:93:7a:74:57:7b:7b:
97:be:33:8d:19:aa:90:db:18:fa:3e:71:78:54:41:5d:24:40:
80:84:71:9d:76:54:33:43:fa:1c:4b:71:e4:47:d6:94:a9:f7:
e7:8a:db:83:d9:f7:69:08:3d:b1:06:49:fd:19:45:be:e1:c1:
c3:95:b2:5d:ac:d6:25:ab:1e:5e:85:84:04:85:a7:ba:ed:19:
4d:66:2f:0d:56:9e:b0:f8:68:38:dc:d5:1d:6a:c9:18:2b:8d:
93:50:d9:c2:8b:e4:a0:28:7c:c2:04:76:72:94:4e:23:87:93:
a2:61:a1:af:35:21:24:16:3a:20:b0:df:e3:b1:aa:69:23:ef:
30:12:46:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECVwLoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWQ2MWE1MmYxMDgyZWNmNGM5N2I1MTIyYjQ2MTEyMjUwNzM0NTFiMB4XDTIyMDEw
MTAzNTI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMzMzA0NjU3MGM0
ZDQyNDlkZTNkM2UwYzUzY2Y5NjE0ZjhlMDI5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIaW1pvgosQMuFIGJFwNb0MijwsTnCbOFvTeA/sEhCpgttc5
N6dPOG92cql6Lx5j557LvlGg+nwWZbV7Dnq7V9y/+t4Dckqu1NMonTjzasi1Kxk0
3rNrKoLd5RCFIaEWlOeVMKdxEnO+LtSHy771MHG1lSffyabNuFgHbiwlsR7XC6M0
4sJrQH5pre8wtNa5mu5EQizBUsazR0fZ4QdNbvIeM54rldrxl3yvTQCAMSF3QtA6
SgZ8OsBv8hP9OOhfKCQvQOrBSA5wQyAuLU0gslpFwoEkDzLCE3HjAkJzjTNVpolY
PWzI4RAavo8jdfL94+2sPhW5aOXkWVxZOuf/H8sCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT8MwRlcMTUJJ3j0+DFPPlhT44CnjAfBgNVHSMEGDAWgBQa1hpS8Qguz0yX
tRIrRhEiUHNFGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d0WWFVdkVJTHM5TWw3VVNLMFlSSWxCelJScy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNTlkNTU1LTIwYmQtNGM0Mi04NGJhLTcyY2U5NWJhOWFmYS8x
L19ETUVaWERFMUNTZDQ5UGd4VHo1WVUtT0FwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
NTlkNTU1LTIwYmQtNGM0Mi04NGJhLTcyY2U5NWJhOWFmYS8xL0d0WWFVdkVJTHM5
TWw3VVNLMFlSSWxCelJScy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAI1irDAPBAIAAjAJAwcAKgkowAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZnNN/4+hLV23AtmIDKzxBmKLoBg13gePUiQtt
t7EwMPXdtILurpnPmD0OTNkBsmKS0t5j0RqVTdcctrR3VrsaCo6NMy9rGHqACVVV
zqnRvrx96zfy06FOtIzmduXTEpLVEEmFEOjMcG40gF9jf9GUBqyAgXc8nO+TenRX
e3uXvjONGaqQ2xj6PnF4VEFdJECAhHGddlQzQ/ocS3HkR9aUqffnituD2fdpCD2x
Bkn9GUW+4cHDlbJdrNYlqx5ehYQEhae67RlNZi8NVp6w+Gg43NUdaskYK42TUNnC
i+SgKHzCBHZylE4jh5OiYaGvNSEkFjogsN/jsappI+8wEkap
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:28:59 2025 by rpki-client