Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/70e69c-dc4e-4c96-89df-f762526307e8/1/XddOWr3do1fxs0YC90nhiAR9Md4.roa
File: XddOWr3do1fxs0YC90nhiAR9Md4.roa (raw, json)
Hash identifier: XAJNzlD+7eP0kV1LsHXeOCrUb3e854E8F+xWm44GzGw=
Subject key identifier: 5D:D7:4E:5A:BD:DD:A3:57:F1:B3:46:02:F7:49:E1:88:04:7D:31:DE
Certificate issuer: /CN=fd8ec3435380e8ae15fc81cddcc94cee67d6b390
Certificate serial: 033AC158
Authority key identifier: FD:8E:C3:43:53:80:E8:AE:15:FC:81:CD:DC:C9:4C:EE:67:D6:B3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Y7DQ1OA6K4V_IHN3MlM7mfWs5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/70e69c-dc4e-4c96-89df-f762526307e8/1/XddOWr3do1fxs0YC90nhiAR9Md4.roa
Signing time: Sat 01 Jan 2022 13:03:14 +0000
ROA not before: Sat 01 Jan 2022 13:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56998
IP address blocks: 91.229.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54182232 (0x33ac158)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd8ec3435380e8ae15fc81cddcc94cee67d6b390
Validity
Not Before: Jan 1 13:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dd74e5abddda357f1b34602f749e188047d31de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a0:67:c8:fc:63:2c:c2:66:7b:1b:9d:55:ac:
13:5c:7f:3f:c8:d5:ff:d6:15:36:81:fc:bb:21:23:
75:b4:9a:f2:80:d0:e1:06:a9:30:e2:a8:86:64:19:
75:f9:16:40:23:62:18:9f:06:e7:3d:04:4c:f6:00:
f8:3b:22:6a:28:da:18:32:73:2c:f9:5a:bd:cd:fe:
f3:aa:1f:45:41:95:f9:e8:aa:7b:11:78:d7:91:3b:
10:6e:b6:64:2b:2d:a6:8b:10:c9:bc:7c:18:6c:e5:
aa:ed:25:ff:77:25:85:25:28:4e:d5:33:f9:01:2d:
96:af:93:9c:28:f5:4a:29:cd:b5:a5:f7:e9:cf:b3:
16:5e:a0:ce:a4:3c:92:f2:35:0c:63:17:68:38:0a:
5b:01:6d:f1:dc:1b:ec:16:ed:be:da:86:a8:c9:40:
de:02:a4:0a:7b:24:a9:e3:e3:ac:ba:5c:c7:1c:19:
71:d2:5a:ae:d0:ca:3f:a4:a1:28:de:a9:40:8a:b5:
66:24:1d:90:7d:03:0c:b1:c2:a7:75:ec:15:6e:57:
d1:d0:5c:55:7c:c0:7f:56:a6:ad:35:3e:5a:2b:8c:
d2:dd:14:3a:85:94:be:bf:bf:cb:5a:a8:dc:3b:33:
7a:b4:a0:a2:0c:f8:13:bd:02:22:4e:24:64:c1:dd:
e6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D7:4E:5A:BD:DD:A3:57:F1:B3:46:02:F7:49:E1:88:04:7D:31:DE
X509v3 Authority Key Identifier:
keyid:FD:8E:C3:43:53:80:E8:AE:15:FC:81:CD:DC:C9:4C:EE:67:D6:B3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Y7DQ1OA6K4V_IHN3MlM7mfWs5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/70e69c-dc4e-4c96-89df-f762526307e8/1/XddOWr3do1fxs0YC90nhiAR9Md4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/70e69c-dc4e-4c96-89df-f762526307e8/1/_Y7DQ1OA6K4V_IHN3MlM7mfWs5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.184.0/24
Signature Algorithm: sha256WithRSAEncryption
29:71:c7:fc:8f:bc:a3:a9:ff:2e:8f:ba:21:c8:55:fa:05:f1:
e4:02:52:80:e7:57:0a:4e:18:dc:d6:0f:22:39:0f:35:97:c7:
c2:5d:fa:31:79:0b:cc:2e:f6:bc:32:a2:f1:e5:a9:89:ba:77:
d2:8e:8c:48:91:aa:7f:f3:5a:a2:77:ba:6e:db:a3:89:13:97:
da:8c:c0:c5:cc:c3:86:14:3c:a4:38:cd:32:93:29:14:ec:c3:
3a:ec:e9:fd:46:24:69:c9:fe:81:ff:4f:1f:2c:70:fd:97:1d:
87:7b:e9:32:72:fa:29:be:ec:98:32:06:f1:08:a3:6e:99:72:
22:bb:b0:99:1e:2e:48:96:e3:47:63:77:67:3b:be:8e:b4:91:
e9:d4:76:5d:40:cf:4a:1a:8c:d4:45:d5:f3:0a:2f:01:6e:62:
ee:92:9d:57:fc:8a:58:20:03:99:22:03:f7:e5:e0:8d:03:da:
f2:8b:95:0f:e3:ef:c4:39:76:4f:ad:e7:9e:72:8d:0b:ed:0c:
35:14:ad:c5:de:27:4c:0b:11:f3:32:83:40:d8:9b:e6:d7:05:
61:8b:54:37:02:b8:a5:a6:73:d5:8e:64:a3:88:4c:69:48:da:
5c:2f:55:55:16:45:98:a2:e3:76:ec:25:1b:4a:32:2e:d3:c6:
f3:0a:92:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzrBWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDhlYzM0MzUzODBlOGFlMTVmYzgxY2RkY2M5NGNlZTY3ZDZiMzkwMB4XDTIyMDEw
MTEzMDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRkNzRlNWFiZGRk
YTM1N2YxYjM0NjAyZjc0OWUxODgwNDdkMzFkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOgZ8j8YyzCZnsbnVWsE1x/P8jV/9YVNoH8uyEjdbSa8oDQ
4QapMOKohmQZdfkWQCNiGJ8G5z0ETPYA+DsiaijaGDJzLPlavc3+86ofRUGV+eiq
exF415E7EG62ZCstposQybx8GGzlqu0l/3clhSUoTtUz+QEtlq+TnCj1SinNtaX3
6c+zFl6gzqQ8kvI1DGMXaDgKWwFt8dwb7BbtvtqGqMlA3gKkCnskqePjrLpcxxwZ
cdJartDKP6ShKN6pQIq1ZiQdkH0DDLHCp3XsFW5X0dBcVXzAf1amrTU+WiuM0t0U
OoWUvr+/y1qo3DszerSgogz4E70CIk4kZMHd5o8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRd105avd2jV/GzRgL3SeGIBH0x3jAfBgNVHSMEGDAWgBT9jsNDU4DorhX8
gc3cyUzuZ9azkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19ZN0RRMU9BNks0Vl9JSE4zTWxNN21mV3M1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNzBlNjljLWRjNGUtNGM5Ni04OWRmLWY3NjI1MjYzMDdlOC8x
L1hkZE9XcjNkbzFmeHMwWUM5MG5oaUFSOU1kNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
NzBlNjljLWRjNGUtNGM5Ni04OWRmLWY3NjI1MjYzMDdlOC8xL19ZN0RRMU9BNks0
Vl9JSE4zTWxNN21mV3M1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvluDANBgkqhkiG9w0BAQsFAAOC
AQEAKXHH/I+8o6n/Lo+6IchV+gXx5AJSgOdXCk4Y3NYPIjkPNZfHwl36MXkLzC72
vDKi8eWpibp30o6MSJGqf/Naone6btujiROX2ozAxczDhhQ8pDjNMpMpFOzDOuzp
/UYkacn+gf9PHyxw/Zcdh3vpMnL6Kb7smDIG8QijbplyIruwmR4uSJbjR2N3Zzu+
jrSR6dR2XUDPShqM1EXV8wovAW5i7pKdV/yKWCADmSID9+XgjQPa8ouVD+PvxDl2
T63nnnKNC+0MNRStxd4nTAsR8zKDQNib5tcFYYtUNwK4paZz1Y5ko4hMaUjaXC9V
VRZFmKLjduwlG0oyLtPG8wqSKw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:46 2025 by rpki-client