Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/Wr4iciCAa-Dek_SQuWoJy_etzXY.roa
File: Wr4iciCAa-Dek_SQuWoJy_etzXY.roa (raw, json)
Hash identifier: HvUdNMW8N9twgwVqv/h1eKnIk0YWG06oSn+uikG7qqo=
Subject key identifier: 5A:BE:22:72:20:80:6B:E0:DE:93:F4:90:B9:6A:09:CB:F7:AD:CD:76
Certificate issuer: /CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d
Certificate serial: 018572B4391BA54CDF086FA2A9F90ED932C8
Authority key identifier: 40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/Wr4iciCAa-Dek_SQuWoJy_etzXY.roa
Signing time: Mon 02 Jan 2023 13:38:11 +0000
ROA not before: Mon 02 Jan 2023 13:38:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30781
IP address blocks: 91.223.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:39:1b:a5:4c:df:08:6f:a2:a9:f9:0e:d9:32:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d
Validity
Not Before: Jan 2 13:38:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5abe227220806be0de93f490b96a09cbf7adcd76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5d:05:96:3e:d4:61:f9:bd:ea:f3:c5:d0:8f:
2e:50:da:bb:9b:91:51:9d:f4:aa:80:dc:72:0e:0d:
a8:56:d0:64:fb:0a:3d:d2:4b:b5:4a:2d:c0:cc:84:
95:59:dd:a8:94:aa:f6:f0:1f:d8:dc:a7:75:44:0c:
2a:98:0d:7b:e0:1a:ed:98:3d:6c:63:2f:08:7f:31:
a7:fe:34:37:da:fa:e6:82:42:c8:b9:d8:9e:e2:be:
50:9e:3e:09:77:8f:13:b2:e6:b6:93:62:80:5a:04:
5c:2d:25:33:e2:5d:c5:cb:f6:db:fe:b5:e9:a6:cb:
9f:c2:d4:3e:62:ba:24:f1:1b:c9:18:9c:ea:fc:1e:
0b:f8:f2:44:7c:c6:32:5b:b5:67:2d:67:b6:05:63:
b2:2d:72:ab:0a:e8:6b:83:53:ac:f9:9c:cf:48:3e:
23:2f:dc:35:12:94:e7:7f:55:cb:cb:94:8f:06:a1:
ab:ff:eb:65:73:4a:bc:0d:3b:d1:55:6c:b4:5f:90:
d8:70:0a:15:b5:81:60:00:bd:5a:be:c3:b1:5f:01:
08:15:19:c8:51:9e:d6:8f:e4:59:c5:20:b9:1f:e5:
8d:a6:64:a7:d5:1d:92:94:b9:72:4a:f6:a6:12:41:
36:b2:c4:0d:a0:b6:a4:ff:18:88:1b:e5:7a:f7:71:
cd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BE:22:72:20:80:6B:E0:DE:93:F4:90:B9:6A:09:CB:F7:AD:CD:76
X509v3 Authority Key Identifier:
keyid:40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/Wr4iciCAa-Dek_SQuWoJy_etzXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:02:85:be:a7:88:ec:8d:b1:8b:ce:93:3d:c5:77:c5:b6:b1:
b2:bd:e3:ec:64:a6:20:fc:90:ac:11:83:5a:2c:31:f9:0d:08:
dc:32:d2:8b:66:c8:9f:95:2b:ea:11:27:b3:02:e0:2d:6a:d8:
28:5e:95:c9:d6:9c:8a:ae:1f:c8:63:0f:06:94:cc:62:f2:4a:
3a:75:40:fb:69:6c:f2:68:2e:9e:2c:03:bf:ca:2f:54:4a:61:
42:d4:6a:d7:57:de:f6:f5:ec:e5:ad:1b:ad:14:b3:19:14:68:
ba:2f:d9:4c:95:f9:43:24:6f:81:96:93:3b:64:53:cb:f2:6a:
40:2a:ed:47:a9:b7:b6:58:2d:f4:e3:d6:99:36:13:d9:10:b5:
1c:6e:e1:7f:67:3d:be:41:85:b4:ef:14:b8:3b:f1:5c:73:a0:
2a:39:26:fd:bf:17:25:bb:7f:b3:5d:6a:e1:90:45:ec:e6:9c:
fb:76:8f:2b:1f:5a:70:e0:89:d9:76:b5:1c:84:2d:1d:20:18:
b2:50:b9:90:bf:95:45:37:63:ad:11:71:42:f5:98:15:f0:2e:
18:69:da:61:9b:c9:1e:14:03:9f:14:4c:68:ae:45:ce:7d:ee:
99:21:d0:57:0f:39:43:20:af:63:e4:a6:77:8b:d6:ae:9e:da:
41:c7:8d:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytDkbpUzfCG+iqfkO2TLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGYyZWExNTdiYmI1M2FiMDI2MDExYWNlNWNkMTM2MGVm
MmY3N2QwHhcNMjMwMTAyMTMzODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWJlMjI3MjIwODA2YmUwZGU5M2Y0OTBiOTZhMDljYmY3YWRjZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA810Flj7UYfm96vPF0I8uUNq7m5FR
nfSqgNxyDg2oVtBk+wo90ku1Si3AzISVWd2olKr28B/Y3Kd1RAwqmA174BrtmD1s
Yy8IfzGn/jQ32vrmgkLIudie4r5Qnj4Jd48Tsua2k2KAWgRcLSUz4l3Fy/bb/rXp
psufwtQ+Yrok8RvJGJzq/B4L+PJEfMYyW7VnLWe2BWOyLXKrCuhrg1Os+ZzPSD4j
L9w1EpTnf1XLy5SPBqGr/+tlc0q8DTvRVWy0X5DYcAoVtYFgAL1avsOxXwEIFRnI
UZ7Wj+RZxSC5H+WNpmSn1R2SlLlySvamEkE2ssQNoLak/xiIG+V693HNBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFq+InIggGvg3pP0kLlqCcv3rc12MB8GA1UdIwQY
MBaAFEAPLqFXu7U6sCYBGs5c0TYO8vd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80YmZkNTYtODgwZC00OTliLTg3MjQt
ZDc5NzFmMWU1OTlkLzEvV3I0aWNpQ0FhLURla19TUXVXb0p5X2V0elhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80YmZkNTYtODgwZC00OTliLTg3MjQtZDc5NzFmMWU1OTlk
LzEvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98jMA0G
CSqGSIb3DQEBCwUAA4IBAQClAoW+p4jsjbGLzpM9xXfFtrGyvePsZKYg/JCsEYNa
LDH5DQjcMtKLZsiflSvqESezAuAtatgoXpXJ1pyKrh/IYw8GlMxi8ko6dUD7aWzy
aC6eLAO/yi9USmFC1GrXV9729ezlrRutFLMZFGi6L9lMlflDJG+BlpM7ZFPL8mpA
Ku1Hqbe2WC3049aZNhPZELUcbuF/Zz2+QYW07xS4O/Fcc6AqOSb9vxclu3+zXWrh
kEXs5pz7do8rH1pw4InZdrUchC0dIBiyULmQv5VFN2OtEXFC9ZgV8C4Yadphm8ke
FAOfFExorkXOfe6ZIdBXDzlDIK9j5KZ3i9auntpBx43g
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:15:07 2025 by rpki-client