Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/_iYAF2dW-sA_Z9pH2W9ps14qsj0.roa
File: _iYAF2dW-sA_Z9pH2W9ps14qsj0.roa (raw, json)
Hash identifier: W0D9VgjPvz+qm2AN8gcTOJVMEMXrMQJJHSUrtcXQLNY=
Subject key identifier: FE:26:00:17:67:56:FA:C0:3F:67:DA:47:D9:6F:69:B3:5E:2A:B2:3D
Certificate issuer: /CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d
Certificate serial: 056B2445
Authority key identifier: 40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/_iYAF2dW-sA_Z9pH2W9ps14qsj0.roa
Signing time: Sat 01 Jan 2022 01:53:15 +0000
ROA not before: Sat 01 Jan 2022 01:53:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30781
IP address blocks: 91.223.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90907717 (0x56b2445)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d
Validity
Not Before: Jan 1 01:53:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe2600176756fac03f67da47d96f69b35e2ab23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b9:79:e1:d0:2c:af:d7:bb:24:9c:75:64:ac:
56:29:13:70:1d:32:ee:f7:bb:58:4b:e2:3c:79:33:
73:65:2b:56:77:1a:4d:ce:08:21:29:cf:9d:d2:c8:
3a:e9:41:6f:5b:c9:c9:97:38:02:07:81:1f:b9:13:
c2:62:99:40:d6:b2:3b:cf:46:ae:52:ad:67:8b:d5:
46:50:42:e7:36:dd:b2:0d:1d:fc:4b:0a:dc:33:51:
89:ff:4b:af:9a:a6:a3:21:27:ba:71:7a:43:e3:f6:
10:1a:f1:85:71:44:6d:d8:7c:6e:f5:b9:a5:55:84:
3c:89:8f:75:20:1a:2c:62:b5:ed:a6:d5:11:d2:44:
3f:21:08:7f:95:60:f4:41:f1:04:5f:6c:97:c3:f8:
79:4c:91:48:5c:b3:91:de:c7:7a:ce:f7:2a:b8:39:
cd:6d:f5:e8:c6:01:b8:45:a9:da:97:55:6a:0a:8a:
59:5d:9e:8f:86:1f:c2:94:d3:e2:14:e2:cc:29:05:
95:2e:a6:89:75:5a:b8:d7:ba:f2:ed:3d:e9:3c:a0:
00:2e:dd:d5:a0:7b:14:df:99:b6:06:3e:6a:32:d7:
a7:72:9c:96:cb:96:87:1c:e5:ad:e2:ac:80:e5:ad:
71:aa:1a:9f:19:ec:32:7e:dd:ef:e6:45:4a:d5:2b:
7b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:26:00:17:67:56:FA:C0:3F:67:DA:47:D9:6F:69:B3:5E:2A:B2:3D
X509v3 Authority Key Identifier:
keyid:40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/_iYAF2dW-sA_Z9pH2W9ps14qsj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.35.0/24
Signature Algorithm: sha256WithRSAEncryption
85:49:c5:2e:10:04:72:62:fa:72:cd:4c:14:26:54:8a:06:ff:
3c:98:88:9e:90:30:b0:57:c5:e5:6e:09:96:36:62:2c:01:df:
62:01:6a:88:be:05:e4:9d:ff:be:22:14:bc:48:66:19:26:20:
27:47:41:ba:1e:b7:42:2a:d5:34:6d:91:87:cb:b0:d0:2e:91:
b4:85:2e:6e:aa:02:4c:0e:d3:50:c3:bb:d1:f2:ce:40:2e:89:
ef:d0:5b:aa:db:59:58:92:ac:82:e0:bd:35:e0:3d:e0:81:33:
cc:da:14:60:ab:a8:a3:be:92:5d:fe:6b:2a:e3:9e:d7:01:49:
19:2b:12:27:cc:02:d3:d0:9b:06:55:c2:d3:40:e0:f4:b4:1f:
5c:e0:46:6d:95:a1:94:f8:81:35:97:e2:2f:af:c3:c6:36:4a:
cb:23:33:be:77:65:90:b5:82:0d:d8:88:8d:40:e9:e3:a9:fd:
1b:78:25:e9:8c:37:fe:7e:7b:5b:e1:53:82:47:4d:47:c5:12:
37:9d:54:43:8d:a0:59:8e:36:3a:95:62:b5:e5:3c:93:15:da:
6e:9f:c8:0a:63:ef:94:b2:ee:32:b3:97:2d:7d:59:0d:8b:46:
24:99:5b:52:3c:e1:40:bb:de:5c:05:6d:85:66:0a:9c:b8:e7:
d1:49:ed:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWskRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDBmMmVhMTU3YmJiNTNhYjAyNjAxMWFjZTVjZDEzNjBlZjJmNzdkMB4XDTIyMDEw
MTAxNTMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUyNjAwMTc2NzU2
ZmFjMDNmNjdkYTQ3ZDk2ZjY5YjM1ZTJhYjIzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPO5eeHQLK/XuyScdWSsVikTcB0y7ve7WEviPHkzc2UrVnca
Tc4IISnPndLIOulBb1vJyZc4AgeBH7kTwmKZQNayO89GrlKtZ4vVRlBC5zbdsg0d
/EsK3DNRif9Lr5qmoyEnunF6Q+P2EBrxhXFEbdh8bvW5pVWEPImPdSAaLGK17abV
EdJEPyEIf5Vg9EHxBF9sl8P4eUyRSFyzkd7Hes73Krg5zW316MYBuEWp2pdVagqK
WV2ej4YfwpTT4hTizCkFlS6miXVauNe68u096TygAC7d1aB7FN+ZtgY+ajLXp3Kc
lsuWhxzlreKsgOWtcaoanxnsMn7d7+ZFStUreycCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT+JgAXZ1b6wD9n2kfZb2mzXiqyPTAfBgNVHSMEGDAWgBRADy6hV7u1OrAm
ARrOXNE2DvL3fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FBOHVvVmU3dFRxd0pnRWF6bHpSTmc3eTkzMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNGJmZDU2LTg4MGQtNDk5Yi04NzI0LWQ3OTcxZjFlNTk5ZC8x
L19pWUFGMmRXLXNBX1o5cEgyVzlwczE0cXNqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NGJmZDU2LTg4MGQtNDk5Yi04NzI0LWQ3OTcxZjFlNTk5ZC8xL1FBOHVvVmU3dFRx
d0pnRWF6bHpSTmc3eTkzMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvfIzANBgkqhkiG9w0BAQsFAAOC
AQEAhUnFLhAEcmL6cs1MFCZUigb/PJiInpAwsFfF5W4JljZiLAHfYgFqiL4F5J3/
viIUvEhmGSYgJ0dBuh63QirVNG2Rh8uw0C6RtIUubqoCTA7TUMO70fLOQC6J79Bb
qttZWJKsguC9NeA94IEzzNoUYKuoo76SXf5rKuOe1wFJGSsSJ8wC09CbBlXC00Dg
9LQfXOBGbZWhlPiBNZfiL6/DxjZKyyMzvndlkLWCDdiIjUDp46n9G3gl6Yw3/n57
W+FTgkdNR8USN51UQ42gWY42OpViteU8kxXabp/ICmPvlLLuMrOXLX1ZDYtGJJlb
UjzhQLveXAVthWYKnLjn0UntXg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:15:09 2025 by rpki-client