Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/14cdVxhq4NMXlbKMuZXajiYlDzY.roa
File: 14cdVxhq4NMXlbKMuZXajiYlDzY.roa (raw, json)
Hash identifier: Vx2LiPJ/TYITBr/y2poxspBodtSTOCTuesCxyxMdxQA=
Subject key identifier: D7:87:1D:57:18:6A:E0:D3:17:95:B2:8C:B9:95:DA:8E:26:25:0F:36
Certificate issuer: /CN=2a9100a145dcb7b3795379bb0938fe89aa861924
Certificate serial: 03C93386
Authority key identifier: 2A:91:00:A1:45:DC:B7:B3:79:53:79:BB:09:38:FE:89:AA:86:19:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KpEAoUXct7N5U3m7CTj-iaqGGSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/14cdVxhq4NMXlbKMuZXajiYlDzY.roa
Signing time: Sat 01 Jan 2022 09:01:27 +0000
ROA not before: Sat 01 Jan 2022 09:01:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48143
IP address blocks: 91.207.132.0/23 maxlen: 23
194.213.110.0/23 maxlen: 23
91.218.144.0/22 maxlen: 22
91.218.144.0/23 maxlen: 23
91.218.146.0/23 maxlen: 23
91.218.146.128/25 maxlen: 25
91.218.146.0/25 maxlen: 25
91.218.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63517574 (0x3c93386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a9100a145dcb7b3795379bb0938fe89aa861924
Validity
Not Before: Jan 1 09:01:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7871d57186ae0d31795b28cb995da8e26250f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:8d:6e:f7:32:f9:71:aa:80:64:28:7f:13:94:
d0:78:60:fc:5b:37:7a:87:6b:39:00:f1:b3:05:40:
18:50:9b:94:d3:4a:e3:81:ac:03:d4:8a:45:c9:23:
8d:14:d1:8a:98:6b:09:41:67:f1:f8:34:e1:22:82:
92:92:cb:42:c4:81:49:ce:e2:62:fd:1e:0a:e3:14:
39:ca:84:93:e2:b2:c3:e5:84:1c:54:ea:76:09:c6:
d8:bb:9c:19:72:36:2a:ca:64:25:0b:43:ba:dc:0c:
eb:50:d1:56:82:f7:0b:b0:39:c3:14:aa:d6:28:92:
7d:50:62:50:31:2d:8f:06:2c:83:70:b9:2f:c5:f8:
20:46:2c:95:de:51:03:74:6a:99:09:92:85:f2:8f:
b7:ae:f8:f1:cc:7b:9b:af:d8:d8:25:e1:d9:ef:70:
9f:ac:8d:3b:59:7a:2e:79:67:80:37:a4:e2:44:7d:
72:bc:04:b2:01:f3:90:87:05:80:19:b6:46:67:08:
c5:8f:65:ca:31:f6:84:49:a0:f3:35:73:a8:68:51:
ee:bc:a8:04:ce:06:d1:91:0d:2e:7a:1c:1f:1a:79:
72:b5:d0:08:28:45:eb:dc:a5:a1:ad:5b:6d:4a:cb:
ef:3f:bb:d4:86:94:ba:86:93:2b:fe:29:37:25:0f:
4b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:87:1D:57:18:6A:E0:D3:17:95:B2:8C:B9:95:DA:8E:26:25:0F:36
X509v3 Authority Key Identifier:
keyid:2A:91:00:A1:45:DC:B7:B3:79:53:79:BB:09:38:FE:89:AA:86:19:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpEAoUXct7N5U3m7CTj-iaqGGSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/14cdVxhq4NMXlbKMuZXajiYlDzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/KpEAoUXct7N5U3m7CTj-iaqGGSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.132.0/23
91.218.144.0/22
194.213.110.0/23
Signature Algorithm: sha256WithRSAEncryption
77:1c:30:88:05:33:fa:ab:0a:ae:c2:16:b0:2a:74:79:4b:68:
86:e5:a0:95:ae:0d:8f:59:1b:e6:00:32:3c:40:03:3e:ca:f5:
1c:9c:0d:d1:38:1d:b4:54:a5:7c:fd:1c:78:09:aa:e0:32:2c:
61:0e:6d:65:48:3a:98:8d:c2:5b:93:46:ac:f6:7b:50:f6:1c:
fc:e6:30:b2:b2:a4:c1:c0:ca:cd:ae:3e:76:cb:49:33:b7:3b:
86:eb:53:dd:ca:6f:6d:71:1a:5b:4c:2a:e4:ca:98:10:c8:fa:
28:69:ac:d8:41:b0:db:0b:61:65:eb:f7:d3:b2:eb:19:38:5d:
68:4f:ad:79:6b:19:06:32:fa:76:56:cc:9a:82:e6:19:77:20:
44:05:3f:3a:bd:e4:9c:a2:e4:b0:9e:87:ae:a0:5b:6b:0a:b2:
83:21:7c:c7:ad:36:99:62:d0:15:c5:3a:7e:5d:26:28:f9:10:
d4:0f:97:ca:b6:bc:a0:82:28:82:1e:09:22:41:46:36:64:61:
ab:e5:68:c7:1a:9b:21:69:cf:d1:66:ba:0f:a4:d5:d4:03:1c:
5d:bb:a1:a1:ae:aa:37:17:5e:7c:cb:2a:2a:53:e7:5d:28:cc:
db:00:5d:46:29:eb:3e:0e:52:eb:e5:71:e9:6a:e2:fb:57:9a:
ca:4c:19:83
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA8kzhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YTkxMDBhMTQ1ZGNiN2IzNzk1Mzc5YmIwOTM4ZmU4OWFhODYxOTI0MB4XDTIyMDEw
MTA5MDEyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc4NzFkNTcxODZh
ZTBkMzE3OTViMjhjYjk5NWRhOGUyNjI1MGYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPqNbvcy+XGqgGQofxOU0Hhg/Fs3eodrOQDxswVAGFCblNNK
44GsA9SKRckjjRTRiphrCUFn8fg04SKCkpLLQsSBSc7iYv0eCuMUOcqEk+Kyw+WE
HFTqdgnG2LucGXI2KspkJQtDutwM61DRVoL3C7A5wxSq1iiSfVBiUDEtjwYsg3C5
L8X4IEYsld5RA3RqmQmShfKPt6748cx7m6/Y2CXh2e9wn6yNO1l6LnlngDek4kR9
crwEsgHzkIcFgBm2RmcIxY9lyjH2hEmg8zVzqGhR7ryoBM4G0ZENLnocHxp5crXQ
CChF69yloa1bbUrL7z+71IaUuoaTK/4pNyUPS28CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTXhx1XGGrg0xeVsoy5ldqOJiUPNjAfBgNVHSMEGDAWgBQqkQChRdy3s3lT
ebsJOP6JqoYZJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0twRUFvVVhjdDdONVUzbTdDVGotaWFxR0dTUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvYTM5OGViLWM0MjktNDgzNy04ZTc3LTc5MjQ2Yzg5NDU5MS8x
LzE0Y2RWeGhxNE5NWGxiS011WlhhamlZbER6WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
YTM5OGViLWM0MjktNDgzNy04ZTc3LTc5MjQ2Yzg5NDU5MS8xL0twRUFvVVhjdDdO
NVUzbTdDVGotaWFxR0dTUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvPhAMEAlvakAMEAcLVbjANBgkq
hkiG9w0BAQsFAAOCAQEAdxwwiAUz+qsKrsIWsCp0eUtohuWgla4Nj1kb5gAyPEAD
Psr1HJwN0TgdtFSlfP0ceAmq4DIsYQ5tZUg6mI3CW5NGrPZ7UPYc/OYwsrKkwcDK
za4+dstJM7c7hutT3cpvbXEaW0wq5MqYEMj6KGms2EGw2wthZev307LrGThdaE+t
eWsZBjL6dlbMmoLmGXcgRAU/Or3knKLksJ6HrqBbawqygyF8x602mWLQFcU6fl0m
KPkQ1A+Xyra8oIIogh4JIkFGNmRhq+VoxxqbIWnP0Wa6D6TV1AMcXbuhoa6qNxde
fMsqKlPnXSjM2wBdRinrPg5S6+Vx6Wri+1eaykwZgw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:49 2025 by rpki-client