Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/clnc1TzZ90wUBIjQ9gIQPaHjMxI.roa
File: clnc1TzZ90wUBIjQ9gIQPaHjMxI.roa (raw, json)
Hash identifier: U5qQBojm2O0bMNgWOPq+yqNA+wHtpXasq3CPFOK/UGY=
Subject key identifier: 72:59:DC:D5:3C:D9:F7:4C:14:04:88:D0:F6:02:10:3D:A1:E3:33:12
Certificate issuer: /CN=af9549176f966d3a221410079097c87f0e1d20b1
Certificate serial: 01BA53
Authority key identifier: AF:95:49:17:6F:96:6D:3A:22:14:10:07:90:97:C8:7F:0E:1D:20:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5VJF2-WbToiFBAHkJfIfw4dILE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/clnc1TzZ90wUBIjQ9gIQPaHjMxI.roa
Signing time: Tue 15 Mar 2022 18:35:00 +0000
ROA not before: Tue 15 Mar 2022 18:35:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44105
IP address blocks: 91.201.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113235 (0x1ba53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af9549176f966d3a221410079097c87f0e1d20b1
Validity
Not Before: Mar 15 18:35:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7259dcd53cd9f74c140488d0f602103da1e33312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fd:b2:74:23:b0:b1:f4:36:2b:7a:0a:bc:b8:
18:4a:3b:7c:99:64:5c:9a:d8:e1:0d:87:6b:43:d7:
4d:42:46:0a:38:a4:ec:4c:8d:c1:a7:37:bc:11:58:
ec:08:69:eb:9a:41:28:5f:b9:c5:5c:b4:a1:03:52:
f7:90:de:7e:f4:ff:9e:2e:3a:ff:66:56:2e:26:3c:
eb:cd:8b:9a:c4:8a:6a:45:6c:3d:f3:5d:45:91:f9:
cf:c7:7e:15:19:40:21:e3:b8:ec:53:1f:db:b7:50:
a9:96:39:25:4b:47:2f:e0:b9:31:df:07:78:81:cf:
b9:c7:81:25:24:8f:3f:05:55:22:08:e7:e5:17:b9:
b7:2b:e0:77:41:44:67:b3:50:9c:0f:99:e1:6b:23:
b6:4a:ae:f8:c2:bf:d6:8d:3b:92:49:32:1c:e0:10:
a7:63:07:39:7e:11:4c:fc:52:4d:01:f9:89:b6:4e:
e8:48:d7:5a:c0:8d:4c:ee:fd:68:fb:da:6e:80:6d:
9c:cf:23:30:bd:73:26:aa:ed:80:e7:a5:b3:28:42:
7b:c3:d6:47:d1:c6:c7:f8:bc:ac:27:04:a8:f0:3b:
ab:04:a7:17:94:81:71:30:b0:d1:89:26:ad:2d:55:
23:e0:43:d5:3d:2e:91:4d:40:0e:da:c1:fd:c4:0d:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:59:DC:D5:3C:D9:F7:4C:14:04:88:D0:F6:02:10:3D:A1:E3:33:12
X509v3 Authority Key Identifier:
keyid:AF:95:49:17:6F:96:6D:3A:22:14:10:07:90:97:C8:7F:0E:1D:20:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5VJF2-WbToiFBAHkJfIfw4dILE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/clnc1TzZ90wUBIjQ9gIQPaHjMxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/r5VJF2-WbToiFBAHkJfIfw4dILE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.12.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:c5:32:47:3e:b6:6e:a1:a1:6b:c8:9b:af:5b:9a:28:0d:59:
2a:25:66:53:c5:f0:79:34:27:92:01:8e:17:15:05:06:dc:7c:
7f:2a:dd:e8:57:d6:92:96:8e:8f:7b:72:82:f6:73:1b:1c:ed:
ff:6a:48:38:c7:15:a2:8d:01:dc:b5:e6:c4:5f:45:88:3f:3c:
4c:21:9e:a3:fa:12:74:a9:e9:fa:d9:b6:3f:b3:7e:69:6d:3e:
cb:5f:d3:6f:7c:6c:4f:00:9d:06:88:f5:5b:c4:60:16:13:5f:
19:81:00:41:17:3d:f6:45:c2:9e:e6:f1:80:37:8f:16:22:2c:
43:d5:04:d9:41:c2:34:13:44:cc:5b:ac:84:a3:63:d0:63:bd:
1d:57:b8:e2:c7:a2:97:68:18:f9:1e:dc:12:52:74:a3:20:6e:
45:e9:24:48:a2:6a:07:7c:c5:4d:a0:09:c4:e3:95:82:34:24:
3c:20:c4:03:fa:d8:e4:a5:ad:c4:6d:4c:e9:bb:45:f2:a2:65:
4c:31:0f:5a:e0:90:3e:3a:42:1b:26:fa:f9:5f:5d:81:c7:ca:
6a:78:23:b5:77:88:5f:f1:be:51:63:8f:18:f5:e3:14:af:79:
26:53:bd:eb:ab:64:50:6f:82:8d:82:10:f0:3d:90:1b:d7:9a:
89:7f:84:21
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAbpTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFm
OTU0OTE3NmY5NjZkM2EyMjE0MTAwNzkwOTdjODdmMGUxZDIwYjEwHhcNMjIwMzE1
MTgzNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MjU5ZGNkNTNjZDlm
NzRjMTQwNDg4ZDBmNjAyMTAzZGExZTMzMzEyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5/2ydCOwsfQ2K3oKvLgYSjt8mWRcmtjhDYdrQ9dNQkYKOKTs
TI3Bpze8EVjsCGnrmkEoX7nFXLShA1L3kN5+9P+eLjr/ZlYuJjzrzYuaxIpqRWw9
811FkfnPx34VGUAh47jsUx/bt1CpljklS0cv4Lkx3wd4gc+5x4ElJI8/BVUiCOfl
F7m3K+B3QURns1CcD5nhayO2Sq74wr/WjTuSSTIc4BCnYwc5fhFM/FJNAfmJtk7o
SNdawI1M7v1o+9pugG2czyMwvXMmqu2A56WzKEJ7w9ZH0cbH+LysJwSo8DurBKcX
lIFxMLDRiSatLVUj4EPVPS6RTUAO2sH9xA0QZQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHJZ3NU82fdMFASI0PYCED2h4zMSMB8GA1UdIwQYMBaAFK+VSRdvlm06IhQQ
B5CXyH8OHSCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cjVWSkYyLVdiVG9pRkJBSGtKZklmdzRkSUxFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNS84NTkxNzAtYTk3NC00YWUzLWEwMjAtM2VhNTlkOTZhNzkwLzEv
Y2xuYzFUelo5MHdVQklqUTlnSVFQYUhqTXhJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84
NTkxNzAtYTk3NC00YWUzLWEwMjAtM2VhNTlkOTZhNzkwLzEvcjVWSkYyLVdiVG9p
RkJBSGtKZklmdzRkSUxFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8kMMA0GCSqGSIb3DQEBCwUAA4IB
AQCpxTJHPrZuoaFryJuvW5ooDVkqJWZTxfB5NCeSAY4XFQUG3Hx/Kt3oV9aSlo6P
e3KC9nMbHO3/akg4xxWijQHctebEX0WIPzxMIZ6j+hJ0qen62bY/s35pbT7LX9Nv
fGxPAJ0GiPVbxGAWE18ZgQBBFz32RcKe5vGAN48WIixD1QTZQcI0E0TMW6yEo2PQ
Y70dV7jix6KXaBj5HtwSUnSjIG5F6SRIomoHfMVNoAnE45WCNCQ8IMQD+tjkpa3E
bUzpu0XyomVMMQ9a4JA+OkIbJvr5X12Bx8pqeCO1d4hf8b5RY48Y9eMUr3kmU73r
q2RQb4KNghDwPZAb15qJf4Qh
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:40 2025 by rpki-client