Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/_-1SReSnazFAGcEo9aRjlhQ_A-E.roa
File: _-1SReSnazFAGcEo9aRjlhQ_A-E.roa (raw, json)
Hash identifier: sP+CJWEbRDI4boyGFX07CTWzB/CQleTc3duWA/zO6Lw=
Subject key identifier: FF:ED:52:45:E4:A7:6B:31:40:19:C1:28:F5:A4:63:96:14:3F:03:E1
Certificate issuer: /CN=d435658b58b714196eef371bd967c0c5e2cabd66
Certificate serial: 03B9FD0B
Authority key identifier: D4:35:65:8B:58:B7:14:19:6E:EF:37:1B:D9:67:C0:C5:E2:CA:BD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/_-1SReSnazFAGcEo9aRjlhQ_A-E.roa
Signing time: Sat 01 Jan 2022 05:01:35 +0000
ROA not before: Sat 01 Jan 2022 05:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25229
IP address blocks: 46.150.64.0/19 maxlen: 20
91.237.6.0/23 maxlen: 24
195.42.126.0/23 maxlen: 24
91.237.12.0/22 maxlen: 23
176.111.176.0/20 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62520587 (0x3b9fd0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d435658b58b714196eef371bd967c0c5e2cabd66
Validity
Not Before: Jan 1 05:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffed5245e4a76b314019c128f5a46396143f03e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a6:25:2e:12:57:2b:4d:61:d4:9c:e4:63:72:
e2:96:37:af:d5:bc:fa:17:a3:62:83:10:11:b0:94:
93:3e:41:97:d3:4d:3a:8b:c8:70:67:5f:83:51:3d:
ee:5e:07:75:13:1a:b7:ed:0a:d9:55:ab:a7:71:1a:
9f:7d:86:5c:d4:80:e0:9f:b0:c8:6c:ec:91:ee:cf:
d3:e2:bf:83:d8:8b:d8:24:e9:69:5d:39:b2:6b:bd:
60:10:60:a6:71:6e:60:b4:52:ae:95:c0:3b:9a:22:
b7:8d:7a:de:5e:26:bc:09:02:de:f2:45:80:5b:b4:
22:48:90:5f:97:67:26:d5:93:7a:18:32:53:02:89:
be:22:32:20:be:c1:c5:8f:64:43:b3:b0:06:d9:84:
2a:8b:89:f5:f5:d7:73:5c:58:e8:67:25:91:51:fb:
27:8e:f3:80:77:cc:cf:29:0d:e7:d7:eb:13:08:35:
73:c2:b2:75:2e:8b:ef:26:1f:51:c1:32:f3:eb:f4:
c2:69:be:6f:eb:08:cd:9c:dd:16:a7:ab:4c:9b:f3:
14:0e:7a:e0:3f:e8:72:13:67:96:17:95:ac:44:36:
42:4b:2b:91:2f:a5:de:14:f2:7a:1d:31:08:98:b7:
a4:b3:ac:3a:01:53:d5:ca:9b:6e:8e:f0:dc:02:0d:
71:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:ED:52:45:E4:A7:6B:31:40:19:C1:28:F5:A4:63:96:14:3F:03:E1
X509v3 Authority Key Identifier:
keyid:D4:35:65:8B:58:B7:14:19:6E:EF:37:1B:D9:67:C0:C5:E2:CA:BD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/_-1SReSnazFAGcEo9aRjlhQ_A-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/1DVli1i3FBlu7zcb2WfAxeLKvWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.150.64.0/19
91.237.6.0/23
91.237.12.0/22
176.111.176.0/20
195.42.126.0/23
Signature Algorithm: sha256WithRSAEncryption
01:a8:76:3f:1b:19:5e:a5:cd:c5:f0:66:9d:fc:09:a4:d4:b3:
bb:eb:3b:c9:20:8c:ad:90:79:5a:cb:c2:79:da:6a:4e:ab:24:
89:2b:30:f6:fe:a8:e7:e2:41:af:6b:ba:69:15:30:ce:14:1d:
32:ef:ef:06:43:ec:3f:bc:15:93:98:c8:6f:80:de:13:43:9b:
d7:6c:1a:36:db:b7:4d:b7:c2:9e:9e:35:0c:85:3d:31:6c:7b:
d6:23:88:b2:5f:ac:dd:2a:bf:d7:5f:65:29:85:9c:cc:62:13:
2f:29:61:b9:21:19:5e:12:96:cc:18:46:ce:32:d5:96:27:e7:
ec:81:2d:1f:19:c5:a0:6e:91:97:d1:a9:89:57:ff:f5:23:74:
6a:51:3b:ed:ba:65:6f:22:c8:ed:20:01:4d:e5:e2:2f:f4:d8:
65:76:0b:ae:26:78:e2:b5:a6:81:e6:87:64:ec:3a:27:b7:e4:
77:a6:2f:5a:94:fb:33:7e:80:35:6c:86:b2:e3:c5:22:0a:8a:
ea:ab:40:50:0b:2e:50:29:38:61:f4:9a:02:ce:d4:5f:e0:ce:
27:f4:d0:ac:4f:ff:12:a3:a7:c4:dc:e4:ed:51:50:b5:aa:c9:
d0:e7:63:43:49:d9:42:4f:49:79:34:bb:e1:bd:fb:06:4f:95:
22:c6:a0:df
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA7n9CzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM1NjU4YjU4YjcxNDE5NmVlZjM3MWJkOTY3YzBjNWUyY2FiZDY2MB4XDTIyMDEw
MTA1MDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZlZDUyNDVlNGE3
NmIzMTQwMTljMTI4ZjVhNDYzOTYxNDNmMDNlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANimJS4SVytNYdSc5GNy4pY3r9W8+hejYoMQEbCUkz5Bl9NN
OovIcGdfg1E97l4HdRMat+0K2VWrp3Ean32GXNSA4J+wyGzske7P0+K/g9iL2CTp
aV05smu9YBBgpnFuYLRSrpXAO5oit4163l4mvAkC3vJFgFu0IkiQX5dnJtWTehgy
UwKJviIyIL7BxY9kQ7OwBtmEKouJ9fXXc1xY6GclkVH7J47zgHfMzykN59frEwg1
c8KydS6L7yYfUcEy8+v0wmm+b+sIzZzdFqerTJvzFA564D/ochNnlheVrEQ2Qksr
kS+l3hTyeh0xCJi3pLOsOgFT1cqbbo7w3AINcSUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBT/7VJF5KdrMUAZwSj1pGOWFD8D4TAfBgNVHSMEGDAWgBTUNWWLWLcUGW7v
NxvZZ8DF4sq9ZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVmxpMWkzRkJsdTd6Y2IyV2ZBeGVMS3ZXWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvOTFmOGY5LWZjM2YtNGJiOC04NDU0LTQwNWIwYmRhMmMyNi8x
L18tMVNSZVNuYXpGQUdjRW85YVJqbGhRX0EtRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
OTFmOGY5LWZjM2YtNGJiOC04NDU0LTQwNWIwYmRhMmMyNi8xLzFEVmxpMWkzRkJs
dTd6Y2IyV2ZBeGVMS3ZXWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBS6WQAMEAVvtBgMEAlvtDAMEBLBv
sAMEAcMqfjANBgkqhkiG9w0BAQsFAAOCAQEAAah2PxsZXqXNxfBmnfwJpNSzu+s7
ySCMrZB5WsvCedpqTqskiSsw9v6o5+JBr2u6aRUwzhQdMu/vBkPsP7wVk5jIb4De
E0Ob12waNtu3TbfCnp41DIU9MWx71iOIsl+s3Sq/119lKYWczGITLylhuSEZXhKW
zBhGzjLVlifn7IEtHxnFoG6Rl9GpiVf/9SN0alE77bplbyLI7SABTeXiL/TYZXYL
riZ44rWmgeaHZOw6J7fkd6YvWpT7M36ANWyGsuPFIgqK6qtAUAsuUCk4YfSaAs7U
X+DOJ/TQrE//EqOnxNzk7VFQtarJ0OdjQ0nZQk9JeTS74b37Bk+VIsag3w==
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:57:03 2025 by rpki-client