Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/1i0VLuXzBRjr8XyhcGpvOJxZ03Q.roa
File: 1i0VLuXzBRjr8XyhcGpvOJxZ03Q.roa (raw, json)
Hash identifier: QDVBoyXBBwPHfKh0n9Zs+1K4fSnniPR5db/0xVcGQrk=
Subject key identifier: D6:2D:15:2E:E5:F3:05:18:EB:F1:7C:A1:70:6A:6F:38:9C:59:D3:74
Certificate issuer: /CN=8d892f4ded92257e67ba74f1762c8bc914ebd61c
Certificate serial: 08E3E303
Authority key identifier: 8D:89:2F:4D:ED:92:25:7E:67:BA:74:F1:76:2C:8B:C9:14:EB:D6:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkvTe2SJX5nunTxdiyLyRTr1hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/1i0VLuXzBRjr8XyhcGpvOJxZ03Q.roa
Signing time: Sat 01 Jan 2022 12:55:28 +0000
ROA not before: Sat 01 Jan 2022 12:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44684
IP address blocks: 91.244.180.0/24 maxlen: 24
2001:67c:7a4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149152515 (0x8e3e303)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d892f4ded92257e67ba74f1762c8bc914ebd61c
Validity
Not Before: Jan 1 12:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d62d152ee5f30518ebf17ca1706a6f389c59d374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5f:1a:5f:b0:47:0d:a4:c7:40:0d:f1:4a:91:
32:9d:70:32:d7:fc:ea:51:61:2a:0a:59:44:77:35:
54:33:98:d6:6b:47:d2:be:13:51:42:37:79:a2:2b:
6a:f5:59:a6:a0:5d:88:69:91:a6:4c:61:f9:5b:10:
c0:0a:e1:7d:71:8b:1a:d8:28:44:ea:e4:0e:e7:37:
99:03:43:92:fd:da:f7:fd:33:c6:aa:70:1e:91:d3:
8a:2a:3d:ff:bc:67:14:25:ba:78:00:25:75:b8:df:
bf:80:ae:23:5b:ae:91:d1:04:fe:96:58:f6:c3:3b:
3a:f4:c0:eb:88:38:29:15:38:f8:1b:80:86:2d:e8:
18:c4:b7:92:cb:9a:1b:ed:03:8d:04:97:4e:63:b0:
ff:bb:28:70:7c:0c:49:59:a0:d9:12:e7:6e:70:7e:
35:66:b6:60:5f:98:02:6d:39:f8:00:85:2e:a9:0b:
e3:5d:ee:b0:cc:8f:cb:29:5f:9f:33:c2:02:49:91:
5f:6c:80:e9:f0:65:3d:42:66:eb:b7:07:5b:79:23:
dd:ee:8b:18:d8:52:3b:27:ca:67:4a:bb:1d:f6:75:
9f:3e:5f:4f:98:cb:a3:01:2a:0a:f0:ae:b4:8e:80:
6f:bd:2b:e3:ce:5f:d4:66:ae:90:33:67:86:92:89:
ee:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2D:15:2E:E5:F3:05:18:EB:F1:7C:A1:70:6A:6F:38:9C:59:D3:74
X509v3 Authority Key Identifier:
keyid:8D:89:2F:4D:ED:92:25:7E:67:BA:74:F1:76:2C:8B:C9:14:EB:D6:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkvTe2SJX5nunTxdiyLyRTr1hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/1i0VLuXzBRjr8XyhcGpvOJxZ03Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/jYkvTe2SJX5nunTxdiyLyRTr1hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.180.0/24
IPv6:
2001:67c:7a4::/48
Signature Algorithm: sha256WithRSAEncryption
35:41:84:b5:eb:da:d7:eb:10:57:37:2c:e8:e4:d6:3e:ca:dd:
f8:7e:68:92:72:5f:e4:cd:61:e1:e4:a7:12:f8:86:5f:9d:57:
82:58:89:95:e5:48:d4:26:78:f9:f8:54:d0:d6:68:90:5a:d6:
69:39:6d:45:dd:5d:b8:68:74:e8:b4:64:99:8a:d3:aa:fb:0a:
0d:d7:80:f3:b7:eb:66:29:b3:92:52:ad:c5:0f:30:84:4d:e7:
0e:61:87:e0:5e:66:c6:54:66:f0:7d:8d:aa:41:61:ee:46:e1:
5f:4d:49:3c:f0:72:ef:e9:dd:8d:30:7a:24:5c:b2:e2:32:0e:
d4:11:3e:ee:28:60:f4:3b:94:0a:ed:02:b9:d4:de:ad:d7:79:
42:53:f5:74:2a:6a:0f:1e:65:68:ad:4b:05:ed:69:62:a8:28:
e6:9d:38:14:b8:fd:dc:ef:24:5a:63:d4:6c:a4:3c:1b:71:be:
6d:48:c5:da:98:e9:92:7a:2f:9a:03:0b:d0:c6:b4:68:ec:20:
f3:4a:11:ff:43:23:8d:c6:0b:99:a9:10:6f:32:4d:c4:eb:0a:
b0:c4:e4:fb:83:f5:c0:f4:dc:b5:51:f5:2b:81:89:5e:1e:38:
63:93:df:15:07:e8:e2:b1:56:e7:3e:45:fa:17:61:6d:92:fd:
58:f7:67:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECOPjAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDg5MmY0ZGVkOTIyNTdlNjdiYTc0ZjE3NjJjOGJjOTE0ZWJkNjFjMB4XDTIyMDEw
MTEyNTUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDYyZDE1MmVlNWYz
MDUxOGViZjE3Y2ExNzA2YTZmMzg5YzU5ZDM3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFfGl+wRw2kx0AN8UqRMp1wMtf86lFhKgpZRHc1VDOY1mtH
0r4TUUI3eaIravVZpqBdiGmRpkxh+VsQwArhfXGLGtgoROrkDuc3mQNDkv3a9/0z
xqpwHpHTiio9/7xnFCW6eAAldbjfv4CuI1uukdEE/pZY9sM7OvTA64g4KRU4+BuA
hi3oGMS3ksuaG+0DjQSXTmOw/7socHwMSVmg2RLnbnB+NWa2YF+YAm05+ACFLqkL
413usMyPyylfnzPCAkmRX2yA6fBlPUJm67cHW3kj3e6LGNhSOyfKZ0q7HfZ1nz5f
T5jLowEqCvCutI6Ab70r485f1GaukDNnhpKJ7tECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTWLRUu5fMFGOvxfKFwam84nFnTdDAfBgNVHSMEGDAWgBSNiS9N7ZIlfme6
dPF2LIvJFOvWHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pZa3ZUZTJTSlg1bnVuVHhkaXlMeVJUcjFody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvZDFhNzE3LTRjZjMtNGFlNS1iMGZjLTBiZDlkZGYzOTcwZS8x
LzFpMFZMdVh6QlJqcjhYeWhjR3B2T0p4WjAzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
ZDFhNzE3LTRjZjMtNGFlNS1iMGZjLTBiZDlkZGYzOTcwZS8xL2pZa3ZUZTJTSlg1
bnVuVHhkaXlMeVJUcjFody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFv0tDAPBAIAAjAJAwcAIAEGfAek
MA0GCSqGSIb3DQEBCwUAA4IBAQA1QYS169rX6xBXNyzo5NY+yt34fmiScl/kzWHh
5KcS+IZfnVeCWImV5UjUJnj5+FTQ1miQWtZpOW1F3V24aHTotGSZitOq+woN14Dz
t+tmKbOSUq3FDzCETecOYYfgXmbGVGbwfY2qQWHuRuFfTUk88HLv6d2NMHokXLLi
Mg7UET7uKGD0O5QK7QK51N6t13lCU/V0KmoPHmVorUsF7WliqCjmnTgUuP3c7yRa
Y9RspDwbcb5tSMXamOmSei+aAwvQxrRo7CDzShH/QyONxguZqRBvMk3E6wqwxOT7
g/XA9Ny1UfUrgYleHjhjk98VB+jisVbnPkX6F2Ftkv1Y92cl
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:49 2025 by rpki-client