Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c15cf7-422d-4a8a-8f4c-2d54e582b5e0/1/3A_l8KlLtp8joXkYTinYt_dEy3o.roa
File: 3A_l8KlLtp8joXkYTinYt_dEy3o.roa (raw, json)
Hash identifier: 0FCKY7H8B11Fli+xgNWH6pzFthoXiqu9+AlOTcKeC+k=
Subject key identifier: DC:0F:E5:F0:A9:4B:B6:9F:23:A1:79:18:4E:29:D8:B7:F7:44:CB:7A
Certificate issuer: /CN=874fc0fba1b836c23ff6df468c8abf7d3a8216ce
Certificate serial: 01856FE6EB593760758E69CC558CA172E1D8
Authority key identifier: 87:4F:C0:FB:A1:B8:36:C2:3F:F6:DF:46:8C:8A:BF:7D:3A:82:16:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0_A-6G4NsI_9t9GjIq_fTqCFs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c15cf7-422d-4a8a-8f4c-2d54e582b5e0/1/3A_l8KlLtp8joXkYTinYt_dEy3o.roa
Signing time: Mon 02 Jan 2023 00:34:42 +0000
ROA not before: Mon 02 Jan 2023 00:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49589
IP address blocks: 91.214.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:eb:59:37:60:75:8e:69:cc:55:8c:a1:72:e1:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874fc0fba1b836c23ff6df468c8abf7d3a8216ce
Validity
Not Before: Jan 2 00:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0fe5f0a94bb69f23a179184e29d8b7f744cb7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:bc:e2:87:91:65:53:75:57:c4:d0:ed:db:
d1:ac:15:ca:b5:b8:5c:1a:2e:e2:db:58:0c:02:a7:
95:45:dc:72:12:f5:a4:a3:77:00:e1:28:eb:cd:80:
b4:0a:65:5c:31:21:c0:96:81:17:6f:e1:74:8d:36:
fb:d1:10:c8:fe:2d:ec:4c:3d:aa:b4:5e:38:45:f9:
27:0e:29:aa:bf:65:21:6b:bb:ae:50:fe:a7:55:9b:
96:29:23:52:ea:b2:1f:87:cd:26:9f:5d:12:60:16:
45:e3:0c:c6:20:75:88:ef:5a:cd:fd:bc:a4:0d:74:
d4:32:6c:fc:1a:02:07:5e:05:5f:41:e8:36:d9:5e:
b9:4f:27:1f:03:fb:e6:c9:1b:40:ed:72:5e:c9:d8:
55:36:f0:41:ba:8f:f2:6f:83:5b:42:f8:b3:20:60:
93:6a:9d:67:dd:0a:3e:d4:74:4f:d0:a9:ab:61:99:
ef:7f:e4:c7:53:73:00:d6:b5:1f:d7:15:d4:e2:20:
a6:9d:1d:04:12:75:b3:21:cf:60:47:5b:90:39:6b:
3d:a8:a1:35:2f:3a:37:7f:65:82:63:bb:9e:4f:d5:
19:1c:f1:7c:84:79:1e:e7:a4:d9:2b:3d:2a:d7:60:
83:92:4f:ab:4a:5d:34:98:66:a6:9e:e5:ef:76:1b:
34:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0F:E5:F0:A9:4B:B6:9F:23:A1:79:18:4E:29:D8:B7:F7:44:CB:7A
X509v3 Authority Key Identifier:
keyid:87:4F:C0:FB:A1:B8:36:C2:3F:F6:DF:46:8C:8A:BF:7D:3A:82:16:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0_A-6G4NsI_9t9GjIq_fTqCFs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c15cf7-422d-4a8a-8f4c-2d54e582b5e0/1/3A_l8KlLtp8joXkYTinYt_dEy3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c15cf7-422d-4a8a-8f4c-2d54e582b5e0/1/h0_A-6G4NsI_9t9GjIq_fTqCFs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.244.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:c6:fd:01:e5:c1:49:c9:2b:b6:18:bd:b7:a0:80:7c:02:61:
5d:2d:24:20:61:f7:65:6b:5b:f1:a3:fb:ae:70:4d:d2:85:0f:
5c:7a:a7:5b:eb:ae:6a:b8:84:f8:b0:67:75:36:e7:ea:f3:24:
80:6b:4c:47:69:bd:2a:83:6a:dc:ac:20:b8:35:15:7c:e0:af:
00:33:74:8a:31:8a:79:2d:f2:4d:b6:b3:96:47:ac:7c:3f:99:
78:da:95:06:4e:80:08:a5:7e:3d:20:83:b1:66:18:e4:d1:a5:
04:04:df:3b:1e:2d:d7:33:eb:33:a1:38:c4:f6:57:8c:bc:dc:
82:67:d6:1f:94:28:1a:ff:14:0f:09:e8:00:88:c8:62:32:d4:
14:e4:18:f5:61:de:e3:2d:c0:02:59:91:86:e3:57:2a:7b:9f:
f7:ae:b0:58:ba:1a:ba:4c:e0:18:7a:56:da:31:d1:64:97:04:
c9:02:44:8b:1b:e4:3d:4c:4c:26:6d:20:6a:70:cd:c3:71:0c:
42:84:5d:3a:44:c4:10:9f:ad:20:e5:7e:7e:66:82:5a:eb:be:
29:8b:7e:cc:8a:d9:c1:df:2d:cd:0a:92:2d:2f:67:c6:0e:1b:
25:5d:5c:de:71:f1:90:c7:24:c7:78:75:25:7b:4c:b9:0d:95:
48:a2:71:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5utZN2B1jmnMVYyhcuHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGZjMGZiYTFiODM2YzIzZmY2ZGY0NjhjOGFiZjdkM2E4
MjE2Y2UwHhcNMjMwMTAyMDAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBmZTVmMGE5NGJiNjlmMjNhMTc5MTg0ZTI5ZDhiN2Y3NDRjYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+q84oeRZVN1V8TQ7dvRrBXKtbhc
Gi7i21gMAqeVRdxyEvWko3cA4SjrzYC0CmVcMSHAloEXb+F0jTb70RDI/i3sTD2q
tF44RfknDimqv2Uha7uuUP6nVZuWKSNS6rIfh80mn10SYBZF4wzGIHWI71rN/byk
DXTUMmz8GgIHXgVfQeg22V65TycfA/vmyRtA7XJeydhVNvBBuo/yb4NbQvizIGCT
ap1n3Qo+1HRP0KmrYZnvf+THU3MA1rUf1xXU4iCmnR0EEnWzIc9gR1uQOWs9qKE1
Lzo3f2WCY7ueT9UZHPF8hHke56TZKz0q12CDkk+rSl00mGamnuXvdhs0GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwP5fCpS7afI6F5GE4p2Lf3RMt6MB8GA1UdIwQY
MBaAFIdPwPuhuDbCP/bfRoyKv306ghbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBfQS02RzROc0lfOXQ5R2pJcV9mVHFDRnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jMTVjZjctNDIyZC00YThhLThmNGMt
MmQ1NGU1ODJiNWUwLzEvM0FfbDhLbEx0cDhqb1hrWVRpbll0X2RFeTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jMTVjZjctNDIyZC00YThhLThmNGMtMmQ1NGU1ODJiNWUw
LzEvaDBfQS02RzROc0lfOXQ5R2pJcV9mVHFDRnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9b0MA0G
CSqGSIb3DQEBCwUAA4IBAQAcxv0B5cFJySu2GL23oIB8AmFdLSQgYfdla1vxo/uu
cE3ShQ9ceqdb665quIT4sGd1Nufq8ySAa0xHab0qg2rcrCC4NRV84K8AM3SKMYp5
LfJNtrOWR6x8P5l42pUGToAIpX49IIOxZhjk0aUEBN87Hi3XM+szoTjE9leMvNyC
Z9YflCga/xQPCegAiMhiMtQU5Bj1Yd7jLcACWZGG41cqe5/3rrBYuhq6TOAYelba
MdFklwTJAkSLG+Q9TEwmbSBqcM3DcQxChF06RMQQn60g5X5+ZoJa674pi37MitnB
3y3NCpItL2fGDhslXVzecfGQxyTHeHUle0y5DZVIonFe
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:51:56 2025 by rpki-client