Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/CALhO2UjlGthVILOGxUtICfAhfM.roa
File: CALhO2UjlGthVILOGxUtICfAhfM.roa (raw, json)
Hash identifier: jjnwTCFJjl/FB8eEXkWeLJZ+ZvuJJEiCqsK2v6snTIQ=
Subject key identifier: 08:02:E1:3B:65:23:94:6B:61:54:82:CE:1B:15:2D:20:27:C0:85:F3
Certificate issuer: /CN=91362d3c0953e8c933f0092a589b75494904f962
Certificate serial: 0501A791
Authority key identifier: 91:36:2D:3C:09:53:E8:C9:33:F0:09:2A:58:9B:75:49:49:04:F9:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTYtPAlT6Mkz8AkqWJt1SUkE-WI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/CALhO2UjlGthVILOGxUtICfAhfM.roa
Signing time: Sat 01 Jan 2022 06:53:34 +0000
ROA not before: Sat 01 Jan 2022 06:53:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30754
IP address blocks: 217.71.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83994513 (0x501a791)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91362d3c0953e8c933f0092a589b75494904f962
Validity
Not Before: Jan 1 06:53:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0802e13b6523946b615482ce1b152d2027c085f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:00:6f:0c:cf:41:12:ac:89:50:8c:d7:b2:cf:
8b:f7:c6:f9:c1:7a:43:64:8d:af:f9:9a:f4:69:e1:
e5:05:05:00:ee:7e:1d:2f:96:5a:47:3e:3f:5a:e9:
64:21:e0:5d:18:67:00:f3:20:3d:42:8a:83:24:85:
f4:59:a7:34:b3:4e:45:a8:7f:75:8d:50:45:19:f0:
43:4a:3d:e0:c0:7a:87:4f:24:2b:01:d8:4b:b5:01:
b6:57:8f:9d:ad:a8:11:de:65:60:8d:f7:a4:a4:e2:
d1:58:84:a6:9c:e3:4c:cd:ab:38:8f:6c:ef:af:c5:
91:d7:83:63:fe:5c:bc:32:e6:f4:58:52:83:97:0b:
00:a5:e2:a6:88:56:15:01:d5:ca:ce:f5:27:38:b5:
bb:90:d8:1a:36:a0:00:98:4a:04:a0:5c:aa:c1:91:
fb:a7:19:1b:eb:a5:4c:bf:ef:e6:03:3f:ec:42:79:
67:8a:b8:e1:c2:25:24:f7:cd:ff:ed:8e:62:6f:08:
4f:71:8b:18:b6:51:bb:b0:1d:d4:e7:e8:a6:58:95:
ca:41:7e:c0:53:05:45:7e:1e:66:8d:a3:6c:4f:f7:
42:71:8c:f4:ea:fa:94:08:72:e7:2d:40:b3:90:d8:
4b:25:d6:9f:81:78:84:10:dd:5a:63:bf:fb:06:e0:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:02:E1:3B:65:23:94:6B:61:54:82:CE:1B:15:2D:20:27:C0:85:F3
X509v3 Authority Key Identifier:
keyid:91:36:2D:3C:09:53:E8:C9:33:F0:09:2A:58:9B:75:49:49:04:F9:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTYtPAlT6Mkz8AkqWJt1SUkE-WI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/CALhO2UjlGthVILOGxUtICfAhfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/kTYtPAlT6Mkz8AkqWJt1SUkE-WI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.71.144.0/20
Signature Algorithm: sha256WithRSAEncryption
02:f4:49:7e:2b:6d:c6:0f:c6:7a:9e:fb:0d:e4:1c:5a:c8:8e:
10:64:4c:1e:04:f0:d2:f9:7b:2c:f9:6a:ef:ba:63:93:b2:30:
af:f4:d3:1b:6f:96:79:55:b1:39:3f:9a:53:75:59:06:0e:69:
37:26:29:f2:4a:95:5f:d8:2c:4a:ec:12:db:11:42:29:a0:32:
07:fb:4d:99:7b:3b:40:a0:78:27:cd:a7:8a:dd:fe:5f:3e:1f:
54:41:97:bc:ce:6c:1a:4a:0b:5f:80:7e:9c:c4:b6:b5:79:08:
52:ad:73:91:67:fa:e2:bb:cf:3f:66:33:76:9d:02:16:08:9d:
2a:6a:ec:d7:bf:83:4c:15:94:19:20:c7:1c:6e:5e:cb:a9:72:
2b:99:1c:47:04:99:99:29:52:07:09:b5:a2:48:f2:7b:f7:10:
0d:4f:e4:62:c7:2c:91:41:ea:1f:e2:5b:a6:be:b3:a3:15:69:
af:94:81:fe:0e:17:d0:a2:8b:e0:ca:7a:f0:5b:3b:f5:0a:18:
39:16:ba:94:5f:6c:df:b1:a2:59:95:d0:9c:e7:27:20:ab:63:
f1:f0:e4:e6:e9:69:6c:7b:b6:ac:7b:0b:e0:e5:ae:7b:4b:06:
84:45:81:bd:1a:0a:8e:d7:1b:b4:a7:3c:dd:3c:03:03:1e:3a:
37:f8:15:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQGnkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MTM2MmQzYzA5NTNlOGM5MzNmMDA5MmE1ODliNzU0OTQ5MDRmOTYyMB4XDTIyMDEw
MTA2NTMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgwMmUxM2I2NTIz
OTQ2YjYxNTQ4MmNlMWIxNTJkMjAyN2MwODVmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAAbwzPQRKsiVCM17LPi/fG+cF6Q2SNr/ma9Gnh5QUFAO5+
HS+WWkc+P1rpZCHgXRhnAPMgPUKKgySF9FmnNLNORah/dY1QRRnwQ0o94MB6h08k
KwHYS7UBtlePna2oEd5lYI33pKTi0ViEppzjTM2rOI9s76/FkdeDY/5cvDLm9FhS
g5cLAKXipohWFQHVys71Jzi1u5DYGjagAJhKBKBcqsGR+6cZG+ulTL/v5gM/7EJ5
Z4q44cIlJPfN/+2OYm8IT3GLGLZRu7Ad1OfopliVykF+wFMFRX4eZo2jbE/3QnGM
9Or6lAhy5y1As5DYSyXWn4F4hBDdWmO/+wbgUhsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIAuE7ZSOUa2FUgs4bFS0gJ8CF8zAfBgNVHSMEGDAWgBSRNi08CVPoyTPw
CSpYm3VJSQT5YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tUWXRQQWxUNk1rejhBa3FXSnQxU1VrRS1XSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvMDIyZWU0LTQ0ZGUtNDAwNC05ODM5LWE0NDljZTQ2YTliMS8x
L0NBTGhPMlVqbEd0aFZJTE9HeFV0SUNmQWhmTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
MDIyZWU0LTQ0ZGUtNDAwNC05ODM5LWE0NDljZTQ2YTliMS8xL2tUWXRQQWxUNk1r
ejhBa3FXSnQxU1VrRS1XSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNlHkDANBgkqhkiG9w0BAQsFAAOC
AQEAAvRJfittxg/Gep77DeQcWsiOEGRMHgTw0vl7LPlq77pjk7Iwr/TTG2+WeVWx
OT+aU3VZBg5pNyYp8kqVX9gsSuwS2xFCKaAyB/tNmXs7QKB4J82nit3+Xz4fVEGX
vM5sGkoLX4B+nMS2tXkIUq1zkWf64rvPP2Yzdp0CFgidKmrs17+DTBWUGSDHHG5e
y6lyK5kcRwSZmSlSBwm1okjye/cQDU/kYscskUHqH+Jbpr6zoxVpr5SB/g4X0KKL
4Mp68Fs79QoYORa6lF9s37GiWZXQnOcnIKtj8fDk5ulpbHu2rHsL4OWue0sGhEWB
vRoKjtcbtKc83TwDAx46N/gVtA==
-----END CERTIFICATE-----
Generated at Fri May 2 23:23:01 2025 by rpki-client