Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/bf9xyJ-FGzsWNJm4auWfIrRrjbU.roa
File: bf9xyJ-FGzsWNJm4auWfIrRrjbU.roa (raw, json)
Hash identifier: ImR0oitGkQH7tRVGWN1ZlkhAT1C+n1g/lbQ8Ux6QL0Y=
Subject key identifier: 6D:FF:71:C8:9F:85:1B:3B:16:34:99:B8:6A:E5:9F:22:B4:6B:8D:B5
Certificate issuer: /CN=4dd6e779a6c0f0b09216622380467dce2d11a318
Certificate serial: 09EDA064
Authority key identifier: 4D:D6:E7:79:A6:C0:F0:B0:92:16:62:23:80:46:7D:CE:2D:11:A3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdbneabA8LCSFmIjgEZ9zi0Roxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/bf9xyJ-FGzsWNJm4auWfIrRrjbU.roa
Signing time: Sat 01 Jan 2022 12:03:50 +0000
ROA not before: Sat 01 Jan 2022 12:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8758
IP address blocks: 91.229.102.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166568036 (0x9eda064)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd6e779a6c0f0b09216622380467dce2d11a318
Validity
Not Before: Jan 1 12:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dff71c89f851b3b163499b86ae59f22b46b8db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5d:b2:c0:de:3d:e0:a3:11:1b:04:dc:9b:b7:
4e:8b:5b:92:bc:4e:22:ea:69:59:d5:4a:d1:5d:28:
85:4a:87:42:09:83:8c:b0:e2:04:2a:5e:04:18:7e:
8e:82:96:8c:f0:7a:17:86:6a:da:ce:65:a4:50:47:
78:f3:db:f0:5b:ce:d6:bc:2a:39:cd:44:0e:eb:bd:
c5:66:1d:55:b9:3c:ec:4f:cb:f8:e2:e9:55:c8:2c:
42:04:c7:a3:b1:2d:5f:e3:29:10:fa:7e:0a:7d:93:
10:6c:88:45:ad:48:40:0d:1b:b5:0d:54:6e:c2:f0:
80:ed:de:6a:e0:de:8b:8e:ed:9a:ca:6a:bd:20:13:
b6:8c:04:89:48:42:ca:46:71:81:12:77:aa:31:a8:
f7:ad:db:ea:2b:dc:ad:69:bd:b3:94:26:a0:52:e1:
66:8c:3f:99:48:46:57:5d:51:48:d1:85:19:d6:00:
5d:49:04:b1:97:d8:e5:74:14:c1:f0:06:d1:7e:33:
a9:e1:87:67:f0:50:67:09:ac:3c:4f:62:da:d8:82:
78:b5:d4:37:6a:7b:0d:c2:4e:78:52:97:4d:c6:f7:
71:bc:dc:0d:1e:6f:fe:0c:b6:e3:d6:4b:2c:08:87:
8d:3c:08:a8:13:10:88:ac:13:91:d6:14:c2:44:9b:
14:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FF:71:C8:9F:85:1B:3B:16:34:99:B8:6A:E5:9F:22:B4:6B:8D:B5
X509v3 Authority Key Identifier:
keyid:4D:D6:E7:79:A6:C0:F0:B0:92:16:62:23:80:46:7D:CE:2D:11:A3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdbneabA8LCSFmIjgEZ9zi0Roxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/bf9xyJ-FGzsWNJm4auWfIrRrjbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/TdbneabA8LCSFmIjgEZ9zi0Roxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.102.0/23
Signature Algorithm: sha256WithRSAEncryption
84:45:e0:59:fe:5a:9b:56:c8:56:10:5d:23:22:39:53:d0:6e:
cc:0a:45:e1:3e:f8:04:1a:3a:2b:c3:35:cc:cd:ac:26:07:55:
6a:eb:ab:7c:0c:58:ab:f9:9c:3f:af:5c:ea:e8:d2:fe:51:64:
d8:a2:11:8c:01:23:80:3b:e6:ab:e0:79:ee:0d:69:25:65:63:
31:67:e9:97:8e:9f:c8:85:40:88:48:e3:c0:4e:77:23:c1:49:
39:c8:c0:ba:dd:f6:9b:a4:b1:45:9c:46:3a:57:b0:ea:4c:73:
f6:e9:5e:72:2e:83:53:46:b5:7c:f9:7c:f2:e1:c0:e2:eb:39:
24:ee:f5:90:5f:48:a2:4f:6b:79:86:34:36:2c:a7:94:a6:3a:
1e:c5:b4:61:94:46:72:16:1e:c6:9b:2a:9e:d9:de:66:c4:46:
60:1b:7d:8b:f0:02:cf:16:d0:ea:42:dc:4d:08:95:3b:e1:86:
9a:34:20:b7:2e:b4:48:f7:fd:65:9d:de:df:df:b8:b7:7d:ec:
22:98:8a:41:13:df:33:bb:5a:ce:b0:9e:73:3d:cf:cc:f9:76:
60:ee:1e:2a:a5:1f:3b:f3:a0:94:bd:a2:8f:fa:f0:80:00:9f:
1b:d8:0d:ec:73:c6:fb:bd:ba:5b:af:24:e5:28:c2:1a:aa:b6:
bc:d0:a8:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECe2gZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGQ2ZTc3OWE2YzBmMGIwOTIxNjYyMjM4MDQ2N2RjZTJkMTFhMzE4MB4XDTIyMDEw
MTEyMDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRmZjcxYzg5Zjg1
MWIzYjE2MzQ5OWI4NmFlNTlmMjJiNDZiOGRiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpdssDePeCjERsE3Ju3TotbkrxOIuppWdVK0V0ohUqHQgmD
jLDiBCpeBBh+joKWjPB6F4Zq2s5lpFBHePPb8FvO1rwqOc1EDuu9xWYdVbk87E/L
+OLpVcgsQgTHo7EtX+MpEPp+Cn2TEGyIRa1IQA0btQ1UbsLwgO3eauDei47tmspq
vSATtowEiUhCykZxgRJ3qjGo963b6ivcrWm9s5QmoFLhZow/mUhGV11RSNGFGdYA
XUkEsZfY5XQUwfAG0X4zqeGHZ/BQZwmsPE9i2tiCeLXUN2p7DcJOeFKXTcb3cbzc
DR5v/gy249ZLLAiHjTwIqBMQiKwTkdYUwkSbFA8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRt/3HIn4UbOxY0mbhq5Z8itGuNtTAfBgNVHSMEGDAWgBRN1ud5psDwsJIW
YiOARn3OLRGjGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RkYm5lYWJBOExDU0ZtSWpnRVo5emkwUm94Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZjBiMjg1LWQwMzgtNGRlNi05Mzc0LWM0NzJlNjJlYmVhOC8x
L2JmOXh5Si1GR3pzV05KbTRhdVdmSXJScmpiVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZjBiMjg1LWQwMzgtNGRlNi05Mzc0LWM0NzJlNjJlYmVhOC8xL1RkYm5lYWJBOExD
U0ZtSWpnRVo5emkwUm94Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvlZjANBgkqhkiG9w0BAQsFAAOC
AQEAhEXgWf5am1bIVhBdIyI5U9BuzApF4T74BBo6K8M1zM2sJgdVauurfAxYq/mc
P69c6ujS/lFk2KIRjAEjgDvmq+B57g1pJWVjMWfpl46fyIVAiEjjwE53I8FJOcjA
ut32m6SxRZxGOlew6kxz9uleci6DU0a1fPl88uHA4us5JO71kF9Iok9reYY0Niyn
lKY6HsW0YZRGchYexpsqntneZsRGYBt9i/ACzxbQ6kLcTQiVO+GGmjQgty60SPf9
ZZ3e39+4t33sIpiKQRPfM7tazrCecz3PzPl2YO4eKqUfO/OglL2ij/rwgACfG9gN
7HPG+726W68k5SjCGqq2vNCoAg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:45:11 2025 by rpki-client