Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/eK3V62uy36LdfRqeofyvv837J6g.roa
File: eK3V62uy36LdfRqeofyvv837J6g.roa (raw, json)
Hash identifier: uI56M1nhHm/M1Y25B/RkMIvFzqNJfHWyawcXAlWhmRc=
Subject key identifier: 78:AD:D5:EB:6B:B2:DF:A2:DD:7D:1A:9E:A1:FC:AF:BF:CD:FB:27:A8
Certificate issuer: /CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Certificate serial: 018571F0F474CA8D9561F83F97F27113CBFE
Authority key identifier: 5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/eK3V62uy36LdfRqeofyvv837J6g.roa
Signing time: Mon 02 Jan 2023 10:04:54 +0000
ROA not before: Mon 02 Jan 2023 10:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35319
IP address blocks: 91.222.36.0/22 maxlen: 22
185.181.16.0/22 maxlen: 22
195.140.160.0/22 maxlen: 22
91.226.44.0/23 maxlen: 23
185.137.218.0/23 maxlen: 23
185.137.216.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f4:74:ca:8d:95:61:f8:3f:97:f2:71:13:cb:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Validity
Not Before: Jan 2 10:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78add5eb6bb2dfa2dd7d1a9ea1fcafbfcdfb27a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e7:24:4a:e0:ac:5f:cf:7c:0b:71:ee:ee:82:
74:90:05:6b:bb:bb:d8:7c:84:06:52:36:4c:75:14:
d9:8a:b9:de:f8:c8:df:c0:79:f7:ac:99:d4:ce:bb:
ab:47:0d:01:28:7a:e5:a2:46:b4:87:f7:ea:53:8c:
df:38:e8:c6:06:48:ad:c1:ce:85:a7:80:ca:a9:d7:
e6:fc:60:28:e7:39:7b:51:22:61:84:07:57:b0:85:
06:c5:0f:0a:0c:df:35:11:33:e1:b1:cc:48:6a:0c:
68:9a:ff:28:24:a9:39:f7:51:9f:96:73:86:72:f1:
15:ef:91:ad:1a:92:9c:cc:75:c7:3d:33:27:d5:00:
dd:8b:60:1d:5a:a6:67:39:b2:dc:5c:5a:7c:81:56:
50:1c:58:26:62:0b:55:fb:f5:62:66:56:70:44:bd:
fb:ff:f1:e6:ba:a0:1f:fb:ef:18:7c:98:96:aa:15:
4d:69:7e:89:e6:3e:6b:a5:3b:24:36:cd:9f:51:25:
2a:71:9b:9a:e1:be:21:45:0d:cb:3c:8a:23:35:33:
8c:3e:49:7b:e5:0b:b5:5c:b2:b9:fe:00:fb:3e:2c:
e5:cc:50:21:56:43:e8:1c:09:81:18:46:5b:fb:88:
0f:b8:ee:70:6c:86:02:a9:5a:3d:fe:15:71:47:3f:
c9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AD:D5:EB:6B:B2:DF:A2:DD:7D:1A:9E:A1:FC:AF:BF:CD:FB:27:A8
X509v3 Authority Key Identifier:
keyid:5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/eK3V62uy36LdfRqeofyvv837J6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/XxqmqSkxv8fhQAfEfJSc1e4-mA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.36.0/22
91.226.44.0/23
185.137.216.0/22
185.181.16.0/22
195.140.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:ed:47:b1:47:f7:d2:bd:47:04:06:b8:42:ff:9f:b7:d4:da:
49:b1:96:f7:ee:48:a5:ac:e5:c4:8a:1e:e5:6d:db:8a:57:a6:
ff:1d:9d:32:6c:1c:97:27:d3:a0:1a:33:70:8a:48:85:d0:1c:
99:f8:76:e4:5c:98:bb:9f:ee:81:ca:e3:f1:e0:1e:fc:d3:dc:
a8:96:89:a8:e3:28:16:d8:6c:37:21:c0:d0:9a:ef:b1:e7:60:
f9:df:b0:5b:31:60:95:5d:dd:54:1c:a5:5c:bb:65:fd:df:08:
3d:82:82:10:82:c2:00:3d:f3:05:f8:a4:e6:33:2d:e8:c9:1a:
ff:79:0a:2e:4f:cc:0e:c9:66:73:09:ff:2d:8c:fb:09:2d:b6:
57:49:4f:a7:87:7c:5a:ae:12:4e:41:00:ca:36:1f:99:de:13:
3b:fe:0b:e8:10:1a:02:49:c9:a3:26:a5:87:4d:b6:42:a9:5f:
55:30:20:c9:31:59:66:16:7d:db:22:86:7a:3a:e0:d2:9c:82:
a3:48:8c:1b:7a:a7:a5:ee:e3:9e:a6:41:a1:3c:e4:71:0f:7c:
82:14:eb:93:89:cf:49:f8:2b:c0:a2:c0:24:69:eb:d8:be:08:
52:e1:14:92:be:49:75:91:f9:32:bc:d8:7b:81:49:65:9a:0c:
e8:70:e6:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVx8PR0yo2VYfg/l/JxE8v+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWFhNmE5MjkzMWJmYzdlMTQwMDdjNDdjOTQ5Y2Q1ZWUz
ZTk4MGYwHhcNMjMwMTAyMTAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFkZDVlYjZiYjJkZmEyZGQ3ZDFhOWVhMWZjYWZiZmNkZmIyN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeckSuCsX898C3Hu7oJ0kAVru7vY
fIQGUjZMdRTZirne+MjfwHn3rJnUzrurRw0BKHrloka0h/fqU4zfOOjGBkitwc6F
p4DKqdfm/GAo5zl7USJhhAdXsIUGxQ8KDN81ETPhscxIagxomv8oJKk591GflnOG
cvEV75GtGpKczHXHPTMn1QDdi2AdWqZnObLcXFp8gVZQHFgmYgtV+/ViZlZwRL37
//HmuqAf++8YfJiWqhVNaX6J5j5rpTskNs2fUSUqcZua4b4hRQ3LPIojNTOMPkl7
5Qu1XLK5/gD7PizlzFAhVkPoHAmBGEZb+4gPuO5wbIYCqVo9/hVxRz/J5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHit1etrst+i3X0anqH8r7/N+yeoMB8GA1UdIwQY
MBaAFF8apqkpMb/H4UAHxHyUnNXuPpgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhxbXFTa3h2OGZoUUFmRWZKU2MxZTQtbUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9hMGMzZGItNjU0NS00NWE4LWE4NDUt
YmI3ZWMzYzhjZGU4LzEvZUszVjYydXkzNkxkZlJxZW9meXZ2ODM3SjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9hMGMzZGItNjU0NS00NWE4LWE4NDUtYmI3ZWMzYzhjZGU4
LzEvWHhxbXFTa3h2OGZoUUFmRWZKU2MxZTQtbUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW94kAwQB
W+IsAwQCuYnYAwQCubUQAwQCw4ygMA0GCSqGSIb3DQEBCwUAA4IBAQBL7UexR/fS
vUcEBrhC/5+31NpJsZb37kilrOXEih7lbduKV6b/HZ0ybByXJ9OgGjNwikiF0ByZ
+HbkXJi7n+6ByuPx4B7809yolomo4ygW2Gw3IcDQmu+x52D537BbMWCVXd1UHKVc
u2X93wg9goIQgsIAPfMF+KTmMy3oyRr/eQouT8wOyWZzCf8tjPsJLbZXSU+nh3xa
rhJOQQDKNh+Z3hM7/gvoEBoCScmjJqWHTbZCqV9VMCDJMVlmFn3bIoZ6OuDSnIKj
SIwbeqel7uOepkGhPORxD3yCFOuTic9J+CvAosAkaevYvghS4RSSvkl1kfkyvNh7
gUllmgzocOYh
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:47:11 2025 by rpki-client