Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/ridfbYy4FGduGBFMm7Y42K-LS8k.roa
File: ridfbYy4FGduGBFMm7Y42K-LS8k.roa (raw, json)
Hash identifier: U2PHGynHUuYh6JD35zWHdjaMpd5yvlvZKiyu7SntMrc=
Subject key identifier: AE:27:5F:6D:8C:B8:14:67:6E:18:11:4C:9B:B6:38:D8:AF:8B:4B:C9
Certificate issuer: /CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Certificate serial: 03D1FBC0
Authority key identifier: 5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/ridfbYy4FGduGBFMm7Y42K-LS8k.roa
Signing time: Sat 01 Jan 2022 11:58:06 +0000
ROA not before: Sat 01 Jan 2022 11:58:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35319
IP address blocks: 91.222.36.0/22 maxlen: 22
185.181.16.0/22 maxlen: 22
195.140.160.0/22 maxlen: 22
91.226.44.0/23 maxlen: 23
185.137.218.0/23 maxlen: 23
185.137.216.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64093120 (0x3d1fbc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Validity
Not Before: Jan 1 11:58:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae275f6d8cb814676e18114c9bb638d8af8b4bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:34:f6:3e:94:f9:a6:50:2f:a3:f0:1c:5a:a0:
4f:77:53:a1:ef:d1:4c:75:80:31:3a:dc:2a:25:29:
1f:f1:59:c0:93:2a:6a:27:dc:61:53:92:af:7b:17:
8d:1b:0d:02:73:4c:4f:9c:6f:b4:fb:d9:8a:ea:f2:
50:c8:77:5a:5f:33:4f:6c:ad:f7:5d:9d:a9:0f:8d:
ab:e3:6e:04:d2:05:be:db:91:b0:3e:e1:cd:7c:68:
83:7c:1d:34:f7:fc:59:79:30:af:f3:f1:8a:90:80:
f6:a2:5e:63:bb:56:a8:68:79:04:41:26:f3:af:d6:
46:02:c8:1b:2e:3c:7a:2c:01:71:a0:65:bd:ba:97:
ae:a8:56:9f:b5:c6:eb:68:af:06:59:73:9a:08:c1:
0b:e5:10:29:bd:2f:a2:82:41:37:90:b6:27:69:24:
0b:be:fc:c3:7b:2e:31:9c:9c:35:ef:3a:dc:ba:10:
d7:64:d8:79:f4:35:21:b5:02:38:eb:2f:b5:bd:6e:
90:42:84:63:5c:10:f1:d7:96:d4:3e:cf:6d:d7:6b:
c4:ab:db:0e:91:f0:fa:3b:40:b0:55:5a:f6:2e:b3:
bc:c5:c5:99:8a:93:91:bc:f3:dc:48:c3:98:bd:0c:
a7:9d:a9:7b:1d:0b:8e:b8:c7:b9:c2:2b:76:82:3a:
5a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:27:5F:6D:8C:B8:14:67:6E:18:11:4C:9B:B6:38:D8:AF:8B:4B:C9
X509v3 Authority Key Identifier:
keyid:5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/ridfbYy4FGduGBFMm7Y42K-LS8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/XxqmqSkxv8fhQAfEfJSc1e4-mA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.36.0/22
91.226.44.0/23
185.137.216.0/22
185.181.16.0/22
195.140.160.0/22
Signature Algorithm: sha256WithRSAEncryption
73:fb:6c:dc:2c:c7:3d:11:e0:ae:e1:61:de:f0:2e:28:99:9a:
39:da:95:93:9e:b9:0d:c2:4a:0f:45:d9:a0:7b:6c:b5:19:e3:
16:47:30:ee:e2:67:30:29:e4:8f:2f:b8:66:16:72:e6:ec:c9:
75:07:79:5f:aa:b0:24:d6:c1:33:9c:c1:ce:3d:13:9d:c2:38:
ba:32:09:75:e8:a6:70:72:0f:65:fe:5b:8a:bf:25:7c:56:96:
d9:ec:0f:13:f5:a8:b2:80:1d:90:ac:3f:af:cd:86:cb:f0:b8:
1d:fa:b1:dc:31:be:60:92:1b:d6:d0:11:f2:82:fa:e7:69:a9:
07:07:62:33:d8:5c:70:14:a4:4e:24:80:6a:7c:62:70:9d:34:
46:d7:f2:c3:01:b7:81:f2:5e:cc:f6:8d:bd:e8:a6:4d:cf:70:
b0:7b:14:de:64:d5:55:a6:06:7c:cc:51:09:42:a4:50:dc:33:
a7:54:1c:8f:29:20:13:ea:89:ac:f2:52:b2:92:77:5b:f9:a1:
2d:c4:39:60:00:33:39:86:57:3f:6c:eb:f7:90:7f:f5:34:cc:
bb:62:a1:25:80:b7:dd:e9:d5:da:53:36:48:3d:cc:0e:b9:a8:
e0:ca:f2:9d:fd:25:7d:46:ce:fc:d6:ed:1a:99:f4:8e:e2:e3:
e6:42:e0:0e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA9H7wDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjFhYTZhOTI5MzFiZmM3ZTE0MDA3YzQ3Yzk0OWNkNWVlM2U5ODBmMB4XDTIyMDEw
MTExNTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWUyNzVmNmQ4Y2I4
MTQ2NzZlMTgxMTRjOWJiNjM4ZDhhZjhiNGJjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMM09j6U+aZQL6PwHFqgT3dToe/RTHWAMTrcKiUpH/FZwJMq
aifcYVOSr3sXjRsNAnNMT5xvtPvZiuryUMh3Wl8zT2yt912dqQ+Nq+NuBNIFvtuR
sD7hzXxog3wdNPf8WXkwr/PxipCA9qJeY7tWqGh5BEEm86/WRgLIGy48eiwBcaBl
vbqXrqhWn7XG62ivBllzmgjBC+UQKb0vooJBN5C2J2kkC778w3suMZycNe863LoQ
12TYefQ1IbUCOOsvtb1ukEKEY1wQ8deW1D7PbddrxKvbDpHw+jtAsFVa9i6zvMXF
mYqTkbzz3EjDmL0Mp52pex0LjrjHucIrdoI6WlkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSuJ19tjLgUZ24YEUybtjjYr4tLyTAfBgNVHSMEGDAWgBRfGqapKTG/x+FA
B8R8lJzV7j6YDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h4cW1xU2t4djhmaFFBZkVmSlNjMWU0LW1BOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvYTBjM2RiLTY1NDUtNDVhOC1hODQ1LWJiN2VjM2M4Y2RlOC8x
L3JpZGZiWXk0RkdkdUdCRk1tN1k0MkstTFM4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
YTBjM2RiLTY1NDUtNDVhOC1hODQ1LWJiN2VjM2M4Y2RlOC8xL1h4cW1xU2t4djhm
aFFBZkVmSlNjMWU0LW1BOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlveJAMEAVviLAMEArmJ2AMEArm1
EAMEAsOMoDANBgkqhkiG9w0BAQsFAAOCAQEAc/ts3CzHPRHgruFh3vAuKJmaOdqV
k565DcJKD0XZoHtstRnjFkcw7uJnMCnkjy+4ZhZy5uzJdQd5X6qwJNbBM5zBzj0T
ncI4ujIJdeimcHIPZf5bir8lfFaW2ewPE/WosoAdkKw/r82Gy/C4Hfqx3DG+YJIb
1tAR8oL652mpBwdiM9hccBSkTiSAanxicJ00RtfywwG3gfJezPaNveimTc9wsHsU
3mTVVaYGfMxRCUKkUNwzp1QcjykgE+qJrPJSspJ3W/mhLcQ5YAAzOYZXP2zr95B/
9TTMu2KhJYC33enV2lM2SD3MDrmo4Mrynf0lfUbO/NbtGpn0juLj5kLgDg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:21:08 2025 by rpki-client