Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/B9FA_nAqNr8UxMRbDjzwxz8oXyI.roa
File: B9FA_nAqNr8UxMRbDjzwxz8oXyI.roa (raw, json)
Hash identifier: hIirSR61WACBaf8REf5YeakidQbWxP7/BfBQXcpTovA=
Subject key identifier: 07:D1:40:FE:70:2A:36:BF:14:C4:C4:5B:0E:3C:F0:C7:3F:28:5F:22
Certificate issuer: /CN=1e11f8a6b283b52604d932a25893b86404121e8b
Certificate serial: 01856C939FB666FF62098873D0315FA88FCC
Authority key identifier: 1E:11:F8:A6:B2:83:B5:26:04:D9:32:A2:58:93:B8:64:04:12:1E:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhH4prKDtSYE2TKiWJO4ZAQSHos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/B9FA_nAqNr8UxMRbDjzwxz8oXyI.roa
Signing time: Sun 01 Jan 2023 09:04:52 +0000
ROA not before: Sun 01 Jan 2023 09:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43966
IP address blocks: 91.227.44.0/22 maxlen: 22
193.111.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:9f:b6:66:ff:62:09:88:73:d0:31:5f:a8:8f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e11f8a6b283b52604d932a25893b86404121e8b
Validity
Not Before: Jan 1 09:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07d140fe702a36bf14c4c45b0e3cf0c73f285f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:90:26:a4:30:47:82:43:e0:cf:75:f0:8f:
f7:aa:26:43:44:bc:a5:d0:38:72:8e:12:72:d2:7b:
ea:22:bc:7e:55:e6:c4:4a:bd:03:c7:c5:67:7f:b2:
40:ae:97:9a:6c:c8:89:95:53:fd:1b:c3:0e:8e:11:
7b:eb:ef:22:45:16:1f:62:13:b2:b4:f7:e4:9c:7b:
68:05:d6:31:84:ec:ff:b5:31:ef:2f:e1:90:aa:b7:
e6:03:4c:64:65:b8:76:1e:e0:62:50:93:35:cd:94:
f5:0d:19:b3:79:95:a7:90:11:55:71:a7:06:26:be:
c7:d8:73:5c:d6:4c:b2:d7:05:be:44:ab:40:61:6c:
78:95:c4:88:ab:ac:fe:d6:bd:83:ea:44:33:c6:d8:
7a:80:0e:e8:6e:2e:a0:d9:8d:04:ac:0c:62:7a:c9:
49:e0:20:cd:77:62:1d:5f:30:d4:f1:1a:df:83:7a:
a6:32:c5:b3:0c:3e:ff:ac:94:41:37:a0:23:08:5b:
5c:08:a5:3e:80:7d:7b:4b:10:59:3a:80:1c:fa:16:
c8:02:18:ce:d5:9f:60:52:e0:b6:c6:5f:fa:1a:33:
35:ff:41:1e:ea:b7:3a:f4:b1:3d:46:97:bb:92:76:
8f:b6:52:94:e3:46:7d:df:c5:66:f2:ff:87:32:5c:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D1:40:FE:70:2A:36:BF:14:C4:C4:5B:0E:3C:F0:C7:3F:28:5F:22
X509v3 Authority Key Identifier:
keyid:1E:11:F8:A6:B2:83:B5:26:04:D9:32:A2:58:93:B8:64:04:12:1E:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhH4prKDtSYE2TKiWJO4ZAQSHos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/B9FA_nAqNr8UxMRbDjzwxz8oXyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/HhH4prKDtSYE2TKiWJO4ZAQSHos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.44.0/22
193.111.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:4c:35:ad:e6:6e:bf:b8:47:7b:10:db:f9:0f:f4:0b:01:43:
c8:6f:35:a5:9a:00:60:35:4c:1f:ed:23:b9:30:11:4b:6b:2b:
28:9f:cb:04:6d:f8:30:e0:12:68:bb:0f:af:88:55:f9:ba:61:
86:2d:f4:a1:7e:f6:e8:3d:31:8a:ab:2f:bd:bc:5b:e7:24:ba:
8d:ad:99:51:cf:05:bc:84:f2:b9:cf:c6:43:bf:be:ff:8d:60:
49:a3:4e:4d:40:97:a2:07:d5:d4:54:eb:3b:3f:59:45:3e:58:
48:f8:03:20:27:b8:88:1b:d0:7b:39:65:e9:6b:05:1e:10:dc:
af:69:94:f3:da:e0:30:ec:1f:95:f4:5f:3a:72:90:8c:d5:4d:
ac:25:1b:0b:10:f8:82:f5:78:50:05:33:da:8a:c9:c3:9a:ea:
93:b6:a4:22:b8:ef:df:48:0c:a5:73:54:72:72:6b:5a:e7:f7:
44:11:fb:b5:41:ac:37:a3:ba:87:3c:ab:a2:7f:d0:e6:fb:1c:
9c:4e:aa:99:43:ee:d5:16:f0:76:da:ed:d8:2a:e0:53:b6:65:
0a:05:4a:51:66:e5:90:8d:a8:09:83:7e:e2:c1:b6:9d:f9:63:
df:36:d2:1a:5e:52:63:4b:71:63:80:0c:84:6a:c8:0b:dc:67:
42:79:09:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsk5+2Zv9iCYhz0DFfqI/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTFmOGE2YjI4M2I1MjYwNGQ5MzJhMjU4OTNiODY0MDQx
MjFlOGIwHhcNMjMwMTAxMDkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QxNDBmZTcwMmEzNmJmMTRjNGM0NWIwZTNjZjBjNzNmMjg1ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+eQJqQwR4JD4M918I/3qiZDRLyl
0DhyjhJy0nvqIrx+VebESr0Dx8Vnf7JArpeabMiJlVP9G8MOjhF76+8iRRYfYhOy
tPfknHtoBdYxhOz/tTHvL+GQqrfmA0xkZbh2HuBiUJM1zZT1DRmzeZWnkBFVcacG
Jr7H2HNc1kyy1wW+RKtAYWx4lcSIq6z+1r2D6kQzxth6gA7obi6g2Y0ErAxieslJ
4CDNd2IdXzDU8Rrfg3qmMsWzDD7/rJRBN6AjCFtcCKU+gH17SxBZOoAc+hbIAhjO
1Z9gUuC2xl/6GjM1/0Ee6rc69LE9Rpe7knaPtlKU40Z938Vm8v+HMlyjEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAfRQP5wKja/FMTEWw488Mc/KF8iMB8GA1UdIwQY
MBaAFB4R+Kayg7UmBNkyoliTuGQEEh6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhINHByS0R0U1lFMlRLaVdKTzRaQVFTSG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jOWViNTUtZTU5My00Y2Q3LTg3MTQt
MWE1OTMxOTRjNzk4LzEvQjlGQV9uQXFOcjhVeE1SYkRqend4ejhvWHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jOWViNTUtZTU5My00Y2Q3LTg3MTQtMWE1OTMxOTRjNzk4
LzEvSGhINHByS0R0U1lFMlRLaVdKTzRaQVFTSG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+MsAwQC
wW/8MA0GCSqGSIb3DQEBCwUAA4IBAQCjTDWt5m6/uEd7ENv5D/QLAUPIbzWlmgBg
NUwf7SO5MBFLayson8sEbfgw4BJouw+viFX5umGGLfShfvboPTGKqy+9vFvnJLqN
rZlRzwW8hPK5z8ZDv77/jWBJo05NQJeiB9XUVOs7P1lFPlhI+AMgJ7iIG9B7OWXp
awUeENyvaZTz2uAw7B+V9F86cpCM1U2sJRsLEPiC9XhQBTPaisnDmuqTtqQiuO/f
SAylc1Rycmta5/dEEfu1Qaw3o7qHPKuif9Dm+xycTqqZQ+7VFvB22u3YKuBTtmUK
BUpRZuWQjagJg37iwbad+WPfNtIaXlJjS3FjgAyEasgL3GdCeQmG
-----END CERTIFICATE-----
Generated at Thu May 1 12:23:05 2025 by rpki-client