Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/isNsqUfGWu4-ywPq-ZX-o4i1AhU.roa
File: isNsqUfGWu4-ywPq-ZX-o4i1AhU.roa (raw, json)
Hash identifier: PEdsjvO15cge6BqbbjTWH2O6yqcVdtVr+BhyQNvU1PI=
Subject key identifier: 8A:C3:6C:A9:47:C6:5A:EE:3E:CB:03:EA:F9:95:FE:A3:88:B5:02:15
Certificate issuer: /CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Certificate serial: 05A0AAE3
Authority key identifier: 80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/isNsqUfGWu4-ywPq-ZX-o4i1AhU.roa
Signing time: Sat 01 Jan 2022 08:02:06 +0000
ROA not before: Sat 01 Jan 2022 08:02:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210078
IP address blocks: 91.247.125.0/24 maxlen: 24
91.247.122.0/24 maxlen: 24
91.247.120.0/23 maxlen: 23
109.200.136.0/22 maxlen: 22
109.200.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94415587 (0x5a0aae3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Validity
Not Before: Jan 1 08:02:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ac36ca947c65aee3ecb03eaf995fea388b50215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:be:5f:e9:ef:1e:73:26:aa:97:b3:95:23:82:
df:9e:bb:e5:ba:9d:57:49:21:ec:4e:a6:67:6e:5f:
aa:08:bd:07:52:86:f8:bd:9f:c6:85:75:53:fc:9a:
f9:ca:88:38:43:64:a1:03:f5:1d:3e:a0:35:78:52:
42:76:fa:1d:13:c6:c3:05:83:42:08:fb:59:eb:54:
56:de:13:20:f8:ce:6a:6b:02:a1:d4:2a:82:68:23:
90:08:0d:0a:3d:26:b3:c9:c3:7d:5c:d5:80:fd:3d:
9b:51:d5:0d:4d:d2:e0:a3:e1:32:12:31:6f:3b:99:
d7:f6:2e:f3:8b:8f:3c:69:e5:29:9b:ac:1b:97:36:
a7:3b:26:78:57:15:8b:9f:1f:31:4f:13:ee:6c:47:
c4:c6:b6:25:8a:bb:2c:0d:b0:aa:03:38:49:96:cf:
2f:50:30:64:5e:bf:5e:4b:ca:29:f8:31:04:5c:a9:
05:db:87:26:61:18:bb:41:2c:44:28:82:66:4b:af:
fb:8d:a1:de:e4:a3:82:22:d4:a5:68:f0:f2:b9:af:
47:7d:3e:89:76:76:89:00:f4:e4:8e:23:4c:df:2f:
d0:ba:2e:d6:13:d8:91:d0:44:91:de:e1:bd:1a:c4:
5d:ed:b9:be:0b:a6:38:c2:d6:5f:71:d0:fc:a7:ed:
e6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C3:6C:A9:47:C6:5A:EE:3E:CB:03:EA:F9:95:FE:A3:88:B5:02:15
X509v3 Authority Key Identifier:
keyid:80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/isNsqUfGWu4-ywPq-ZX-o4i1AhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.120.0-91.247.122.255
91.247.125.0/24
109.200.136.0-109.200.141.255
Signature Algorithm: sha256WithRSAEncryption
90:55:c6:f6:6c:7b:8d:0c:17:d2:0c:be:18:cb:3a:74:81:06:
e5:65:3e:5f:7a:da:82:95:87:5f:a0:88:68:0d:30:95:82:6d:
f9:21:82:53:b3:d6:7d:a4:e4:90:ce:1b:29:39:95:70:ee:08:
7c:c7:31:44:93:e2:6f:d0:0a:e6:10:60:30:0a:b1:37:22:dd:
6b:94:54:4f:96:e9:0f:7b:6c:a0:84:74:e5:a5:a8:d9:c7:23:
14:97:b8:99:f9:ec:46:86:5b:82:aa:bd:60:bd:af:f7:3d:ed:
b4:e3:e6:40:a0:0d:ae:ef:92:70:6d:cb:24:7e:94:50:2a:70:
b7:cb:4d:aa:69:d5:35:8b:5a:95:4a:76:25:26:9d:12:14:29:
81:dc:87:ad:5c:21:dd:12:67:08:34:e6:e5:58:39:ab:27:6a:
91:f8:3e:d1:d2:da:5d:62:07:a8:84:53:18:f9:b5:31:32:d3:
ed:43:b6:f0:bb:7b:26:dd:92:29:eb:de:7a:ab:ed:81:43:ac:
86:57:72:7f:46:d9:88:cb:a5:a8:65:f6:8d:98:25:24:b6:41:
ba:24:75:fc:52:32:bb:df:5b:c9:ae:f8:a1:3e:2d:79:df:c3:
02:ef:87:33:79:d7:fd:6f:78:5b:3f:f1:42:24:ed:07:a3:0d:
03:5f:95:40
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBaCq4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDhlMjM4ZTMwZGNiNzU5NzU5ZmI4YTM5NGQ5ZTIxMWEyOGI5ZDg3MB4XDTIyMDEw
MTA4MDIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFjMzZjYTk0N2M2
NWFlZTNlY2IwM2VhZjk5NWZlYTM4OGI1MDIxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO+X+nvHnMmqpezlSOC35675bqdV0kh7E6mZ25fqgi9B1KG
+L2fxoV1U/ya+cqIOENkoQP1HT6gNXhSQnb6HRPGwwWDQgj7WetUVt4TIPjOamsC
odQqgmgjkAgNCj0ms8nDfVzVgP09m1HVDU3S4KPhMhIxbzuZ1/Yu84uPPGnlKZus
G5c2pzsmeFcVi58fMU8T7mxHxMa2JYq7LA2wqgM4SZbPL1AwZF6/XkvKKfgxBFyp
BduHJmEYu0EsRCiCZkuv+42h3uSjgiLUpWjw8rmvR30+iXZ2iQD05I4jTN8v0Lou
1hPYkdBEkd7hvRrEXe25vgumOMLWX3HQ/Kft5tkCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSKw2ypR8Za7j7LA+r5lf6jiLUCFTAfBgNVHSMEGDAWgBSAjiOOMNy3WXWf
uKOU2eIRooudhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dJNGpqakRjdDFsMW43aWpsTm5pRWFLTG5ZYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvN2IyY2Q2LWIxZjMtNDNmYy05ZjA5LWNkOTc0MDQyNjQ5Zi8x
L2lzTnNxVWZHV3U0LXl3UHEtWlgtbzRpMUFoVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
N2IyY2Q2LWIxZjMtNDNmYy05ZjA5LWNkOTc0MDQyNjQ5Zi8xL2dJNGpqakRjdDFs
MW43aWpsTm5pRWFLTG5ZYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQDW/d4AwQAW/d6AwQAW/d9MAwD
BANtyIgDBAFtyIwwDQYJKoZIhvcNAQELBQADggEBAJBVxvZse40MF9IMvhjLOnSB
BuVlPl962oKVh1+giGgNMJWCbfkhglOz1n2k5JDOGyk5lXDuCHzHMUST4m/QCuYQ
YDAKsTci3WuUVE+W6Q97bKCEdOWlqNnHIxSXuJn57EaGW4KqvWC9r/c97bTj5kCg
Da7vknBtyyR+lFAqcLfLTapp1TWLWpVKdiUmnRIUKYHch61cId0SZwg05uVYOasn
apH4PtHS2l1iB6iEUxj5tTEy0+1DtvC7eybdkinr3nqr7YFDrIZXcn9G2YjLpahl
9o2YJSS2QbokdfxSMrvfW8mu+KE+LXnfwwLvhzN51/1veFs/8UIk7QejDQNflUA=
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:46:47 2025 by rpki-client