Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/XaB7jGJ74sG68SzuvkUIwKZVnZk.roa
File: XaB7jGJ74sG68SzuvkUIwKZVnZk.roa (raw, json)
Hash identifier: Q2+Xvy/+wV4tKTvJzAKjwwO5FkOOp2d45TAQ7+HLBFc=
Subject key identifier: 5D:A0:7B:8C:62:7B:E2:C1:BA:F1:2C:EE:BE:45:08:C0:A6:55:9D:99
Certificate issuer: /CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Certificate serial: 018842EBBA7EDA612F5A5B72FA291E615EA5
Authority key identifier: 9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/XaB7jGJ74sG68SzuvkUIwKZVnZk.roa
Signing time: Mon 22 May 2023 10:05:24 +0000
ROA not before: Mon 22 May 2023 10:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42481
IP address blocks: 91.192.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:eb:ba:7e:da:61:2f:5a:5b:72:fa:29:1e:61:5e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Validity
Not Before: May 22 10:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5da07b8c627be2c1baf12ceebe4508c0a6559d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:1d:c1:11:8c:54:1d:a5:36:6e:31:04:f0:
60:89:66:fd:0d:31:79:86:1b:53:26:55:75:39:d8:
44:6f:39:89:cc:f5:e7:e7:09:96:f9:ff:39:0a:72:
1a:51:86:06:b8:98:b7:e1:ea:b4:83:8e:43:ed:b3:
dd:f4:e0:3e:45:01:e0:2c:79:5c:e2:b7:f1:12:f6:
76:e6:50:5b:82:dc:1e:55:78:c1:d6:8a:5d:e5:d2:
ac:69:79:67:fd:1c:19:99:18:15:9c:de:41:34:4a:
2d:a5:3e:68:c8:93:77:c3:c1:ec:3e:22:ba:57:79:
72:75:54:7f:d7:67:f7:c0:f0:3c:7d:82:61:4a:6d:
25:1b:e4:15:c0:27:36:75:68:c5:a8:7f:7f:cc:73:
18:4a:92:d7:30:0e:14:57:81:f2:5b:79:36:ed:ca:
22:56:27:9c:74:ca:1a:c7:2e:8e:60:4d:7b:e5:de:
cb:41:b6:07:ec:61:25:b3:2a:18:34:62:3e:ca:58:
a7:d2:79:e2:b1:82:e6:2e:c7:f9:12:90:41:d1:31:
b0:34:87:67:ee:db:d5:c3:1d:0b:71:68:d3:35:67:
f2:75:ef:ee:c2:02:b1:7f:c7:d2:24:28:e1:d2:05:
86:7b:19:b8:65:75:bf:18:2c:d0:59:a1:44:dd:ef:
2a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:7B:8C:62:7B:E2:C1:BA:F1:2C:EE:BE:45:08:C0:A6:55:9D:99
X509v3 Authority Key Identifier:
keyid:9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/XaB7jGJ74sG68SzuvkUIwKZVnZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.148.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:4c:c2:21:37:d3:ef:5e:e0:7f:be:23:98:c7:67:85:bf:fb:
d9:39:84:2b:63:ab:cb:30:0f:47:06:59:33:ea:a2:f7:72:f1:
14:1b:f4:de:77:f8:2f:77:d4:d0:7e:45:fd:7c:e6:1f:41:eb:
71:75:af:9e:42:a5:3d:18:9e:af:4f:8a:60:26:42:31:4a:cc:
69:be:ee:a0:09:29:0a:2b:c4:f5:12:cb:03:9a:49:a6:7c:58:
e3:18:22:ee:cf:90:72:12:5b:f4:13:82:25:6c:3a:a6:12:1f:
5e:80:11:5b:6e:e3:27:0c:5e:7e:97:53:46:43:22:2a:cc:97:
36:d2:6e:6e:a8:e9:b2:da:df:2b:9e:4c:f9:e9:5e:41:40:38:
eb:0d:32:48:ba:e9:e3:31:40:07:91:8b:6c:32:38:a6:d9:df:
87:02:98:85:8e:f1:2c:3c:61:41:29:d9:64:a0:f8:f6:58:64:
85:eb:9c:16:03:49:fb:79:45:7b:30:ba:50:3e:11:89:8e:23:
52:8b:13:3c:72:6c:f6:05:34:51:e1:b5:3d:7a:99:b2:c4:bb:
73:f0:11:f2:66:b9:86:cd:0a:66:2f:21:6a:ee:4b:66:6c:9e:
b8:9e:13:f1:d9:9b:be:c2:f5:58:45:4d:72:17:e2:c9:36:f2:
f3:e0:c3:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhC67p+2mEvWlty+ikeYV6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2I5YThjZDgxOWY0YTkyMDMzNGQ3ZTcyZWMyMzQwODcw
ZDc3NDkwHhcNMjMwNTIyMTAwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGEwN2I4YzYyN2JlMmMxYmFmMTJjZWViZTQ1MDhjMGE2NTU5ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC8dwRGMVB2lNm4xBPBgiWb9DTF5
hhtTJlV1OdhEbzmJzPXn5wmW+f85CnIaUYYGuJi34eq0g45D7bPd9OA+RQHgLHlc
4rfxEvZ25lBbgtweVXjB1opd5dKsaXln/RwZmRgVnN5BNEotpT5oyJN3w8HsPiK6
V3lydVR/12f3wPA8fYJhSm0lG+QVwCc2dWjFqH9/zHMYSpLXMA4UV4HyW3k27coi
ViecdMoaxy6OYE175d7LQbYH7GElsyoYNGI+ylin0nnisYLmLsf5EpBB0TGwNIdn
7tvVwx0LcWjTNWfyde/uwgKxf8fSJCjh0gWGexm4ZXW/GCzQWaFE3e8qKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2ge4xie+LBuvEs7r5FCMCmVZ2ZMB8GA1UdIwQY
MBaAFJp7mozYGfSpIDNNfnLsI0CHDXdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYt
MjFmYWYxNDRjYjYyLzEvWGFCN2pHSjc0c0c2OFN6dXZrVUl3S1pWblprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYtMjFmYWYxNDRjYjYy
LzEvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8CUMA0G
CSqGSIb3DQEBCwUAA4IBAQCdTMIhN9PvXuB/viOYx2eFv/vZOYQrY6vLMA9HBlkz
6qL3cvEUG/Ted/gvd9TQfkX9fOYfQetxda+eQqU9GJ6vT4pgJkIxSsxpvu6gCSkK
K8T1EssDmkmmfFjjGCLuz5ByElv0E4IlbDqmEh9egBFbbuMnDF5+l1NGQyIqzJc2
0m5uqOmy2t8rnkz56V5BQDjrDTJIuunjMUAHkYtsMjim2d+HApiFjvEsPGFBKdlk
oPj2WGSF65wWA0n7eUV7MLpQPhGJjiNSixM8cmz2BTRR4bU9epmyxLtz8BHyZrmG
zQpmLyFq7ktmbJ64nhPx2Zu+wvVYRU1yF+LJNvLz4MOe
-----END CERTIFICATE-----
Generated at Wed May 14 09:21:44 2025 by rpki-client