Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/ZIi6j_-sonYP6DanWQNtm4xYCus.roa
File: ZIi6j_-sonYP6DanWQNtm4xYCus.roa (raw, json)
Hash identifier: lUKaeKcH0qgcx4EOEM2UFSmBzAsf5FOVVJLQYLByDnw=
Subject key identifier: 64:88:BA:8F:FF:AC:A2:76:0F:E8:36:A7:59:03:6D:9B:8C:58:0A:EB
Certificate issuer: /CN=f341cfec38131f83ae3df6998fa02837585c91dd
Certificate serial: 0EDD98B2
Authority key identifier: F3:41:CF:EC:38:13:1F:83:AE:3D:F6:99:8F:A0:28:37:58:5C:91:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80HP7DgTH4OuPfaZj6AoN1hckd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/ZIi6j_-sonYP6DanWQNtm4xYCus.roa
Signing time: Sat 01 Jan 2022 02:55:40 +0000
ROA not before: Sat 01 Jan 2022 02:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205530
IP address blocks: 91.214.252.0/24 maxlen: 32
91.214.254.0/24 maxlen: 24
91.214.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249403570 (0xedd98b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f341cfec38131f83ae3df6998fa02837585c91dd
Validity
Not Before: Jan 1 02:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6488ba8fffaca2760fe836a759036d9b8c580aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:42:a4:10:d5:f2:b3:8e:12:02:83:fc:80:75:
bd:7b:20:7e:6f:b1:b4:d9:0c:e4:37:7d:58:e4:5f:
7d:fd:5d:34:16:bf:c4:7a:e3:30:e2:be:d7:d3:a9:
c0:a6:96:29:4d:cb:f4:f7:14:ff:f7:5c:94:ed:56:
d6:7f:e0:9c:af:13:8a:98:72:0f:b9:a4:87:0e:42:
83:5f:95:46:d2:47:c8:29:33:84:c6:8d:61:38:ef:
4c:15:42:b1:2d:b6:ce:79:ff:48:f5:bd:fb:46:b3:
da:ca:23:86:a8:1c:9f:0e:8c:42:6a:51:e6:40:ea:
3a:32:f9:84:35:8d:31:21:ca:70:64:be:57:3c:72:
86:60:d0:9f:3b:b8:6d:2f:82:0e:0d:dd:1c:37:c4:
b3:8b:8b:6c:3e:57:fe:62:03:ca:f0:78:e6:64:dd:
78:84:93:50:de:c5:4a:47:92:93:60:6e:e4:e1:24:
a2:5b:48:67:de:37:ed:4a:9d:00:17:64:a8:a1:8f:
28:f8:06:b4:27:00:64:a2:90:f6:63:69:df:19:69:
68:ea:e4:eb:89:fc:a7:49:37:65:29:86:c4:8f:38:
63:79:5e:39:f8:52:59:c8:96:77:56:5d:be:42:f9:
7d:d0:1f:eb:2e:fb:2b:95:4d:54:1f:50:7c:10:25:
b4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:88:BA:8F:FF:AC:A2:76:0F:E8:36:A7:59:03:6D:9B:8C:58:0A:EB
X509v3 Authority Key Identifier:
keyid:F3:41:CF:EC:38:13:1F:83:AE:3D:F6:99:8F:A0:28:37:58:5C:91:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80HP7DgTH4OuPfaZj6AoN1hckd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/ZIi6j_-sonYP6DanWQNtm4xYCus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/80HP7DgTH4OuPfaZj6AoN1hckd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.252.0/24
91.214.254.0/23
Signature Algorithm: sha256WithRSAEncryption
50:06:7f:59:cd:83:a9:3e:35:09:fc:bc:e1:2f:3f:b5:c3:be:
e0:38:db:72:3e:64:db:8b:b6:a9:db:d9:3d:3b:60:4f:d6:9b:
c3:9f:be:d6:d6:df:6c:a5:16:48:16:a5:b1:db:a8:bc:3b:5c:
2e:df:14:f8:82:b9:95:e8:7f:5f:94:f4:08:71:05:58:b4:5f:
ac:de:49:dd:89:9d:6a:6c:92:cd:68:73:c2:df:b2:ef:ac:6f:
da:f2:0e:46:6a:a4:96:66:35:dd:0c:ce:5f:d2:09:61:c7:93:
4b:5e:77:d1:99:f1:7a:d5:3b:d6:7f:5c:c1:c7:75:73:f1:a6:
2c:69:e2:95:4f:82:61:14:bb:31:98:42:be:a8:41:28:36:10:
94:c8:26:41:c7:3a:ac:c1:54:c9:5d:68:2f:16:fd:d2:9e:5a:
22:d7:f0:19:f2:cf:c3:28:ae:72:e8:92:ee:47:a1:8a:d3:87:
3b:3c:20:52:34:f5:1b:1f:08:45:22:05:94:2d:8c:34:92:b2:
1e:62:2e:35:a8:e7:79:47:d2:24:2a:fc:fd:32:71:63:35:df:
16:b8:1c:5e:9e:03:3f:e2:06:41:a8:33:b6:5b:02:c3:65:7e:
98:60:fc:e3:68:e3:fb:97:9c:18:6d:97:3c:7f:3e:7f:ec:5e:
9b:14:35:21
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDt2YsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MzQxY2ZlYzM4MTMxZjgzYWUzZGY2OTk4ZmEwMjgzNzU4NWM5MWRkMB4XDTIyMDEw
MTAyNTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ4OGJhOGZmZmFj
YTI3NjBmZTgzNmE3NTkwMzZkOWI4YzU4MGFlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP5CpBDV8rOOEgKD/IB1vXsgfm+xtNkM5Dd9WORfff1dNBa/
xHrjMOK+19OpwKaWKU3L9PcU//dclO1W1n/gnK8TiphyD7mkhw5Cg1+VRtJHyCkz
hMaNYTjvTBVCsS22znn/SPW9+0az2sojhqgcnw6MQmpR5kDqOjL5hDWNMSHKcGS+
VzxyhmDQnzu4bS+CDg3dHDfEs4uLbD5X/mIDyvB45mTdeISTUN7FSkeSk2Bu5OEk
oltIZ9437UqdABdkqKGPKPgGtCcAZKKQ9mNp3xlpaOrk64n8p0k3ZSmGxI84Y3le
OfhSWciWd1ZdvkL5fdAf6y77K5VNVB9QfBAltAcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRkiLqP/6yidg/oNqdZA22bjFgK6zAfBgNVHSMEGDAWgBTzQc/sOBMfg649
9pmPoCg3WFyR3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzgwSFA3RGdUSDRPdVBmYVpqNkFvTjFoY2tkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvMjJmODUxLTc3ZWUtNGQ2NC1hOTVlLTA5YWZiN2Q2ZmIxNi8x
L1pJaTZqXy1zb25ZUDZEYW5XUU50bTR4WUN1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
MjJmODUxLTc3ZWUtNGQ2NC1hOTVlLTA5YWZiN2Q2ZmIxNi8xLzgwSFA3RGdUSDRP
dVBmYVpqNkFvTjFoY2tkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvW/AMEAVvW/jANBgkqhkiG9w0B
AQsFAAOCAQEAUAZ/Wc2DqT41Cfy84S8/tcO+4Djbcj5k24u2qdvZPTtgT9abw5++
1tbfbKUWSBalsduovDtcLt8U+IK5leh/X5T0CHEFWLRfrN5J3YmdamySzWhzwt+y
76xv2vIORmqklmY13QzOX9IJYceTS1530ZnxetU71n9cwcd1c/GmLGnilU+CYRS7
MZhCvqhBKDYQlMgmQcc6rMFUyV1oLxb90p5aItfwGfLPwyiucuiS7kehitOHOzwg
UjT1Gx8IRSIFlC2MNJKyHmIuNajneUfSJCr8/TJxYzXfFrgcXp4DP+IGQagztlsC
w2V+mGD842jj+5ecGG2XPH8+f+xemxQ1IQ==
-----END CERTIFICATE-----
Generated at Thu May 8 01:18:11 2025 by rpki-client