Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/X4s6WHPXGn72o66Si6DoVhFgvNc.roa
File: X4s6WHPXGn72o66Si6DoVhFgvNc.roa (raw, json)
Hash identifier: n2oWOhNt+1k76A41uIcczK9IWcLI92VitlmT4cFd0vA=
Subject key identifier: 5F:8B:3A:58:73:D7:1A:7E:F6:A3:AE:92:8B:A0:E8:56:11:60:BC:D7
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C8C8FCBD147F57C26F23F3E668558F2
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/X4s6WHPXGn72o66Si6DoVhFgvNc.roa
Signing time: Mon 28 Aug 2023 14:29:19 +0000
ROA not before: Mon 28 Aug 2023 14:29:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201909
IP address blocks: 91.219.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:8c:8f:cb:d1:47:f5:7c:26:f2:3f:3e:66:85:58:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:29:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f8b3a5873d71a7ef6a3ae928ba0e8561160bcd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:36:fb:de:99:0b:b9:6c:29:6d:ef:1f:8b:
a3:d0:70:ad:7b:89:1e:18:32:81:e8:f6:72:11:49:
80:5f:c1:c9:17:65:27:de:4b:5e:64:41:42:0f:d2:
f4:27:b0:df:c0:b1:4e:37:39:e8:92:3c:d6:1d:5f:
85:8b:89:fd:a9:f7:39:24:35:06:e2:97:88:c5:b9:
55:ef:ef:a3:7d:ee:b6:ba:d5:6e:e9:c3:c2:e2:0e:
41:32:92:df:15:6a:92:3b:70:25:e3:db:b1:ea:a7:
24:47:09:4f:8c:b1:c0:a7:fc:c2:f9:0c:02:00:db:
d9:bd:11:36:d6:e3:67:e5:4a:4d:44:df:30:83:6b:
13:7d:8e:94:67:b2:dd:9d:d9:63:35:a6:0f:f3:81:
76:69:66:35:06:4f:e4:06:b6:9f:8a:e2:bb:09:89:
43:2a:cb:74:3e:91:89:48:0e:db:8e:50:65:09:59:
b2:b5:da:ef:df:a0:18:1e:ea:b6:50:8c:a0:a4:cb:
91:bc:b4:ee:a3:4c:6d:ef:74:00:f6:e5:b1:84:ee:
83:70:c8:06:b0:d4:27:ee:f4:a2:5b:ca:c5:4c:60:
52:4a:67:17:c6:1a:14:dc:b9:7e:4f:49:8d:39:e7:
a3:f2:dc:db:b0:d1:af:23:9f:e8:b4:f7:16:46:33:
16:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8B:3A:58:73:D7:1A:7E:F6:A3:AE:92:8B:A0:E8:56:11:60:BC:D7
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/X4s6WHPXGn72o66Si6DoVhFgvNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.16.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f0:24:17:d8:f1:59:c2:70:bb:8d:a6:ca:1d:63:d5:f7:f7:
5d:9a:66:50:5f:8d:35:65:dd:3e:28:ee:d3:07:e5:5c:31:a3:
20:89:f1:f9:1d:f6:46:60:64:9f:e7:b6:1a:7a:cc:b4:68:f9:
19:52:fb:93:61:50:7f:17:f2:70:38:51:17:aa:36:07:52:35:
89:ab:db:a1:55:eb:51:9d:a1:d3:12:99:0e:82:19:04:01:b8:
36:91:f0:70:bb:a4:c7:74:66:f0:72:5d:46:87:cf:df:db:bb:
3d:d3:d4:9e:de:f5:a9:1b:bd:55:b3:d4:27:10:7e:d2:44:31:
28:e9:6e:3e:03:f7:e8:65:06:00:de:f6:0a:b0:a6:8b:b6:72:
39:82:26:e7:55:9d:f0:8c:20:13:61:d6:72:4b:11:99:6c:d4:
6c:73:44:c7:13:65:84:ef:a2:be:86:d4:d0:85:13:1f:b0:03:
b0:87:ef:79:25:d7:de:41:a8:b7:14:5d:39:6d:77:e4:92:78:
eb:91:20:43:4f:5c:30:73:69:af:0d:3b:4a:00:ec:f5:bf:e0:
1a:d1:35:48:67:0d:88:eb:59:8d:e6:d0:b6:c3:da:bc:8e:6e:
f8:b6:51:e6:ca:22:89:13:2f:c7:66:39:8e:b0:a7:d8:bf:a5:
a6:3d:4e:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8jI/L0Uf1fCbyPz5mhVjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQyOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhiM2E1ODczZDcxYTdlZjZhM2FlOTI4YmEwZTg1NjExNjBiY2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt542+96ZC7lsKW3vH4uj0HCte4ke
GDKB6PZyEUmAX8HJF2Un3kteZEFCD9L0J7DfwLFONznokjzWHV+Fi4n9qfc5JDUG
4peIxblV7++jfe62utVu6cPC4g5BMpLfFWqSO3Al49ux6qckRwlPjLHAp/zC+QwC
ANvZvRE21uNn5UpNRN8wg2sTfY6UZ7LdndljNaYP84F2aWY1Bk/kBrafiuK7CYlD
Kst0PpGJSA7bjlBlCVmytdrv36AYHuq2UIygpMuRvLTuo0xt73QA9uWxhO6DcMgG
sNQn7vSiW8rFTGBSSmcXxhoU3Ll+T0mNOeej8tzbsNGvI5/otPcWRjMWGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+LOlhz1xp+9qOukoug6FYRYLzXMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvWDRzNldIUFhHbjcybzY2U2k2RG9WaEZndk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9sQMA0G
CSqGSIb3DQEBCwUAA4IBAQB68CQX2PFZwnC7jabKHWPV9/ddmmZQX401Zd0+KO7T
B+VcMaMgifH5HfZGYGSf57Yaesy0aPkZUvuTYVB/F/JwOFEXqjYHUjWJq9uhVetR
naHTEpkOghkEAbg2kfBwu6THdGbwcl1Gh8/f27s909Se3vWpG71Vs9QnEH7SRDEo
6W4+A/foZQYA3vYKsKaLtnI5gibnVZ3wjCATYdZySxGZbNRsc0THE2WE76K+htTQ
hRMfsAOwh+95JdfeQai3FF05bXfkknjrkSBDT1wwc2mvDTtKAOz1v+Aa0TVIZw2I
61mN5tC2w9q8jm74tlHmyiKJEy/HZjmOsKfYv6WmPU6B
-----END CERTIFICATE-----
Generated at Mon May 12 22:00:20 2025 by rpki-client