Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/_QxAebH4_iM7T9zK67KdpmiVH0A.roa
File: _QxAebH4_iM7T9zK67KdpmiVH0A.roa (raw, json)
Hash identifier: b75RmpbFUmaOq81kTGZqa5wqC0TRHvbKAbU4Ba+3h1Y=
Subject key identifier: FD:0C:40:79:B1:F8:FE:23:3B:4F:DC:CA:EB:B2:9D:A6:68:95:1F:40
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0707EF12
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/_QxAebH4_iM7T9zK67KdpmiVH0A.roa
Signing time: Thu 31 Mar 2022 17:22:57 +0000
ROA not before: Thu 31 Mar 2022 17:22:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21100
IP address blocks: 91.90.192.0/24 maxlen: 24
91.223.123.0/24 maxlen: 24
185.198.164.0/22 maxlen: 22
195.245.112.0/23 maxlen: 23
2001:67c:2f5c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117960466 (0x707ef12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Mar 31 17:22:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd0c4079b1f8fe233b4fdccaebb29da668951f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:33:67:98:fb:f4:82:57:ea:00:b2:0a:3d:2e:
32:db:09:f8:6d:f1:1b:f9:cb:6c:c6:8c:72:47:e1:
8a:86:b2:86:5a:e4:d8:fb:2f:58:e8:b6:83:0a:7c:
d3:a0:a6:02:7c:3f:35:1b:80:4f:57:06:d3:55:a9:
60:d2:71:32:77:79:ea:f8:ec:6e:07:7c:76:d1:79:
e4:3d:56:5d:71:d9:0b:8e:15:f1:3b:9e:4d:e8:de:
ef:f9:63:fd:1b:27:f6:f7:a4:ec:55:83:6e:91:03:
27:0a:3f:c3:7e:ee:1e:de:2d:06:bc:60:34:35:44:
01:86:24:ac:7a:38:41:82:9b:7d:a6:2f:6b:4b:9a:
bf:20:1e:38:25:61:15:8b:82:d2:1f:ea:25:17:f2:
31:fd:40:1a:fe:ca:f3:1c:da:76:6a:3f:c5:0b:a4:
63:50:eb:8b:42:da:95:fa:70:f5:af:29:a4:f4:cf:
b7:35:18:5f:44:dc:68:fd:e8:56:e7:de:e6:9b:ea:
7f:a5:36:3f:1a:7b:a8:ee:b9:17:a6:10:f2:69:0b:
00:a0:5c:e5:73:2e:fe:82:ce:f7:fc:8b:40:ba:9a:
81:35:41:ab:44:d7:a0:8f:1f:21:5e:97:75:90:4f:
ae:83:a9:0e:d6:b0:34:c6:4f:a6:cf:b2:32:23:fc:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0C:40:79:B1:F8:FE:23:3B:4F:DC:CA:EB:B2:9D:A6:68:95:1F:40
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/_QxAebH4_iM7T9zK67KdpmiVH0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.192.0/24
91.223.123.0/24
185.198.164.0/22
195.245.112.0/23
IPv6:
2001:67c:2f5c::/48
Signature Algorithm: sha256WithRSAEncryption
30:cb:5c:53:1a:d2:38:5c:a0:45:04:8e:65:2c:84:5d:b2:95:
98:cc:31:34:06:a5:63:c4:e7:96:25:b0:ca:9d:2c:bd:c1:d1:
cd:15:95:cc:6a:60:5b:99:d5:bf:d2:12:de:5e:55:d9:85:54:
18:33:4b:ee:5b:33:bd:d2:c7:79:a1:a8:ba:f4:ed:89:67:26:
7f:61:06:b4:f7:5e:8d:e1:99:41:4f:6b:cf:ef:d2:d3:0e:1e:
76:01:6c:9d:69:ea:c0:d7:fd:11:4a:1f:21:9f:75:e5:0b:be:
46:72:2e:0f:7a:8f:26:3a:4d:33:9f:e2:f2:a1:e1:8e:9a:e0:
72:43:e7:fd:d6:c5:ba:a8:e3:bd:0a:a4:01:ea:75:0d:41:33:
17:3b:7b:10:a1:6b:b3:19:3b:e5:41:69:dc:1c:fd:29:36:6f:
e4:3a:2a:04:a7:90:7a:fa:bb:2f:49:20:62:d3:fa:0c:81:52:
a9:a4:0c:df:53:8f:56:96:6b:07:a4:7e:56:6f:4b:e2:8b:fe:
7b:4e:0d:4f:20:44:c6:68:88:cc:c1:57:c4:98:c5:4a:af:2a:
25:ca:1d:39:0b:58:67:0a:a3:35:8c:c4:80:54:cc:42:88:cb:
ac:5c:50:65:6b:a0:16:aa:d6:94:fb:e7:a4:b1:7f:99:37:79:
7c:dd:64:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBwfvEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZmNjZGZmZGE2YTRjNDg5MTRiNWU4Y2RlN2RhNWQ4MjBiOWM5NzE4MB4XDTIyMDMz
MTE3MjI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQwYzQwNzliMWY4
ZmUyMzNiNGZkY2NhZWJiMjlkYTY2ODk1MWY0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAzZ5j79IJX6gCyCj0uMtsJ+G3xG/nLbMaMckfhioayhlrk
2PsvWOi2gwp806CmAnw/NRuAT1cG01WpYNJxMnd56vjsbgd8dtF55D1WXXHZC44V
8TueTeje7/lj/Rsn9vek7FWDbpEDJwo/w37uHt4tBrxgNDVEAYYkrHo4QYKbfaYv
a0uavyAeOCVhFYuC0h/qJRfyMf1AGv7K8xzadmo/xQukY1Dri0Lalfpw9a8ppPTP
tzUYX0TcaP3oVufe5pvqf6U2Pxp7qO65F6YQ8mkLAKBc5XMu/oLO9/yLQLqagTVB
q0TXoI8fIV6XdZBProOpDtawNMZPps+yMiP8/dsCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBT9DEB5sfj+IztP3Mrrsp2maJUfQDAfBgNVHSMEGDAWgBRvzN/9pqTEiRS1
6M3n2l2CC5yXGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I4emZfYWFreElrVXRlak41OXBkZ2d1Y2x4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvY2IwMTUzLTgwM2EtNGJiNi1iMTlkLWE3NzRlNDFkMjY0Yy8x
L19ReEFlYkg0X2lNN1Q5eks2N0tkcG1pVkgwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
Y2IwMTUzLTgwM2EtNGJiNi1iMTlkLWE3NzRlNDFkMjY0Yy8xL2I4emZfYWFreElr
VXRlak41OXBkZ2d1Y2x4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAFtawAMEAFvfewMEArnGpAMEAcP1
cDAPBAIAAjAJAwcAIAEGfC9cMA0GCSqGSIb3DQEBCwUAA4IBAQAwy1xTGtI4XKBF
BI5lLIRdspWYzDE0BqVjxOeWJbDKnSy9wdHNFZXMamBbmdW/0hLeXlXZhVQYM0vu
WzO90sd5oai69O2JZyZ/YQa0916N4ZlBT2vP79LTDh52AWydaerA1/0RSh8hn3Xl
C75Gci4Peo8mOk0zn+LyoeGOmuByQ+f91sW6qOO9CqQB6nUNQTMXO3sQoWuzGTvl
QWncHP0pNm/kOioEp5B6+rsvSSBi0/oMgVKppAzfU49WlmsHpH5Wb0vii/57Tg1P
IETGaIjMwVfEmMVKryolyh05C1hnCqM1jMSAVMxCiMusXFBla6AWqtaU++eksX+Z
N3l83WSP
-----END CERTIFICATE-----
Generated at Mon May 12 06:41:07 2025 by rpki-client