Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/KWiHeoMHyqeEVYUo3Z453FtjfLc.roa
File: KWiHeoMHyqeEVYUo3Z453FtjfLc.roa (raw, json)
Hash identifier: dvkfFlSqTAKk7jMfLBJpAfOtJ09SC13SwQdUEfxtsqs=
Subject key identifier: 29:68:87:7A:83:07:CA:A7:84:55:85:28:DD:9E:39:DC:5B:63:7C:B7
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0182F3ECB1AB0684C1AA00AD780CBDC5F1B8
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/KWiHeoMHyqeEVYUo3Z453FtjfLc.roa
Signing time: Wed 31 Aug 2022 12:42:31 +0000
ROA not before: Wed 31 Aug 2022 12:42:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42399
IP address blocks: 91.189.112.0/24 maxlen: 24
91.189.112.0/23 maxlen: 23
91.189.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f3:ec:b1:ab:06:84:c1:aa:00:ad:78:0c:bd:c5:f1:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Aug 31 12:42:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2968877a8307caa784558528dd9e39dc5b637cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:56:87:65:58:a4:a8:3d:34:e0:37:10:c0:3a:
99:e3:b0:62:1c:6c:d4:cd:77:ec:46:05:c2:c8:98:
91:a6:83:e7:63:ec:ae:6b:1d:a6:d6:34:da:8d:48:
cf:26:ba:5e:80:92:27:5f:f1:76:d3:fd:b7:1b:65:
d2:b5:37:4f:21:7c:6d:f0:81:4f:ed:92:b5:4d:d3:
50:a3:f1:36:01:73:73:91:c6:1a:8f:59:70:9f:db:
5b:7b:dd:16:2d:61:36:27:46:9d:50:38:5a:72:84:
6a:94:ad:d5:0f:4d:5b:69:dd:5c:da:f2:0e:3d:59:
30:06:95:01:6f:1e:9a:59:dc:71:2b:c7:fc:b9:1a:
d7:2d:2c:3a:12:c6:f0:cc:cf:92:5f:1d:90:4a:54:
bd:66:d3:0f:b6:f5:fc:c1:64:4e:8f:df:40:6c:f5:
3f:63:96:a1:29:70:6a:e2:59:f7:09:8f:98:3c:c5:
0a:9d:3e:00:23:51:45:37:2a:8f:5d:39:fa:69:37:
3d:ec:27:a4:3a:c0:77:e1:99:a6:66:ae:3f:14:5d:
eb:bf:4e:f4:fa:9f:27:93:eb:bd:a5:bd:5f:2f:79:
d7:ca:30:b4:06:7e:d6:86:8c:be:fb:77:11:fc:d5:
36:23:59:56:96:80:10:ff:be:03:3d:17:1f:b5:3a:
47:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:68:87:7A:83:07:CA:A7:84:55:85:28:DD:9E:39:DC:5B:63:7C:B7
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/KWiHeoMHyqeEVYUo3Z453FtjfLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.112.0/23
Signature Algorithm: sha256WithRSAEncryption
66:ec:51:cb:8c:9f:5a:62:78:08:d1:da:0f:b4:b8:e4:e0:18:
00:45:44:21:28:27:35:d4:e5:ab:ef:ed:3a:76:d8:26:19:bc:
1c:88:0c:ae:1a:48:05:e7:c9:b1:04:b9:c4:31:c8:13:71:fc:
b7:07:9f:ff:9e:8e:e6:ee:17:78:3b:50:a5:00:f2:f3:01:ea:
98:1c:b7:e0:9d:d9:5b:1c:6e:3f:30:99:f7:da:f6:f8:0c:c6:
2e:7e:da:df:47:50:ba:d0:1e:ff:2c:06:ce:8a:60:e8:42:39:
a0:21:72:9c:9c:c7:f5:ce:5d:b1:9a:2f:55:d6:c3:5d:0d:1b:
f1:ab:0f:cd:35:d8:51:3d:63:79:e6:70:a9:08:98:4c:84:ce:
14:9d:42:57:47:25:4e:35:19:75:aa:e7:73:ab:77:03:73:77:
58:13:12:75:af:ed:79:8f:43:f8:d7:d2:ea:1e:ec:54:5f:76:
12:80:4f:52:ea:b1:8f:ff:03:f0:04:74:f2:3b:50:92:38:90:
d9:42:10:59:13:22:2b:09:75:35:04:c0:72:8a:66:89:af:b3:
30:b0:5f:84:0f:ed:3f:b2:ad:ec:27:cb:79:eb:53:eb:24:d0:
77:e4:0b:dc:13:2d:b5:34:af:90:71:13:24:ba:0f:40:e3:73:
f0:c2:10:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLz7LGrBoTBqgCteAy9xfG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjIwODMxMTI0MjMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY4ODc3YTgzMDdjYWE3ODQ1NTg1MjhkZDllMzlkYzViNjM3Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlaHZVikqD004DcQwDqZ47BiHGzU
zXfsRgXCyJiRpoPnY+yuax2m1jTajUjPJrpegJInX/F20/23G2XStTdPIXxt8IFP
7ZK1TdNQo/E2AXNzkcYaj1lwn9tbe90WLWE2J0adUDhacoRqlK3VD01bad1c2vIO
PVkwBpUBbx6aWdxxK8f8uRrXLSw6EsbwzM+SXx2QSlS9ZtMPtvX8wWROj99AbPU/
Y5ahKXBq4ln3CY+YPMUKnT4AI1FFNyqPXTn6aTc97CekOsB34ZmmZq4/FF3rv070
+p8nk+u9pb1fL3nXyjC0Bn7Whoy++3cR/NU2I1lWloAQ/74DPRcftTpHiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCloh3qDB8qnhFWFKN2eOdxbY3y3MB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvS1dpSGVvTUh5cWVFVllVbzNaNDUzRnRqZkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW71wMA0G
CSqGSIb3DQEBCwUAA4IBAQBm7FHLjJ9aYngI0doPtLjk4BgARUQhKCc11OWr7+06
dtgmGbwciAyuGkgF58mxBLnEMcgTcfy3B5//no7m7hd4O1ClAPLzAeqYHLfgndlb
HG4/MJn32vb4DMYuftrfR1C60B7/LAbOimDoQjmgIXKcnMf1zl2xmi9V1sNdDRvx
qw/NNdhRPWN55nCpCJhMhM4UnUJXRyVONRl1qudzq3cDc3dYExJ1r+15j0P419Lq
HuxUX3YSgE9S6rGP/wPwBHTyO1CSOJDZQhBZEyIrCXU1BMByimaJr7MwsF+ED+0/
sq3sJ8t561PrJNB35AvcEy21NK+QcRMkug9A43PwwhC8
-----END CERTIFICATE-----
Generated at Sun May 11 21:58:19 2025 by rpki-client