Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/Q5U5jcna9zNu98NXuRJJocPALyA.roa
File: Q5U5jcna9zNu98NXuRJJocPALyA.roa (raw, json)
Hash identifier: SFiYFThgF8lLC7KT+yL9tNkyI99cNTjb+r8nZGBuL8o=
Subject key identifier: 43:95:39:8D:C9:DA:F7:33:6E:F7:C3:57:B9:12:49:A1:C3:C0:2F:20
Certificate issuer: /CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Certificate serial: 018B1E32500C913AEFF0837EDB9BD4386DE7
Authority key identifier: 8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/Q5U5jcna9zNu98NXuRJJocPALyA.roa
Signing time: Wed 11 Oct 2023 10:04:55 +0000
ROA not before: Wed 11 Oct 2023 10:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208949
IP address blocks: 91.200.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:32:50:0c:91:3a:ef:f0:83:7e:db:9b:d4:38:6d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Validity
Not Before: Oct 11 10:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4395398dc9daf7336ef7c357b91249a1c3c02f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d9:21:7a:b1:d2:f8:e5:48:5f:1e:e2:62:dd:
34:94:2b:20:73:22:e9:b2:9e:d1:c1:06:49:d7:ad:
ce:5b:4c:6a:69:9a:d4:5a:0d:77:0d:e7:76:0b:d9:
a7:6b:09:8f:1c:1f:94:e6:1c:c9:83:1c:93:46:4a:
44:c4:5c:e3:aa:7e:e5:29:0d:95:c1:10:c2:20:78:
36:3e:bd:92:ef:a2:06:82:06:25:03:d8:95:d1:d6:
c2:4c:6f:4d:26:c2:27:12:34:ce:a4:26:1a:78:bf:
5b:f1:31:44:c8:23:ee:8c:4d:bd:b8:bb:7f:d4:bb:
df:d0:a9:e3:ac:f0:7d:8e:8e:bb:27:e9:a9:32:f6:
a9:86:9e:fb:5b:94:d0:03:07:9b:43:f5:19:4c:43:
49:1b:8f:a7:82:80:f9:9f:a5:df:2e:e9:b0:ed:85:
d1:3d:f2:88:b6:bf:32:f6:ff:b3:53:46:cc:85:96:
65:b8:06:0e:80:3c:77:62:48:20:b0:34:64:f3:2d:
45:d3:a4:23:db:93:a3:27:eb:99:00:4b:7e:41:e2:
7a:2e:3a:12:a6:18:b2:f0:96:ab:d9:b4:e7:0f:ba:
f6:ac:16:4a:61:c3:d1:a8:78:87:cd:44:66:cf:b9:
28:7e:ad:c2:47:24:00:bd:56:c3:9e:b9:31:fe:fe:
d6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:95:39:8D:C9:DA:F7:33:6E:F7:C3:57:B9:12:49:A1:C3:C0:2F:20
X509v3 Authority Key Identifier:
keyid:8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/Q5U5jcna9zNu98NXuRJJocPALyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/imAkssJ6Z9_1tlTvoGv3v8EiJiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.57.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:92:a0:a8:7e:8b:e4:f5:da:5a:b6:72:27:b4:63:2c:66:de:
6e:44:fd:7e:2c:d2:0c:a5:ea:6d:eb:ca:8e:49:ba:19:e9:b1:
d5:9f:12:5f:85:10:78:0d:bd:5d:71:4b:e4:b8:52:4a:a3:8b:
5f:39:70:a5:b9:eb:52:f2:c5:68:bf:1c:2b:5e:f2:ca:8e:00:
4b:53:11:92:d0:50:59:50:61:23:1d:45:00:60:5d:e7:08:d0:
1e:9b:1d:a3:48:6c:6b:47:b7:61:95:9f:04:3f:e3:56:4b:25:
d9:b6:89:16:94:4a:9c:8c:57:dc:c7:23:5d:6a:e0:91:8a:2b:
7d:1f:23:9b:9e:31:39:35:14:a5:01:f0:4c:e7:f5:88:9c:74:
68:7a:bb:7f:d0:03:ac:05:fe:6b:49:20:3c:1c:bd:9c:55:f3:
24:75:cb:06:11:3f:08:35:ba:48:46:b6:df:73:c4:11:68:d0:
7e:8a:a9:a6:30:a5:b9:f8:ce:5a:33:42:50:67:7b:aa:b9:e3:
9b:dc:d3:8b:7c:26:c1:c5:ca:23:f1:bd:91:de:91:74:01:0b:
6d:23:8a:bd:e7:9d:cb:29:c9:61:ca:ca:e8:d2:23:74:5f:08:
cb:e1:ee:9a:c1:53:7e:c2:93:04:48:47:ce:2e:f4:fd:88:2b:
28:ed:c9:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYseMlAMkTrv8IN+25vUOG3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjAyNGIyYzI3YTY3ZGZmNWI2NTRlZmEwNmJmN2JmYzEy
MjI2MjUwHhcNMjMxMDExMTAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk1Mzk4ZGM5ZGFmNzMzNmVmN2MzNTdiOTEyNDlhMWMzYzAyZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9kherHS+OVIXx7iYt00lCsgcyLp
sp7RwQZJ163OW0xqaZrUWg13Ded2C9mnawmPHB+U5hzJgxyTRkpExFzjqn7lKQ2V
wRDCIHg2Pr2S76IGggYlA9iV0dbCTG9NJsInEjTOpCYaeL9b8TFEyCPujE29uLt/
1Lvf0KnjrPB9jo67J+mpMvaphp77W5TQAwebQ/UZTENJG4+ngoD5n6XfLumw7YXR
PfKItr8y9v+zU0bMhZZluAYOgDx3YkggsDRk8y1F06Qj25OjJ+uZAEt+QeJ6LjoS
phiy8Jar2bTnD7r2rBZKYcPRqHiHzURmz7kofq3CRyQAvVbDnrkx/v7WMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOVOY3J2vczbvfDV7kSSaHDwC8gMB8GA1UdIwQY
MBaAFIpgJLLCemff9bZU76Br97/BIiYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEt
MDhlOGYwY2JiODQwLzEvUTVVNWpjbmE5ek51OThOWHVSSkpvY1BBTHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEtMDhlOGYwY2JiODQw
LzEvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8g5MA0G
CSqGSIb3DQEBCwUAA4IBAQB9kqCofovk9dpatnIntGMsZt5uRP1+LNIMpept68qO
SboZ6bHVnxJfhRB4Db1dcUvkuFJKo4tfOXCluetS8sVovxwrXvLKjgBLUxGS0FBZ
UGEjHUUAYF3nCNAemx2jSGxrR7dhlZ8EP+NWSyXZtokWlEqcjFfcxyNdauCRiit9
HyObnjE5NRSlAfBM5/WInHRoert/0AOsBf5rSSA8HL2cVfMkdcsGET8INbpIRrbf
c8QRaNB+iqmmMKW5+M5aM0JQZ3uqueOb3NOLfCbBxcoj8b2R3pF0AQttI4q9553L
Kclhysro0iN0XwjL4e6awVN+wpMESEfOLvT9iCso7cml
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:46 2025 by rpki-client