Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/d2yV7JrmQvZ0SpeR_6cAF64ZxVQ.roa
File: d2yV7JrmQvZ0SpeR_6cAF64ZxVQ.roa (raw, json)
Hash identifier: RHttYFg0/FAyK/Rh3+zUxrX24DNMKdrDjJSZBRKlobI=
Subject key identifier: 77:6C:95:EC:9A:E6:42:F6:74:4A:97:91:FF:A7:00:17:AE:19:C5:54
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 01856F82422D2C153E66DC1FA7A5DB173CA3
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/d2yV7JrmQvZ0SpeR_6cAF64ZxVQ.roa
Signing time: Sun 01 Jan 2023 22:44:45 +0000
ROA not before: Sun 01 Jan 2023 22:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47624
IP address blocks: 91.206.139.0/24 maxlen: 24
91.206.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:42:2d:2c:15:3e:66:dc:1f:a7:a5:db:17:3c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 1 22:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=776c95ec9ae642f6744a9791ffa70017ae19c554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1f:c9:70:a6:af:ad:c6:30:a4:2c:e5:9b:d5:
9f:9d:0e:7a:1b:28:32:fe:81:f0:f9:60:da:5e:66:
3d:43:3c:00:dd:0e:b3:c0:28:f1:c5:98:de:90:24:
07:96:a1:79:6e:ea:38:e5:e4:e1:07:4e:29:98:ef:
f4:0d:38:08:7c:1e:d2:69:ec:71:0f:82:62:82:55:
b8:d6:b8:f7:99:43:5c:aa:a6:bd:03:fe:c0:3e:92:
a5:23:a2:33:1e:74:99:82:2f:25:00:4a:66:c1:60:
67:b9:d5:c0:f1:42:f3:65:d3:d9:5e:0d:b1:c7:f9:
c2:e4:86:d7:c5:8d:7b:a7:d0:0c:51:51:a7:af:7d:
43:43:8c:aa:99:a8:fb:61:18:18:61:d3:2c:71:26:
23:99:ad:a1:c0:ab:9c:59:ff:6f:bb:3f:04:42:65:
a0:c7:40:9a:ad:aa:55:a5:e5:65:b6:65:e2:df:2e:
34:8b:dd:a8:bf:12:e1:80:67:16:6b:7f:e9:00:e0:
a2:f2:fe:dd:f3:e5:d5:5c:7c:53:61:ea:09:a2:eb:
e1:cd:b2:4d:b9:75:22:19:7d:e7:76:3f:ac:f0:b5:
02:27:3c:5a:28:37:7a:94:c0:df:42:ec:ac:f4:15:
4b:64:a8:e8:d5:8f:bf:fc:66:fe:74:89:97:a7:cf:
0f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6C:95:EC:9A:E6:42:F6:74:4A:97:91:FF:A7:00:17:AE:19:C5:54
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/d2yV7JrmQvZ0SpeR_6cAF64ZxVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.138.0/23
Signature Algorithm: sha256WithRSAEncryption
98:de:68:5c:98:af:6c:bc:a0:87:29:5f:ac:81:32:f7:5e:50:
64:53:62:6d:96:5b:51:db:13:1f:0b:2c:1f:a9:98:9c:53:3a:
5b:20:6b:c0:4b:1f:16:67:99:a0:fe:b8:6e:d8:66:94:e1:74:
dc:1e:57:bd:99:5b:ca:0f:a8:97:6a:7f:74:4f:bc:d6:3f:22:
9c:bf:c4:c3:4f:6a:da:f0:66:9d:b3:2f:fd:e3:31:1c:fb:20:
85:a9:7b:86:df:a6:ad:13:2b:81:47:e6:2a:8a:3d:21:5e:bf:
7a:cd:0a:d9:6d:18:5b:f1:69:f5:38:26:c7:16:d2:11:88:52:
23:15:9b:21:c5:a8:3f:c0:bd:2e:43:3f:21:10:c2:68:ec:03:
fd:ff:86:b1:b7:04:fb:12:ba:52:09:d2:e2:68:15:40:b7:a5:
5e:10:c5:b9:c5:6a:1e:5a:02:20:22:93:44:a8:87:b1:03:83:
ce:d4:2c:0c:de:98:05:51:30:0f:4a:f1:7a:6e:80:b3:8a:57:
25:27:42:60:99:37:9f:1b:5f:b1:0c:5d:b9:79:9d:04:c8:82:
8e:b4:a5:4e:73:9e:98:26:9d:18:0c:31:0e:22:d6:7f:ec:8a:
81:3c:31:e2:12:29:8b:4d:7c:e2:03:d5:e1:31:d2:1f:3b:96:
a5:2b:7c:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgkItLBU+Ztwfp6XbFzyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjMwMTAxMjI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZjOTVlYzlhZTY0MmY2NzQ0YTk3OTFmZmE3MDAxN2FlMTljNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR/JcKavrcYwpCzlm9WfnQ56Gygy
/oHw+WDaXmY9QzwA3Q6zwCjxxZjekCQHlqF5buo45eThB04pmO/0DTgIfB7Saexx
D4JiglW41rj3mUNcqqa9A/7APpKlI6IzHnSZgi8lAEpmwWBnudXA8ULzZdPZXg2x
x/nC5IbXxY17p9AMUVGnr31DQ4yqmaj7YRgYYdMscSYjma2hwKucWf9vuz8EQmWg
x0CarapVpeVltmXi3y40i92ovxLhgGcWa3/pAOCi8v7d8+XVXHxTYeoJouvhzbJN
uXUiGX3ndj+s8LUCJzxaKDd6lMDfQuys9BVLZKjo1Y+//Gb+dImXp88PhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdsleya5kL2dEqXkf+nABeuGcVUMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvZDJ5VjdKcm1RdlowU3BlUl82Y0FGNjRaeFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86KMA0G
CSqGSIb3DQEBCwUAA4IBAQCY3mhcmK9svKCHKV+sgTL3XlBkU2JtlltR2xMfCywf
qZicUzpbIGvASx8WZ5mg/rhu2GaU4XTcHle9mVvKD6iXan90T7zWPyKcv8TDT2ra
8Gadsy/94zEc+yCFqXuG36atEyuBR+Yqij0hXr96zQrZbRhb8Wn1OCbHFtIRiFIj
FZshxag/wL0uQz8hEMJo7AP9/4axtwT7ErpSCdLiaBVAt6VeEMW5xWoeWgIgIpNE
qIexA4PO1CwM3pgFUTAPSvF6boCzilclJ0JgmTefG1+xDF25eZ0EyIKOtKVOc56Y
Jp0YDDEOItZ/7IqBPDHiEimLTXziA9XhMdIfO5alK3zI
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:59:52 2025 by rpki-client