Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/PNvfl2YI_dVBeRtIutm0Wckjqao.roa
File: PNvfl2YI_dVBeRtIutm0Wckjqao.roa (raw, json)
Hash identifier: xUfhJOOJTdXGpfU3WWo9K85mlujIJ7Sbws0vLfX1/lI=
Subject key identifier: 3C:DB:DF:97:66:08:FD:D5:41:79:1B:48:BA:D9:B4:59:C9:23:A9:AA
Certificate issuer: /CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Certificate serial: 018570DE401F5A5F706E29C36551312DC671
Authority key identifier: 1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/PNvfl2YI_dVBeRtIutm0Wckjqao.roa
Signing time: Mon 02 Jan 2023 05:04:51 +0000
ROA not before: Mon 02 Jan 2023 05:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8315
IP address blocks: 91.200.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:40:1f:5a:5f:70:6e:29:c3:65:51:31:2d:c6:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Validity
Not Before: Jan 2 05:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cdbdf976608fdd541791b48bad9b459c923a9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d3:ab:01:01:11:29:b8:d0:30:f8:2a:94:14:
64:01:6d:2e:3d:11:7d:59:58:fe:3f:b8:a2:5e:60:
dd:7c:a4:4e:4f:91:07:06:36:be:93:89:b6:33:16:
8c:e6:b8:f0:e7:c4:4b:c1:f4:b9:98:2c:93:ad:e1:
45:bb:41:9f:a9:56:7b:09:07:a1:ff:74:b6:0a:62:
99:32:a3:e4:bd:47:7e:0c:49:1f:f5:92:9e:a5:d3:
00:3a:d2:d3:35:79:e1:95:86:77:ef:7e:38:ac:74:
d5:e4:c1:4b:05:da:26:ad:d7:ef:4e:af:ab:9e:84:
ab:da:e0:3d:1a:5e:0e:2f:21:e5:69:b1:bd:03:a3:
f2:41:07:cb:2c:ff:26:82:53:4f:c1:3e:10:b0:6d:
04:42:97:13:fc:f7:b6:6f:cc:45:98:08:d2:bd:9f:
e2:05:53:8e:26:a6:58:17:fe:4a:0f:e9:6a:11:5c:
7c:e9:a6:0b:b9:bc:ad:ae:cc:b8:d1:d5:19:7e:67:
49:c6:36:61:74:02:b0:76:f4:5e:d2:0f:4e:19:9c:
d2:b3:28:c2:c0:da:5a:af:6c:46:9e:04:d5:f2:9d:
d5:86:40:14:fa:c3:b6:b3:0c:20:6b:1e:cb:e3:f0:
8e:3c:92:b4:92:da:82:26:a3:e4:00:43:8e:ba:cf:
e9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DB:DF:97:66:08:FD:D5:41:79:1B:48:BA:D9:B4:59:C9:23:A9:AA
X509v3 Authority Key Identifier:
keyid:1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/PNvfl2YI_dVBeRtIutm0Wckjqao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.50.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3a:9d:6a:6d:d3:ee:2c:31:a7:1d:4e:e1:e4:09:89:1b:a4:
87:71:ab:cd:99:2b:2b:d0:3a:dc:13:6f:61:e4:c5:29:3e:9f:
6f:e4:dd:3b:cd:ec:75:89:45:b5:82:cb:f0:03:bd:c8:63:4a:
32:de:53:2e:05:15:c2:bb:67:7c:de:62:cc:18:2e:d4:85:65:
12:85:34:0b:0b:0f:28:45:07:ef:cc:cd:7a:fa:10:9a:3b:64:
df:fa:2d:e8:28:5a:99:be:d4:53:3b:67:a7:fc:9a:cd:72:af:
da:fe:be:35:90:f1:43:dd:b2:ec:a6:e3:a7:6c:44:73:e1:f7:
92:93:95:f1:b4:48:44:4f:73:36:0e:d0:88:08:3c:61:67:6d:
a1:17:29:98:ce:9c:8c:dd:6c:6a:d3:03:6c:71:c2:97:23:9f:
89:5d:bd:37:dd:2b:44:b1:3c:a9:03:c7:99:c7:b2:fb:5a:8c:
d6:91:89:00:89:8f:fb:83:80:02:ed:b2:cc:5b:2b:c1:c6:33:
fd:f0:cb:28:3c:80:60:3a:97:2e:91:79:99:3f:7b:b7:8c:4e:
2f:4f:df:4c:d4:1e:54:f4:e7:99:d4:7d:78:90:a5:7d:d0:ca:
aa:19:3e:6c:ef:36:85:3f:9d:01:24:71:7c:3a:a0:40:3c:1f:
12:46:d5:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3kAfWl9wbinDZVExLcZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTM4NDliZmYzMzdkZjhiOGIwYmQxYWUyNTJlZTYxMTlk
OGE2MWYwHhcNMjMwMTAyMDUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RiZGY5NzY2MDhmZGQ1NDE3OTFiNDhiYWQ5YjQ1OWM5MjNhOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NOrAQERKbjQMPgqlBRkAW0uPRF9
WVj+P7iiXmDdfKROT5EHBja+k4m2MxaM5rjw58RLwfS5mCyTreFFu0GfqVZ7CQeh
/3S2CmKZMqPkvUd+DEkf9ZKepdMAOtLTNXnhlYZ37344rHTV5MFLBdomrdfvTq+r
noSr2uA9Gl4OLyHlabG9A6PyQQfLLP8mglNPwT4QsG0EQpcT/Pe2b8xFmAjSvZ/i
BVOOJqZYF/5KD+lqEVx86aYLubytrsy40dUZfmdJxjZhdAKwdvRe0g9OGZzSsyjC
wNpar2xGngTV8p3VhkAU+sO2swwgax7L4/COPJK0ktqCJqPkAEOOus/pPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzb35dmCP3VQXkbSLrZtFnJI6mqMB8GA1UdIwQY
MBaAFBqThJv/M334uLC9GuJS7mEZ2KYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjkt
NDNlNjdkNWQwYTg1LzEvUE52ZmwyWUlfZFZCZVJ0SXV0bTBXY2tqcWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjktNDNlNjdkNWQwYTg1
LzEvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8gyMA0G
CSqGSIb3DQEBCwUAA4IBAQBAOp1qbdPuLDGnHU7h5AmJG6SHcavNmSsr0DrcE29h
5MUpPp9v5N07zex1iUW1gsvwA73IY0oy3lMuBRXCu2d83mLMGC7UhWUShTQLCw8o
RQfvzM16+hCaO2Tf+i3oKFqZvtRTO2en/JrNcq/a/r41kPFD3bLspuOnbERz4feS
k5XxtEhET3M2DtCICDxhZ22hFymYzpyM3Wxq0wNsccKXI5+JXb033StEsTypA8eZ
x7L7WozWkYkAiY/7g4AC7bLMWyvBxjP98MsoPIBgOpcukXmZP3u3jE4vT99M1B5U
9OeZ1H14kKV90MqqGT5s7zaFP50BJHF8OqBAPB8SRtWK
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:41:49 2025 by rpki-client