Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/vODIZqcB3gFqCD37jM138OOsd38.roa
File: vODIZqcB3gFqCD37jM138OOsd38.roa (raw, json)
Hash identifier: qHgce9cvfqmtmF/w9t991hBImQAeqvCGdU9/YLsXNuc=
Subject key identifier: BC:E0:C8:66:A7:01:DE:01:6A:08:3D:FB:8C:CD:77:F0:E3:AC:77:7F
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 01857246DB1A24CAA52B4BA07723B915F551
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/vODIZqcB3gFqCD37jM138OOsd38.roa
Signing time: Mon 02 Jan 2023 11:38:44 +0000
ROA not before: Mon 02 Jan 2023 11:38:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43666
IP address blocks: 91.197.182.0/24 maxlen: 24
91.197.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:db:1a:24:ca:a5:2b:4b:a0:77:23:b9:15:f5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: Jan 2 11:38:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bce0c866a701de016a083dfb8ccd77f0e3ac777f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:38:99:62:90:95:90:5e:19:0d:b5:83:a4:c6:
3f:35:e6:e5:3d:87:64:74:11:ad:24:18:bf:9f:01:
b2:fb:17:89:f8:c8:59:56:f5:83:2d:f4:02:2f:e4:
a6:a5:d8:4d:bb:c6:5e:ad:62:d3:f1:28:70:42:74:
41:9d:7b:54:9c:3e:4a:02:8a:44:77:c5:b9:1d:53:
eb:bf:68:6f:e6:8e:4c:8e:e7:b3:98:37:13:90:4f:
a1:83:08:22:52:b0:10:7d:93:ae:95:2f:4a:0d:ab:
6f:64:9a:77:e6:c9:28:60:0c:3e:cc:f7:3e:de:8c:
54:e0:4a:fe:51:9b:2b:5b:48:26:bd:cd:1d:fb:a4:
e7:b7:22:c7:ab:83:e1:40:c6:ae:cd:c9:47:2a:19:
7d:8f:c2:85:6c:5c:5b:af:50:1d:75:6a:a3:9b:5b:
58:30:df:b8:1f:48:48:13:62:b6:88:4e:99:88:0b:
ab:5f:ac:2f:8e:1f:91:74:2e:5c:96:c2:67:40:30:
81:eb:c3:50:32:77:7a:df:46:36:4c:9a:a6:30:4c:
f2:ed:ad:2e:80:2b:50:8b:a3:e0:5f:ae:84:4d:66:
33:b4:56:61:db:f9:34:c2:19:56:28:fa:3f:ba:da:
9a:af:8e:f7:73:38:95:34:8d:f4:9b:02:5c:b3:06:
89:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E0:C8:66:A7:01:DE:01:6A:08:3D:FB:8C:CD:77:F0:E3:AC:77:7F
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/vODIZqcB3gFqCD37jM138OOsd38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.180.0/24
91.197.182.0/24
Signature Algorithm: sha256WithRSAEncryption
52:a4:34:24:87:80:2e:45:80:97:e2:26:92:7b:1d:16:1d:96:
ac:43:fb:b1:66:5d:ef:b4:56:2c:a4:d2:9d:e6:e7:f4:5e:a8:
22:01:35:aa:b2:1a:ba:8d:ce:39:80:3b:fd:99:3e:a6:b4:99:
eb:97:2f:ac:92:ec:7a:94:4b:3a:5d:aa:9e:c5:2a:69:5d:62:
88:b2:a5:d6:e8:16:00:3d:79:69:29:72:cd:b1:5c:26:7a:76:
d1:15:f6:8d:fa:cd:d2:7c:86:53:9d:79:6d:f6:44:93:af:b4:
a5:26:54:54:6f:28:06:32:95:e9:44:57:cc:76:50:3e:8f:ca:
28:80:c2:92:73:a3:1f:44:1d:a3:51:0b:92:f9:4c:7e:c0:cd:
f3:e7:39:71:bb:57:4c:c2:fe:3e:56:e4:df:ad:30:a6:c8:7c:
b4:c2:6b:3c:e5:d3:a3:c7:12:35:5a:01:5f:0f:31:20:5b:2f:
d9:47:49:85:ee:38:7c:a4:9e:1b:9c:a8:67:17:a1:b9:6b:86:
a9:aa:63:4e:6f:b2:53:bf:b1:a0:d8:06:97:ce:1c:90:15:a2:
97:4f:65:17:5a:4d:d1:ed:ae:12:c3:69:36:6e:f0:b2:73:2c:
d9:17:4b:07:55:d9:12:4a:4f:9e:33:31:4e:12:23:2e:34:07:
46:37:78:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRtsaJMqlK0ugdyO5FfVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYTc3NDI3YzAzNzA5YjMzOWE5NWIwYWQ5YTRhYzlkMmM5
MmM5MDMwHhcNMjMwMTAyMTEzODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2UwYzg2NmE3MDFkZTAxNmEwODNkZmI4Y2NkNzdmMGUzYWM3NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ziZYpCVkF4ZDbWDpMY/NeblPYdk
dBGtJBi/nwGy+xeJ+MhZVvWDLfQCL+SmpdhNu8ZerWLT8ShwQnRBnXtUnD5KAopE
d8W5HVPrv2hv5o5MjuezmDcTkE+hgwgiUrAQfZOulS9KDatvZJp35skoYAw+zPc+
3oxU4Er+UZsrW0gmvc0d+6TntyLHq4PhQMauzclHKhl9j8KFbFxbr1AddWqjm1tY
MN+4H0hIE2K2iE6ZiAurX6wvjh+RdC5clsJnQDCB68NQMnd630Y2TJqmMEzy7a0u
gCtQi6PgX66ETWYztFZh2/k0whlWKPo/utqar473cziVNI30mwJcswaJmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzgyGanAd4Bagg9+4zNd/DjrHd/MB8GA1UdIwQY
MBaAFDKndCfANwmzOalbCtmkrJ0skskDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmIt
N2Q0MGI3YzhmYjAxLzEvdk9ESVpxY0IzZ0ZxQ0QzN2pNMTM4T09zZDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmItN2Q0MGI3YzhmYjAx
LzEvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8W0AwQA
W8W2MA0GCSqGSIb3DQEBCwUAA4IBAQBSpDQkh4AuRYCX4iaSex0WHZasQ/uxZl3v
tFYspNKd5uf0XqgiATWqshq6jc45gDv9mT6mtJnrly+skux6lEs6XaqexSppXWKI
sqXW6BYAPXlpKXLNsVwmenbRFfaN+s3SfIZTnXlt9kSTr7SlJlRUbygGMpXpRFfM
dlA+j8oogMKSc6MfRB2jUQuS+Ux+wM3z5zlxu1dMwv4+VuTfrTCmyHy0wms85dOj
xxI1WgFfDzEgWy/ZR0mF7jh8pJ4bnKhnF6G5a4apqmNOb7JTv7Gg2AaXzhyQFaKX
T2UXWk3R7a4Sw2k2bvCycyzZF0sHVdkSSk+eMzFOEiMuNAdGN3gL
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:03:15 2025 by rpki-client