Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/EsZYZ9dvDXS6GoGjqQhGQw83lOA.roa
File: EsZYZ9dvDXS6GoGjqQhGQw83lOA.roa (raw, json)
Hash identifier: bQUXbQIn2B/rBY0ErWem0yKVTrStnEwNi7XwUnDkltQ=
Subject key identifier: 12:C6:58:67:D7:6F:0D:74:BA:1A:81:A3:A9:08:46:43:0F:37:94:E0
Certificate issuer: /CN=8e7fced4f34e7f37e751b5b45f30b99c6311f97e
Certificate serial: 0189C28AC56D63BA8DDC96BCA47889E11783
Authority key identifier: 8E:7F:CE:D4:F3:4E:7F:37:E7:51:B5:B4:5F:30:B9:9C:63:11:F9:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jn_O1PNOfzfnUbW0XzC5nGMR-X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/EsZYZ9dvDXS6GoGjqQhGQw83lOA.roa
Signing time: Fri 04 Aug 2023 21:53:41 +0000
ROA not before: Fri 04 Aug 2023 21:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198126
IP address blocks: 91.231.228.0/24 maxlen: 24
2001:678:3bc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c2:8a:c5:6d:63:ba:8d:dc:96:bc:a4:78:89:e1:17:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e7fced4f34e7f37e751b5b45f30b99c6311f97e
Validity
Not Before: Aug 4 21:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12c65867d76f0d74ba1a81a3a90846430f3794e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:e2:e8:14:86:53:93:e7:c6:27:d9:59:db:
92:f7:93:60:c6:05:b4:b0:4b:ba:3a:17:c2:30:dc:
02:ea:fa:af:c1:3f:2e:23:54:45:07:c3:64:94:75:
5d:cd:e5:da:e5:1c:08:c1:f6:ec:77:47:33:71:6a:
dd:76:f8:f5:25:d6:e0:cd:a7:76:3b:ff:4d:dd:00:
71:e4:23:ac:d8:2b:fd:42:3f:6c:d3:75:48:d4:6b:
15:64:42:64:c0:91:c9:3b:79:b7:c3:fd:ec:de:7b:
3c:52:6d:dc:3c:31:d5:31:cb:26:4a:51:cd:44:16:
2f:42:ca:6a:e3:31:bb:a8:2a:9f:ea:9d:da:0a:60:
08:dd:af:60:21:9f:63:31:04:9c:a6:9b:06:b6:06:
5e:03:99:a6:91:fd:8f:a8:39:ab:bc:e3:1f:53:77:
b0:53:3e:0a:9e:89:dc:d1:eb:52:d2:3b:6b:c4:e8:
d8:45:24:f8:3b:ee:04:83:cf:47:55:d3:eb:55:4c:
f5:0f:bb:ae:f0:f7:51:4b:00:d8:d4:e1:ea:4e:ac:
75:81:04:d0:c3:47:b7:79:e2:49:f3:69:a1:d2:f5:
4c:b7:13:c4:b5:71:b6:59:ee:88:f8:f8:87:37:f1:
0f:c8:f1:b9:1e:da:b1:18:b3:1d:ea:ff:69:53:3a:
8f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C6:58:67:D7:6F:0D:74:BA:1A:81:A3:A9:08:46:43:0F:37:94:E0
X509v3 Authority Key Identifier:
keyid:8E:7F:CE:D4:F3:4E:7F:37:E7:51:B5:B4:5F:30:B9:9C:63:11:F9:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jn_O1PNOfzfnUbW0XzC5nGMR-X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/EsZYZ9dvDXS6GoGjqQhGQw83lOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/913cd7-593f-4e99-b5ee-0d050358e656/1/jn_O1PNOfzfnUbW0XzC5nGMR-X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.228.0/24
IPv6:
2001:678:3bc::/48
Signature Algorithm: sha256WithRSAEncryption
16:1f:63:37:26:7c:46:83:5c:60:29:a6:d3:90:41:82:f4:43:
93:d0:52:fa:91:56:91:28:2f:87:fe:d1:43:ca:11:42:8c:34:
6f:de:13:58:54:59:d9:6c:63:5a:16:7a:da:80:ed:6f:ab:ff:
dc:b0:e7:19:34:46:ce:de:ec:2a:2e:3a:ca:15:ae:a7:36:b1:
a8:b1:1c:5e:95:d2:e7:83:c9:68:73:65:f1:f7:2c:a9:c5:e9:
ec:e9:c4:aa:d4:65:34:3f:66:53:92:b9:2c:28:ee:c0:7c:0a:
92:ad:87:56:2e:7f:f7:62:1d:1f:2d:26:a6:09:fb:d3:ff:9b:
5c:fb:2f:a8:8e:3c:52:40:7a:cc:29:9c:b1:6e:ad:66:9d:16:
3c:39:4d:d1:6b:81:db:c0:7b:8d:72:17:f1:ba:33:a4:b0:07:
61:19:a8:70:60:41:64:30:66:a4:91:f0:5b:20:f9:19:73:c1:
88:14:65:2c:20:8f:43:93:37:f4:45:54:f8:3b:14:2f:83:52:
42:e4:6e:1b:0a:29:f3:3e:52:35:78:db:17:4b:44:c3:61:fb:
a4:68:40:ff:4a:e9:3d:dd:21:ee:4d:0d:4c:b1:1e:c2:66:be:
22:6e:9b:12:1c:94:47:1f:f1:61:8f:a5:3e:ee:3d:40:9c:a5:
18:4e:dc:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnCisVtY7qN3Ja8pHiJ4ReDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlN2ZjZWQ0ZjM0ZTdmMzdlNzUxYjViNDVmMzBiOTljNjMx
MWY5N2UwHhcNMjMwODA0MjE1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmM2NTg2N2Q3NmYwZDc0YmExYTgxYTNhOTA4NDY0MzBmMzc5NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPji6BSGU5PnxifZWduS95NgxgW0
sEu6OhfCMNwC6vqvwT8uI1RFB8NklHVdzeXa5RwIwfbsd0czcWrddvj1Jdbgzad2
O/9N3QBx5COs2Cv9Qj9s03VI1GsVZEJkwJHJO3m3w/3s3ns8Um3cPDHVMcsmSlHN
RBYvQspq4zG7qCqf6p3aCmAI3a9gIZ9jMQScppsGtgZeA5mmkf2PqDmrvOMfU3ew
Uz4Knonc0etS0jtrxOjYRST4O+4Eg89HVdPrVUz1D7uu8PdRSwDY1OHqTqx1gQTQ
w0e3eeJJ82mh0vVMtxPEtXG2We6I+PiHN/EPyPG5HtqxGLMd6v9pUzqPHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBLGWGfXbw10uhqBo6kIRkMPN5TgMB8GA1UdIwQY
MBaAFI5/ztTzTn8351G1tF8wuZxjEfl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5fTzFQTk9memZuVWJXMFh6QzVuR01SLVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85MTNjZDctNTkzZi00ZTk5LWI1ZWUt
MGQwNTAzNThlNjU2LzEvRXNaWVo5ZHZEWFM2R29HanFRaEdRdzgzbE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS85MTNjZDctNTkzZi00ZTk5LWI1ZWUtMGQwNTAzNThlNjU2
LzEvam5fTzFQTk9memZuVWJXMFh6QzVuR01SLVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+fkMA8E
AgACMAkDBwAgAQZ4A7wwDQYJKoZIhvcNAQELBQADggEBABYfYzcmfEaDXGApptOQ
QYL0Q5PQUvqRVpEoL4f+0UPKEUKMNG/eE1hUWdlsY1oWetqA7W+r/9yw5xk0Rs7e
7CouOsoVrqc2saixHF6V0ueDyWhzZfH3LKnF6ezpxKrUZTQ/ZlOSuSwo7sB8CpKt
h1Yuf/diHR8tJqYJ+9P/m1z7L6iOPFJAeswpnLFurWadFjw5TdFrgdvAe41yF/G6
M6SwB2EZqHBgQWQwZqSR8Fsg+RlzwYgUZSwgj0OTN/RFVPg7FC+DUkLkbhsKKfM+
UjV42xdLRMNh+6RoQP9K6T3dIe5NDUyxHsJmviJumxIclEcf8WGPpT7uPUCcpRhO
3CY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:00 2025 by rpki-client