Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/TNoN_4qFtwmQs_KTmQ7n71lsTrs.roa
File: TNoN_4qFtwmQs_KTmQ7n71lsTrs.roa (raw, json)
Hash identifier: jCW15Hz+yvQTA5+qtQ/P3wC0Bep58K+a199KhDyuOHg=
Subject key identifier: 4C:DA:0D:FF:8A:85:B7:09:90:B3:F2:93:99:0E:E7:EF:59:6C:4E:BB
Certificate issuer: /CN=07d75335f77bf4240976277b1dd0e19bb23a8e1d
Certificate serial: 01885D379AAA6B434B2C3BCA54299CA12EAA
Authority key identifier: 07:D7:53:35:F7:7B:F4:24:09:76:27:7B:1D:D0:E1:9B:B2:3A:8E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9dTNfd79CQJdid7HdDhm7I6jh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/TNoN_4qFtwmQs_KTmQ7n71lsTrs.roa
Signing time: Sat 27 May 2023 12:38:25 +0000
ROA not before: Sat 27 May 2023 12:38:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205019
IP address blocks: 91.103.82.0/24 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5d:37:9a:aa:6b:43:4b:2c:3b:ca:54:29:9c:a1:2e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d75335f77bf4240976277b1dd0e19bb23a8e1d
Validity
Not Before: May 27 12:38:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cda0dff8a85b70990b3f293990ee7ef596c4ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:21:73:e6:e7:2b:c9:05:e9:2d:c9:da:5d:6e:
17:8e:4a:84:0c:14:1a:8d:03:4a:3e:2b:b8:fc:cf:
59:b2:c8:ac:ff:61:54:d4:07:03:7d:1c:ac:23:d8:
7b:f6:25:ca:c2:18:11:42:4c:e4:72:4c:a9:01:62:
47:28:f2:d4:3b:bb:f1:a3:ba:d6:77:73:a4:03:cb:
bf:5e:5f:b3:b5:f0:ea:70:88:6a:7c:99:c7:2c:ff:
a1:b1:6c:bd:50:ef:6b:51:78:10:4d:37:d0:1d:2c:
9c:b8:78:45:f6:a3:56:2a:42:19:2d:de:21:a9:07:
ec:b5:03:7b:12:88:61:2e:a9:06:ed:35:40:02:e4:
0d:06:02:63:b7:00:b5:e6:a5:3a:39:0b:51:44:05:
be:dd:17:33:b5:8a:18:af:19:0d:e2:0f:77:cd:7a:
41:06:bd:56:b5:77:e9:c3:64:07:64:2d:54:8a:14:
de:12:51:b8:79:73:ae:56:02:ca:d1:ae:88:fc:c3:
a6:60:da:e5:60:9d:ce:22:81:31:46:d8:6a:66:91:
e9:70:3a:a7:7d:f2:c3:b5:c2:e4:da:8d:e3:77:89:
39:c2:4f:9a:64:94:5e:66:01:a8:ee:fe:94:7f:89:
4f:ac:77:a3:e4:8c:32:99:0a:56:96:f6:73:2b:d4:
06:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DA:0D:FF:8A:85:B7:09:90:B3:F2:93:99:0E:E7:EF:59:6C:4E:BB
X509v3 Authority Key Identifier:
keyid:07:D7:53:35:F7:7B:F4:24:09:76:27:7B:1D:D0:E1:9B:B2:3A:8E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9dTNfd79CQJdid7HdDhm7I6jh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/TNoN_4qFtwmQs_KTmQ7n71lsTrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/B9dTNfd79CQJdid7HdDhm7I6jh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.82.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e0:71:99:05:b9:30:a8:b9:97:87:54:00:8e:18:bd:c4:16:
b5:40:30:56:1a:fc:6f:5e:75:9b:69:2f:3a:ad:be:fb:b7:d4:
89:b0:57:ae:29:98:77:59:87:2f:52:b7:a4:cf:95:6f:c8:95:
ba:2e:c8:c9:af:c9:b1:ed:91:67:b7:eb:ca:8d:26:17:f6:50:
01:56:a5:8a:51:2c:6e:80:91:97:f6:8b:08:e4:8b:89:4b:2f:
82:f3:f0:c3:42:77:37:a1:04:38:03:52:30:98:74:0b:ca:c2:
69:dd:a2:ef:f3:b7:b7:92:e7:30:0b:d8:05:63:cf:d8:ce:c7:
f7:5a:55:55:1d:fc:d7:b2:7b:b0:ab:eb:2f:09:71:a9:1a:54:
d3:e4:d5:5b:fd:17:19:40:ef:91:21:c2:8c:ee:05:2e:9e:4b:
62:c0:33:61:2d:5b:f4:4c:58:a4:86:19:67:17:fa:89:39:38:
88:a3:ad:4b:9c:4a:56:ed:d3:63:50:4c:5b:c6:40:4a:2e:96:
bb:59:fb:ed:12:51:1c:37:ef:3f:3f:cc:f8:a6:0a:1c:c1:cf:
d5:32:4c:cd:90:ae:dc:0c:f6:49:4e:90:21:d3:3b:dc:09:2e:
5b:2c:33:56:8d:05:1b:4e:d5:0a:63:f9:1a:9d:e9:08:23:aa:
df:2b:38:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhdN5qqa0NLLDvKVCmcoS6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDc1MzM1Zjc3YmY0MjQwOTc2Mjc3YjFkZDBlMTliYjIz
YThlMWQwHhcNMjMwNTI3MTIzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RhMGRmZjhhODViNzA5OTBiM2YyOTM5OTBlZTdlZjU5NmM0ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyFz5ucryQXpLcnaXW4XjkqEDBQa
jQNKPiu4/M9Zssis/2FU1AcDfRysI9h79iXKwhgRQkzkckypAWJHKPLUO7vxo7rW
d3OkA8u/Xl+ztfDqcIhqfJnHLP+hsWy9UO9rUXgQTTfQHSycuHhF9qNWKkIZLd4h
qQfstQN7EohhLqkG7TVAAuQNBgJjtwC15qU6OQtRRAW+3RcztYoYrxkN4g93zXpB
Br1WtXfpw2QHZC1UihTeElG4eXOuVgLK0a6I/MOmYNrlYJ3OIoExRthqZpHpcDqn
ffLDtcLk2o3jd4k5wk+aZJReZgGo7v6Uf4lPrHej5IwymQpWlvZzK9QGQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzaDf+KhbcJkLPyk5kO5+9ZbE67MB8GA1UdIwQY
MBaAFAfXUzX3e/QkCXYnex3Q4ZuyOo4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlkVE5mZDc5Q1FKZGlkN0hkRGhtN0k2amgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZTNmYTctZmM4OC00ZjQ4LWE1Y2Ut
YTQ1YmJjYjM0ZGU1LzEvVE5vTl80cUZ0d21Rc19LVG1RN243MWxzVHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZTNmYTctZmM4OC00ZjQ4LWE1Y2UtYTQ1YmJjYjM0ZGU1
LzEvQjlkVE5mZDc5Q1FKZGlkN0hkRGhtN0k2amgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2dSMA0G
CSqGSIb3DQEBCwUAA4IBAQCW4HGZBbkwqLmXh1QAjhi9xBa1QDBWGvxvXnWbaS86
rb77t9SJsFeuKZh3WYcvUrekz5VvyJW6LsjJr8mx7ZFnt+vKjSYX9lABVqWKUSxu
gJGX9osI5IuJSy+C8/DDQnc3oQQ4A1IwmHQLysJp3aLv87e3kucwC9gFY8/Yzsf3
WlVVHfzXsnuwq+svCXGpGlTT5NVb/RcZQO+RIcKM7gUunktiwDNhLVv0TFikhhln
F/qJOTiIo61LnEpW7dNjUExbxkBKLpa7WfvtElEcN+8/P8z4pgocwc/VMkzNkK7c
DPZJTpAh0zvcCS5bLDNWjQUbTtUKY/kanekII6rfKzh+
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:53:42 2025 by rpki-client