Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/PZmacYcZKidufCE_GfHWWy_tXZU.roa
File: PZmacYcZKidufCE_GfHWWy_tXZU.roa (raw, json)
Hash identifier: l5SMrTKmL5vDgx6T/y+W8O0Gntvmmd6l6GTHxpRGKZ8=
Subject key identifier: 3D:99:9A:71:87:19:2A:27:6E:7C:21:3F:19:F1:D6:5B:2F:ED:5D:95
Certificate issuer: /CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Certificate serial: 01856DD43CF99E298BC7475A64035D68E68A
Authority key identifier: 9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/PZmacYcZKidufCE_GfHWWy_tXZU.roa
Signing time: Sun 01 Jan 2023 14:55:03 +0000
ROA not before: Sun 01 Jan 2023 14:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197642
IP address blocks: 91.223.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:3c:f9:9e:29:8b:c7:47:5a:64:03:5d:68:e6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Validity
Not Before: Jan 1 14:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d999a7187192a276e7c213f19f1d65b2fed5d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f9:88:9e:e5:3d:ae:ac:50:c4:34:a1:82:31:
c6:5a:34:75:12:77:15:27:88:5b:36:e1:8a:a5:5f:
61:17:dd:a4:29:29:37:3d:e5:54:03:e7:6a:e0:b9:
9e:b6:59:0e:b9:79:47:8a:8d:82:91:c9:00:c6:69:
36:e4:d2:9a:a4:8c:e7:b2:69:bb:13:e2:68:e8:b9:
5d:a4:14:66:ed:72:d7:f8:38:0c:38:9f:81:f5:ee:
86:58:ee:5a:17:62:0c:df:df:a6:d9:7c:4a:94:21:
b0:6a:be:a5:48:8c:99:5f:84:57:c4:01:41:73:4b:
5b:bc:af:68:d4:f0:f4:f2:6a:fa:83:d8:54:41:45:
13:c1:85:9c:aa:ac:f3:09:35:cd:26:89:d9:f6:79:
5a:a2:6f:53:37:fa:8e:e0:b8:87:f5:60:1f:44:45:
b6:ef:9b:af:8c:7c:7b:30:c4:85:3a:7b:7f:a0:9d:
a0:e6:6b:68:8f:20:eb:cc:02:93:13:8f:c1:a5:bf:
36:f4:29:93:76:07:93:a1:1d:e1:99:f5:cb:67:ab:
7a:84:c0:f5:41:76:e5:6a:67:0a:df:09:e8:71:86:
8c:8b:a1:8d:92:2c:ee:e3:a0:a1:ce:b0:82:ac:ad:
e1:82:55:4d:d8:c6:2c:02:8a:67:d3:ed:ae:6a:ee:
74:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:99:9A:71:87:19:2A:27:6E:7C:21:3F:19:F1:D6:5B:2F:ED:5D:95
X509v3 Authority Key Identifier:
keyid:9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/PZmacYcZKidufCE_GfHWWy_tXZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/n1ZG99ivwKkz-zMzPzcBPYOgTQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.209.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:32:f0:d9:64:53:6a:ae:4b:cd:14:26:ec:4b:b2:73:8e:0e:
22:3c:6d:79:d9:42:3d:1e:ba:b3:1a:aa:b6:3a:b5:e0:31:9b:
67:02:c1:c1:ee:e8:1b:0e:e5:a9:ed:82:f3:e1:c6:26:d4:b0:
4d:1e:c2:99:63:d9:35:88:e0:ce:85:96:be:67:91:04:bb:ad:
68:7f:90:e4:a4:e9:95:11:a4:a3:c7:7b:59:48:79:17:7d:65:
56:ad:a7:2e:48:a8:7b:db:99:be:64:d7:e4:4a:f9:d4:57:83:
79:b6:d6:4f:f2:fe:4f:ae:7e:e2:ab:8d:e5:c9:33:d1:e0:87:
f0:3b:f4:92:a3:5d:df:f5:8c:4b:36:52:f4:1d:94:c5:dc:91:
3f:ac:d5:06:b8:14:e1:15:8b:18:09:22:81:f3:dc:35:be:0a:
4d:43:6d:36:bc:aa:47:3f:6f:c7:84:32:e2:86:f5:e3:1f:84:
f6:42:ae:76:02:6c:da:dc:5f:19:c8:d1:ca:79:d1:26:a7:6c:
69:f4:d9:de:0e:f5:ed:ee:22:6b:2f:6d:41:96:7b:a2:75:55:
30:79:47:95:1e:c0:c8:65:67:91:68:75:7e:47:d5:77:e1:69:
b3:e0:4e:7f:c0:3c:dc:e1:bd:03:7e:c1:b4:88:50:78:20:d0:
1c:83:d5:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1Dz5nimLx0daZANdaOaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNTY0NmY3ZDhhZmMwYTkzM2ZiMzMzMzNmMzcwMTNkODNh
MDRkMDAwHhcNMjMwMTAxMTQ1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk5OWE3MTg3MTkyYTI3NmU3YzIxM2YxOWYxZDY1YjJmZWQ1ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofmInuU9rqxQxDShgjHGWjR1EncV
J4hbNuGKpV9hF92kKSk3PeVUA+dq4LmetlkOuXlHio2CkckAxmk25NKapIznsmm7
E+Jo6LldpBRm7XLX+DgMOJ+B9e6GWO5aF2IM39+m2XxKlCGwar6lSIyZX4RXxAFB
c0tbvK9o1PD08mr6g9hUQUUTwYWcqqzzCTXNJonZ9nlaom9TN/qO4LiH9WAfREW2
75uvjHx7MMSFOnt/oJ2g5mtojyDrzAKTE4/Bpb829CmTdgeToR3hmfXLZ6t6hMD1
QXblamcK3wnocYaMi6GNkizu46ChzrCCrK3hglVN2MYsAopn0+2uau50BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2ZmnGHGSonbnwhPxnx1lsv7V2VMB8GA1UdIwQY
MBaAFJ9WRvfYr8CpM/szMz83AT2DoE0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFaRzk5aXZ3S2t6LXpNelB6Y0JQWU9nVFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85MTY5MTctODhjNS00ZTdiLTgxMWUt
N2QzMmNhMDY1YjY2LzEvUFptYWNZY1pLaWR1ZkNFX0dmSFdXeV90WFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85MTY5MTctODhjNS00ZTdiLTgxMWUtN2QzMmNhMDY1YjY2
LzEvbjFaRzk5aXZ3S2t6LXpNelB6Y0JQWU9nVFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/RMA0G
CSqGSIb3DQEBCwUAA4IBAQCwMvDZZFNqrkvNFCbsS7Jzjg4iPG152UI9HrqzGqq2
OrXgMZtnAsHB7ugbDuWp7YLz4cYm1LBNHsKZY9k1iODOhZa+Z5EEu61of5DkpOmV
EaSjx3tZSHkXfWVWracuSKh725m+ZNfkSvnUV4N5ttZP8v5Prn7iq43lyTPR4Ifw
O/SSo13f9YxLNlL0HZTF3JE/rNUGuBThFYsYCSKB89w1vgpNQ202vKpHP2/HhDLi
hvXjH4T2Qq52Amza3F8ZyNHKedEmp2xp9NneDvXt7iJrL21BlnuidVUweUeVHsDI
ZWeRaHV+R9V34Wmz4E5/wDzc4b0DfsG0iFB4INAcg9X3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:00 2025 by rpki-client