Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/af4e4b-2026-4bbb-9628-f08a0ae92b8d/1/Z9AgKRLWyWUtP25hfYSo6l6qcNU.roa
File: Z9AgKRLWyWUtP25hfYSo6l6qcNU.roa (raw, json)
Hash identifier: 5GkrBOhtANFTKP/mkuiI/cdcs2TENfd1B4HmsmA8Orc=
Subject key identifier: 67:D0:20:29:12:D6:C9:65:2D:3F:6E:61:7D:84:A8:EA:5E:AA:70:D5
Certificate issuer: /CN=b18c4a4300837c4ea17ad1e3821a09ad53764087
Certificate serial: 01856FD50FA0DD8982426C061A049B8FC9BE
Authority key identifier: B1:8C:4A:43:00:83:7C:4E:A1:7A:D1:E3:82:1A:09:AD:53:76:40:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYxKQwCDfE6hetHjghoJrVN2QIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/af4e4b-2026-4bbb-9628-f08a0ae92b8d/1/Z9AgKRLWyWUtP25hfYSo6l6qcNU.roa
Signing time: Mon 02 Jan 2023 00:15:12 +0000
ROA not before: Mon 02 Jan 2023 00:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213011
IP address blocks: 91.211.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:0f:a0:dd:89:82:42:6c:06:1a:04:9b:8f:c9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b18c4a4300837c4ea17ad1e3821a09ad53764087
Validity
Not Before: Jan 2 00:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67d0202912d6c9652d3f6e617d84a8ea5eaa70d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c2:a0:c1:6d:8d:3a:a5:d5:00:69:9f:12:4b:
41:64:e6:73:ba:9c:7b:88:28:5c:84:8d:6f:12:3b:
d6:7e:70:9e:ae:5e:3e:ff:c3:27:75:c9:93:98:01:
22:5f:7a:c7:78:59:46:da:c7:e1:5f:ce:70:95:85:
b8:a9:fe:5b:ea:2f:06:51:39:c5:4e:84:93:17:2c:
63:9b:fe:89:7b:12:79:81:24:11:95:46:86:35:cc:
2a:ba:cf:54:c9:e4:3f:1a:49:9c:d2:70:ff:95:d3:
2f:a5:2e:ce:1d:0e:90:5f:52:b9:2f:36:b9:06:94:
15:d2:25:cc:23:7f:2f:cf:5a:99:2b:4d:e7:dc:23:
bd:28:60:60:be:5a:23:60:e3:12:e6:80:74:67:08:
57:5b:0f:8a:41:de:c9:f9:1f:4d:c4:d3:bb:b8:2e:
99:54:de:06:df:70:19:bd:9b:f3:6c:d7:50:8b:5a:
05:06:aa:17:9d:14:df:45:fc:06:97:6e:c6:b6:f3:
ed:85:4e:93:cb:1b:f6:09:d1:c4:c7:dc:69:9a:4d:
35:06:a9:be:7c:46:12:a0:50:88:c8:9e:38:5e:08:
42:3c:c3:59:ec:aa:f7:fd:a1:81:10:25:9f:1f:86:
de:60:f5:ef:00:8d:b8:2f:59:6c:69:0f:6a:02:2c:
9c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D0:20:29:12:D6:C9:65:2D:3F:6E:61:7D:84:A8:EA:5E:AA:70:D5
X509v3 Authority Key Identifier:
keyid:B1:8C:4A:43:00:83:7C:4E:A1:7A:D1:E3:82:1A:09:AD:53:76:40:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYxKQwCDfE6hetHjghoJrVN2QIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/af4e4b-2026-4bbb-9628-f08a0ae92b8d/1/Z9AgKRLWyWUtP25hfYSo6l6qcNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/af4e4b-2026-4bbb-9628-f08a0ae92b8d/1/sYxKQwCDfE6hetHjghoJrVN2QIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.1.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5e:79:8a:f5:91:8c:4c:2b:23:95:33:51:41:e4:2b:37:45:
8e:ae:be:f4:97:bc:f8:60:1c:b5:fd:c6:68:5a:b7:a7:15:f6:
01:99:7d:63:67:0c:27:4d:09:f9:e3:62:f5:59:7a:0e:33:08:
5b:30:7b:81:1b:da:a9:30:e5:7d:59:93:46:76:f7:9d:6b:af:
cc:29:f5:33:25:0f:44:da:5a:37:c9:04:7d:14:cc:f8:18:4e:
07:a1:7c:9a:79:cd:1b:bd:db:ba:7b:83:29:38:2f:a6:4d:32:
a8:07:b3:bb:0e:50:a5:e5:b3:9a:13:08:9b:da:60:e1:c7:4f:
f4:b0:93:05:b0:ed:d7:19:46:d5:a9:b6:b1:ff:83:4c:2f:7a:
42:b2:00:f3:a6:3a:b7:29:68:5c:c4:48:16:39:32:dd:29:f7:
08:ad:d8:4a:e6:21:db:25:3f:89:8c:1d:93:e9:b6:a6:55:cd:
7e:48:f8:16:a8:db:29:f6:92:ae:45:e4:6f:e1:ab:e7:a2:2a:
5c:17:13:6b:2e:c2:9a:07:55:61:4c:69:f1:6c:26:47:24:df:
71:d4:45:1a:ed:f2:20:24:08:e7:56:71:fe:f0:b6:ac:3f:32:
07:e5:7a:7c:ea:11:46:7b:6b:9d:45:06:1e:be:f9:9a:ad:6a:
ec:f3:12:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Q+g3YmCQmwGGgSbj8m+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOGM0YTQzMDA4MzdjNGVhMTdhZDFlMzgyMWEwOWFkNTM3
NjQwODcwHhcNMjMwMTAyMDAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2QwMjAyOTEyZDZjOTY1MmQzZjZlNjE3ZDg0YThlYTVlYWE3MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMKgwW2NOqXVAGmfEktBZOZzupx7
iChchI1vEjvWfnCerl4+/8MndcmTmAEiX3rHeFlG2sfhX85wlYW4qf5b6i8GUTnF
ToSTFyxjm/6JexJ5gSQRlUaGNcwqus9UyeQ/Gkmc0nD/ldMvpS7OHQ6QX1K5Lza5
BpQV0iXMI38vz1qZK03n3CO9KGBgvlojYOMS5oB0ZwhXWw+KQd7J+R9NxNO7uC6Z
VN4G33AZvZvzbNdQi1oFBqoXnRTfRfwGl27GtvPthU6Tyxv2CdHEx9xpmk01Bqm+
fEYSoFCIyJ44XghCPMNZ7Kr3/aGBECWfH4beYPXvAI24L1lsaQ9qAiyctwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfQICkS1sllLT9uYX2EqOpeqnDVMB8GA1UdIwQY
MBaAFLGMSkMAg3xOoXrR44IaCa1TdkCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1l4S1F3Q0RmRTZoZXRIamdob0pyVk4yUUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZjRlNGItMjAyNi00YmJiLTk2Mjgt
ZjA4YTBhZTkyYjhkLzEvWjlBZ0tSTFd5V1V0UDI1aGZZU282bDZxY05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZjRlNGItMjAyNi00YmJiLTk2MjgtZjA4YTBhZTkyYjhk
LzEvc1l4S1F3Q0RmRTZoZXRIamdob0pyVk4yUUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9MBMA0G
CSqGSIb3DQEBCwUAA4IBAQBxXnmK9ZGMTCsjlTNRQeQrN0WOrr70l7z4YBy1/cZo
WrenFfYBmX1jZwwnTQn542L1WXoOMwhbMHuBG9qpMOV9WZNGdveda6/MKfUzJQ9E
2lo3yQR9FMz4GE4HoXyaec0bvdu6e4MpOC+mTTKoB7O7DlCl5bOaEwib2mDhx0/0
sJMFsO3XGUbVqbax/4NML3pCsgDzpjq3KWhcxEgWOTLdKfcIrdhK5iHbJT+JjB2T
6bamVc1+SPgWqNsp9pKuReRv4avnoipcFxNrLsKaB1VhTGnxbCZHJN9x1EUa7fIg
JAjnVnH+8LasPzIH5Xp86hFGe2udRQYevvmarWrs8xK1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:45 2025 by rpki-client