Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9a6cf5-1342-4c3b-87af-160c24c66630/1/0-_DnMyew2aWxbzWt8OiHCOU5pY.roa
File: 0-_DnMyew2aWxbzWt8OiHCOU5pY.roa (raw, json)
Hash identifier: Id3qgJC8Ij/rp1cBWTaIEgsh0R9K3TuAZa1zeRktxyE=
Subject key identifier: D3:EF:C3:9C:CC:9E:C3:66:96:C5:BC:D6:B7:C3:A2:1C:23:94:E6:96
Certificate issuer: /CN=8898db8cb861bbbdd1fb7562def4d77d8642c324
Certificate serial: 01856F700177293DEE8A96142089CC7F12C1
Authority key identifier: 88:98:DB:8C:B8:61:BB:BD:D1:FB:75:62:DE:F4:D7:7D:86:42:C3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iJjbjLhhu73R-3Vi3vTXfYZCwyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9a6cf5-1342-4c3b-87af-160c24c66630/1/0-_DnMyew2aWxbzWt8OiHCOU5pY.roa
Signing time: Sun 01 Jan 2023 22:24:49 +0000
ROA not before: Sun 01 Jan 2023 22:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44351
IP address blocks: 91.199.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:01:77:29:3d:ee:8a:96:14:20:89:cc:7f:12:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8898db8cb861bbbdd1fb7562def4d77d8642c324
Validity
Not Before: Jan 1 22:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3efc39ccc9ec36696c5bcd6b7c3a21c2394e696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:05:e7:f9:29:d5:08:71:05:2f:ab:74:0c:b9:
0c:63:b4:12:5a:dc:71:61:aa:16:8b:08:d6:22:29:
49:43:fd:96:f7:cb:55:76:de:b3:2e:6b:35:51:da:
21:a5:34:e3:e2:c0:a3:1e:f5:f3:c8:f8:c5:76:38:
a5:5d:8a:02:d3:78:9f:ea:70:33:14:44:07:aa:75:
08:24:ab:14:88:75:d0:74:64:a6:38:c1:1d:29:2a:
bf:e9:71:6e:82:53:98:08:7f:7f:92:65:00:4e:63:
83:94:09:2d:b6:cd:09:58:0d:28:f6:a5:80:c9:01:
02:53:a5:81:6b:f6:b5:cd:6d:93:3c:52:0b:bf:7d:
e0:c1:cc:69:05:f5:ea:0f:e6:6f:3e:6a:f8:3a:32:
3d:15:46:8b:ec:7b:61:b9:02:a2:14:1d:36:df:bc:
15:ea:2b:a8:10:45:c0:73:3b:d0:36:f4:1a:5a:74:
55:09:3c:b7:64:23:fc:6b:01:29:11:e5:2c:5f:90:
e4:d7:a5:f6:b5:41:44:be:46:47:fd:59:a0:80:e4:
45:5f:b1:91:5a:14:a4:88:60:d2:3a:5a:73:f0:65:
4f:c4:5d:ed:be:53:a4:74:9e:31:60:ae:1f:21:9d:
c9:8c:81:b3:06:85:cf:e3:28:e5:0c:d6:c1:5d:73:
bc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EF:C3:9C:CC:9E:C3:66:96:C5:BC:D6:B7:C3:A2:1C:23:94:E6:96
X509v3 Authority Key Identifier:
keyid:88:98:DB:8C:B8:61:BB:BD:D1:FB:75:62:DE:F4:D7:7D:86:42:C3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iJjbjLhhu73R-3Vi3vTXfYZCwyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a6cf5-1342-4c3b-87af-160c24c66630/1/0-_DnMyew2aWxbzWt8OiHCOU5pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a6cf5-1342-4c3b-87af-160c24c66630/1/iJjbjLhhu73R-3Vi3vTXfYZCwyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.92.0/24
Signature Algorithm: sha256WithRSAEncryption
89:da:24:06:a9:a0:36:30:1e:e2:eb:78:61:ed:70:df:c3:3f:
7c:06:3f:59:e2:22:99:2c:6e:07:0d:11:6c:65:4c:fe:6a:e1:
89:ce:a5:7b:18:03:18:24:97:50:6f:78:1b:12:7d:99:1b:7d:
7e:25:1e:d6:d2:87:f7:f5:0e:92:4e:b3:3e:ef:fb:cf:56:2d:
db:20:9b:bc:14:18:93:19:10:39:8c:8b:17:c6:63:b3:92:65:
87:20:2c:25:11:12:6b:11:8b:ed:a3:d2:20:a1:40:17:29:60:
a6:2c:0e:88:6d:23:98:db:a9:3a:f7:b8:e8:b7:74:37:eb:fc:
a3:d1:2f:42:07:4a:02:55:8d:d7:33:bc:00:8b:52:eb:92:63:
c3:08:48:bc:76:82:95:ca:57:ff:7c:8b:be:d3:11:ec:2d:82:
01:53:8f:57:d8:4b:06:1c:c3:fe:0b:7c:77:3c:ab:01:b4:19:
79:35:a6:d4:e5:9d:80:d5:ba:bb:ae:b3:06:0f:08:a4:95:29:
b6:de:f2:4f:6d:07:fe:50:b9:36:1a:8b:cf:c8:ad:3d:79:b8:
bb:4c:10:26:23:59:35:ba:fd:6f:7f:d9:27:ec:93:92:62:c5:
38:5a:77:f1:89:c3:f1:72:1b:a9:0b:9e:70:19:99:f1:fa:f3:
e6:56:1e:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcAF3KT3uipYUIInMfxLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4OThkYjhjYjg2MWJiYmRkMWZiNzU2MmRlZjRkNzdkODY0
MmMzMjQwHhcNMjMwMTAxMjIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2VmYzM5Y2NjOWVjMzY2OTZjNWJjZDZiN2MzYTIxYzIzOTRlNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAXn+SnVCHEFL6t0DLkMY7QSWtxx
YaoWiwjWIilJQ/2W98tVdt6zLms1UdohpTTj4sCjHvXzyPjFdjilXYoC03if6nAz
FEQHqnUIJKsUiHXQdGSmOMEdKSq/6XFuglOYCH9/kmUATmODlAktts0JWA0o9qWA
yQECU6WBa/a1zW2TPFILv33gwcxpBfXqD+ZvPmr4OjI9FUaL7HthuQKiFB0237wV
6iuoEEXAczvQNvQaWnRVCTy3ZCP8awEpEeUsX5Dk16X2tUFEvkZH/VmggORFX7GR
WhSkiGDSOlpz8GVPxF3tvlOkdJ4xYK4fIZ3JjIGzBoXP4yjlDNbBXXO82wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPvw5zMnsNmlsW81rfDohwjlOaWMB8GA1UdIwQY
MBaAFIiY24y4Ybu90ft1Yt70132GQsMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUpqYmpMaGh1NzNSLTNWaTN2VFhmWVpDd3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85YTZjZjUtMTM0Mi00YzNiLTg3YWYt
MTYwYzI0YzY2NjMwLzEvMC1fRG5NeWV3MmFXeGJ6V3Q4T2lIQ09VNXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85YTZjZjUtMTM0Mi00YzNiLTg3YWYtMTYwYzI0YzY2NjMw
LzEvaUpqYmpMaGh1NzNSLTNWaTN2VFhmWVpDd3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dcMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ2iQGqaA2MB7i63hh7XDfwz98Bj9Z4iKZLG4HDRFs
ZUz+auGJzqV7GAMYJJdQb3gbEn2ZG31+JR7W0of39Q6STrM+7/vPVi3bIJu8FBiT
GRA5jIsXxmOzkmWHICwlERJrEYvto9IgoUAXKWCmLA6IbSOY26k697jot3Q36/yj
0S9CB0oCVY3XM7wAi1LrkmPDCEi8doKVylf/fIu+0xHsLYIBU49X2EsGHMP+C3x3
PKsBtBl5NabU5Z2A1bq7rrMGDwiklSm23vJPbQf+ULk2GovPyK09ebi7TBAmI1k1
uv1vf9kn7JOSYsU4WnfxicPxchupC55wGZnx+vPmVh5u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:08 2025 by rpki-client