Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/mf-tDkLzBIii1yZSER8ebC6r_Nk.roa
File: mf-tDkLzBIii1yZSER8ebC6r_Nk.roa (raw, json)
Hash identifier: ORrfixY51rhYVQwSTURnO/bvZtcZ0v9rmeEr6kiBN7A=
Subject key identifier: 99:FF:AD:0E:42:F3:04:88:A2:D7:26:52:11:1F:1E:6C:2E:AB:FC:D9
Certificate issuer: /CN=2841262acd62c90e68081a6f777375df2c3713c2
Certificate serial: 018557D3938FDF5F147F85763C08E9090145
Authority key identifier: 28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/mf-tDkLzBIii1yZSER8ebC6r_Nk.roa
Signing time: Wed 28 Dec 2022 08:22:41 +0000
ROA not before: Wed 28 Dec 2022 08:22:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196792
IP address blocks: 91.217.98.0/23 maxlen: 23
91.217.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:d3:93:8f:df:5f:14:7f:85:76:3c:08:e9:09:01:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2841262acd62c90e68081a6f777375df2c3713c2
Validity
Not Before: Dec 28 08:22:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99ffad0e42f30488a2d72652111f1e6c2eabfcd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:de:8d:72:c2:1a:c5:45:8b:41:ef:b7:4a:85:
3c:f6:9a:c4:96:f4:a2:bb:cd:8e:09:39:98:b3:67:
07:f7:88:56:f0:d4:04:f5:6a:e9:9d:60:ad:1e:7b:
ab:98:30:fe:e4:05:46:71:41:b7:f6:4e:da:d5:a4:
87:f2:e9:f5:78:2d:ce:21:9d:d8:6b:c2:ff:4f:79:
ff:a1:21:89:01:4d:de:9f:0a:f6:7c:4e:5a:6c:69:
dd:ca:a9:a2:3f:1f:19:9c:72:94:2a:03:46:32:07:
ed:7f:1b:e5:04:ae:52:9d:5f:fb:a8:d1:7c:dd:d9:
e7:98:96:57:dd:e8:44:26:3f:fe:7f:0c:b3:8e:b1:
d6:11:25:ab:40:09:53:30:5c:30:6e:cc:3f:7a:ed:
4a:a2:b2:dd:f2:03:e0:14:a3:41:a4:ef:5c:43:c6:
4c:4d:ec:7b:50:db:cc:64:3d:d2:ca:e8:df:5d:b4:
a4:8a:b9:aa:71:e5:e9:9a:3c:a9:5b:f0:30:e5:b3:
3c:78:1b:0b:ef:26:94:c1:3e:96:7d:ce:97:65:f8:
0e:08:e8:b6:2a:06:5a:a3:9c:f8:b9:62:1a:36:94:
fa:a4:fb:c1:d8:38:8a:30:3e:ca:b7:eb:c8:6b:2c:
5c:94:dd:3d:76:4d:06:28:5e:e6:fb:df:91:ff:7a:
6f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FF:AD:0E:42:F3:04:88:A2:D7:26:52:11:1F:1E:6C:2E:AB:FC:D9
X509v3 Authority Key Identifier:
keyid:28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/mf-tDkLzBIii1yZSER8ebC6r_Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/KEEmKs1iyQ5oCBpvd3N13yw3E8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.98.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:01:9e:7c:2c:54:4b:27:62:9f:80:cc:88:a0:9f:2d:93:12:
5c:fe:6f:ce:5a:08:95:80:a0:18:a1:55:08:c2:ea:57:b8:e1:
4c:61:f2:0e:4b:3a:87:8f:7b:ae:ee:56:ea:f5:c8:e2:cf:4e:
a7:09:ac:48:3d:0e:92:53:7a:03:61:1a:87:68:30:81:25:b3:
d9:d1:b6:2f:e1:a3:98:1e:8d:fd:ab:65:f9:54:79:d9:20:9c:
6e:fd:16:61:21:77:a5:93:2a:2c:3f:e2:6a:6e:53:16:5b:04:
d0:52:70:51:f7:ba:09:fd:01:0a:59:29:dd:65:66:6b:ae:43:
8c:79:b8:00:c6:7d:18:16:fe:a9:78:17:89:36:4a:47:f4:16:
7f:16:71:ff:43:b4:bb:a0:29:22:7f:fb:c9:be:15:15:8a:81:
3b:bc:35:25:56:ec:c9:66:40:a9:85:67:d0:b3:1c:d1:d2:30:
54:28:28:85:32:20:23:ce:1c:f1:68:00:42:e2:09:38:c9:52:
a4:f9:37:ac:9e:96:42:b1:28:4f:55:3e:36:48:46:a4:75:00:
7f:1c:d1:42:11:e4:c1:9b:7b:96:37:11:46:e5:e7:70:e3:49:
2d:b2:cb:66:e1:63:e6:43:01:2c:3f:da:31:ff:db:2c:46:79:
9e:60:b1:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVX05OP318Uf4V2PAjpCQFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NDEyNjJhY2Q2MmM5MGU2ODA4MWE2Zjc3NzM3NWRmMmMz
NzEzYzIwHhcNMjIxMjI4MDgyMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZmYWQwZTQyZjMwNDg4YTJkNzI2NTIxMTFmMWU2YzJlYWJmY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN6NcsIaxUWLQe+3SoU89prElvSi
u82OCTmYs2cH94hW8NQE9WrpnWCtHnurmDD+5AVGcUG39k7a1aSH8un1eC3OIZ3Y
a8L/T3n/oSGJAU3enwr2fE5abGndyqmiPx8ZnHKUKgNGMgftfxvlBK5SnV/7qNF8
3dnnmJZX3ehEJj/+fwyzjrHWESWrQAlTMFwwbsw/eu1KorLd8gPgFKNBpO9cQ8ZM
Tex7UNvMZD3SyujfXbSkirmqceXpmjypW/Aw5bM8eBsL7yaUwT6Wfc6XZfgOCOi2
KgZao5z4uWIaNpT6pPvB2DiKMD7Kt+vIayxclN09dk0GKF7m+9+R/3pviQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJn/rQ5C8wSIotcmUhEfHmwuq/zZMB8GA1UdIwQY
MBaAFChBJirNYskOaAgab3dzdd8sNxPCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0VFbUtzMWl5UTVvQ0JwdmQzTjEzeXczRThJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMzIyNzYtMjVkYy00YzMwLThhN2It
OTVhMzNlMTJhM2FkLzEvbWYtdERrTHpCSWlpMXlaU0VSOGViQzZyX05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMzIyNzYtMjVkYy00YzMwLThhN2ItOTVhMzNlMTJhM2Fk
LzEvS0VFbUtzMWl5UTVvQ0JwdmQzTjEzeXczRThJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9liMA0G
CSqGSIb3DQEBCwUAA4IBAQB+AZ58LFRLJ2KfgMyIoJ8tkxJc/m/OWgiVgKAYoVUI
wupXuOFMYfIOSzqHj3uu7lbq9cjiz06nCaxIPQ6SU3oDYRqHaDCBJbPZ0bYv4aOY
Ho39q2X5VHnZIJxu/RZhIXelkyosP+JqblMWWwTQUnBR97oJ/QEKWSndZWZrrkOM
ebgAxn0YFv6peBeJNkpH9BZ/FnH/Q7S7oCkif/vJvhUVioE7vDUlVuzJZkCphWfQ
sxzR0jBUKCiFMiAjzhzxaABC4gk4yVKk+TesnpZCsShPVT42SEakdQB/HNFCEeTB
m3uWNxFG5edw40ktsstm4WPmQwEsP9ox/9ssRnmeYLES
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:29 2025 by rpki-client