Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/2Ocv67q-YFIF0pGb1AlRHT-mhCk.roa
File: 2Ocv67q-YFIF0pGb1AlRHT-mhCk.roa (raw, json)
Hash identifier: 1z72st2gciEgAe4xXP7Ie5VBv/gX7v8cjigdw5cmDjk=
Subject key identifier: D8:E7:2F:EB:BA:BE:60:52:05:D2:91:9B:D4:09:51:1D:3F:A6:84:29
Certificate issuer: /CN=54584a219f6f5066d848ed2ab964da8966d40a2a
Certificate serial: 018570CBF1A637A52C8DC3C119343BEC2C91
Authority key identifier: 54:58:4A:21:9F:6F:50:66:D8:48:ED:2A:B9:64:DA:89:66:D4:0A:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VFhKIZ9vUGbYSO0quWTaiWbUCio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/2Ocv67q-YFIF0pGb1AlRHT-mhCk.roa
Signing time: Mon 02 Jan 2023 04:44:51 +0000
ROA not before: Mon 02 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49420
IP address blocks: 91.231.221.0/24 maxlen: 24
91.212.242.0/24 maxlen: 24
2001:67c:24c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f1:a6:37:a5:2c:8d:c3:c1:19:34:3b:ec:2c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54584a219f6f5066d848ed2ab964da8966d40a2a
Validity
Not Before: Jan 2 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8e72febbabe605205d2919bd409511d3fa68429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:00:3a:50:33:f4:d4:2d:b2:fe:10:5a:9e:6b:
89:5d:85:b8:0c:72:01:d2:ef:8e:27:a1:0c:bd:31:
2b:08:e7:1e:e8:57:49:db:12:65:ae:05:e7:33:f3:
01:8a:bc:9e:fe:da:62:85:86:2c:98:d5:f7:e1:0f:
10:78:2a:96:bf:1f:7e:44:60:2a:27:d4:77:96:35:
0b:c9:84:ff:5c:53:ba:83:b5:d9:21:5c:2b:d2:39:
f1:79:86:9f:d0:f1:ca:cd:50:89:1e:e4:2f:b7:2d:
04:35:51:e8:13:3f:bb:b0:e8:de:fc:19:bc:bc:dc:
76:4e:fa:4a:cf:50:5e:1c:70:86:43:0d:08:06:a7:
5c:74:de:79:e5:f8:27:95:88:17:29:a5:2d:cf:6a:
f1:9a:d3:82:d6:aa:3c:66:73:01:e3:91:86:7c:16:
38:0f:8f:fd:09:47:1e:6e:90:5b:14:9a:ea:37:db:
c4:e6:14:a9:a0:66:07:0b:af:b9:01:b5:71:db:53:
83:51:7b:32:49:08:ff:57:d2:db:f7:e9:54:a6:1b:
4d:af:da:5e:d7:fc:f6:9d:e2:18:5f:dd:1b:d0:66:
c8:1c:86:6f:0d:1c:d2:8c:8f:5c:55:ab:40:eb:a9:
e6:b3:19:b5:9f:f7:88:fd:77:ab:36:c3:d9:46:12:
05:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E7:2F:EB:BA:BE:60:52:05:D2:91:9B:D4:09:51:1D:3F:A6:84:29
X509v3 Authority Key Identifier:
keyid:54:58:4A:21:9F:6F:50:66:D8:48:ED:2A:B9:64:DA:89:66:D4:0A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFhKIZ9vUGbYSO0quWTaiWbUCio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/2Ocv67q-YFIF0pGb1AlRHT-mhCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/VFhKIZ9vUGbYSO0quWTaiWbUCio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.242.0/24
91.231.221.0/24
IPv6:
2001:67c:24c::/48
Signature Algorithm: sha256WithRSAEncryption
6f:1c:85:6a:bb:f2:81:fb:89:4a:f7:88:0c:85:69:d4:ae:56:
43:40:a7:75:52:18:20:6d:55:81:89:e0:52:e4:3c:e0:28:7b:
34:8d:f4:d9:30:86:e3:74:a6:f6:69:5d:83:ec:62:f1:18:ba:
0f:e7:86:10:ea:29:ff:ca:63:b8:4e:16:0f:c4:e0:33:e2:20:
64:7b:9b:63:04:11:ba:b5:7f:9f:8a:bd:82:52:b5:b8:3e:3b:
0f:75:60:5b:76:28:7c:50:73:19:bf:13:c6:ed:c7:e0:33:ac:
cc:dd:91:09:2a:06:8c:d8:e0:c9:99:e1:80:57:2b:e8:eb:71:
55:0d:40:b9:07:e2:e6:01:c5:83:7c:68:0c:c4:50:61:d8:d2:
eb:41:d7:26:66:ca:66:bd:8a:29:92:e5:bd:d3:f3:9c:a7:35:
2f:d5:fc:83:16:8e:02:65:67:08:d1:46:c1:1f:bf:b7:61:52:
53:de:7b:52:ff:18:f4:a1:60:fb:61:8b:86:e9:ed:dd:0f:c7:
87:08:55:4f:03:44:04:68:81:0e:23:06:89:6a:d5:ac:f9:cb:
5b:2f:09:f5:3f:f1:06:cc:1e:09:17:98:2d:b4:fb:9f:ff:ed:
28:64:15:68:d6:8b:b6:b9:3b:e8:ae:5c:a6:c0:c3:bc:3d:37:
d9:9b:a2:42
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwy/GmN6UsjcPBGTQ77CyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NTg0YTIxOWY2ZjUwNjZkODQ4ZWQyYWI5NjRkYTg5NjZk
NDBhMmEwHhcNMjMwMTAyMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU3MmZlYmJhYmU2MDUyMDVkMjkxOWJkNDA5NTExZDNmYTY4NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAA6UDP01C2y/hBanmuJXYW4DHIB
0u+OJ6EMvTErCOce6FdJ2xJlrgXnM/MBirye/tpihYYsmNX34Q8QeCqWvx9+RGAq
J9R3ljULyYT/XFO6g7XZIVwr0jnxeYaf0PHKzVCJHuQvty0ENVHoEz+7sOje/Bm8
vNx2TvpKz1BeHHCGQw0IBqdcdN555fgnlYgXKaUtz2rxmtOC1qo8ZnMB45GGfBY4
D4/9CUcebpBbFJrqN9vE5hSpoGYHC6+5AbVx21ODUXsySQj/V9Lb9+lUphtNr9pe
1/z2neIYX90b0GbIHIZvDRzSjI9cVatA66nmsxm1n/eI/XerNsPZRhIFcQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNjnL+u6vmBSBdKRm9QJUR0/poQpMB8GA1UdIwQY
MBaAFFRYSiGfb1Bm2EjtKrlk2olm1AoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZoS0laOXZVR2JZU08wcXVXVGFpV2JVQ2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kZDNkZDEtMDliNS00YWEyLWFlYzAt
OWZiMWNlNGQ3MjBiLzEvMk9jdjY3cS1ZRklGMHBHYjFBbFJIVC1taENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kZDNkZDEtMDliNS00YWEyLWFlYzAtOWZiMWNlNGQ3MjBi
LzEvVkZoS0laOXZVR2JZU08wcXVXVGFpV2JVQ2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9TyAwQA
W+fdMA8EAgACMAkDBwAgAQZ8AkwwDQYJKoZIhvcNAQELBQADggEBAG8chWq78oH7
iUr3iAyFadSuVkNAp3VSGCBtVYGJ4FLkPOAoezSN9NkwhuN0pvZpXYPsYvEYug/n
hhDqKf/KY7hOFg/E4DPiIGR7m2MEEbq1f5+KvYJStbg+Ow91YFt2KHxQcxm/E8bt
x+AzrMzdkQkqBozY4MmZ4YBXK+jrcVUNQLkH4uYBxYN8aAzEUGHY0utB1yZmyma9
iimS5b3T85ynNS/V/IMWjgJlZwjRRsEfv7dhUlPee1L/GPShYPthi4bp7d0Px4cI
VU8DRARogQ4jBolq1az5y1svCfU/8QbMHgkXmC20+5//7ShkFWjWi7a5O+iuXKbA
w7w9N9mbokI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:20 2025 by rpki-client