Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/V51UQlli4QJxg620CNKBILBDSVM.roa
File: V51UQlli4QJxg620CNKBILBDSVM.roa (raw, json)
Hash identifier: R15BXNZpniury+Bl89Hb7wNEhE+VZii8Zh0yzU+cQqo=
Subject key identifier: 57:9D:54:42:59:62:E1:02:71:83:AD:B4:08:D2:81:20:B0:43:49:53
Certificate issuer: /CN=1f0f78a55a5be5c01db803f438ca611b7f150307
Certificate serial: 01856CF84F1F86D4F85A3590C4B707D3CA29
Authority key identifier: 1F:0F:78:A5:5A:5B:E5:C0:1D:B8:03:F4:38:CA:61:1B:7F:15:03:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hw94pVpb5cAduAP0OMphG38VAwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/V51UQlli4QJxg620CNKBILBDSVM.roa
Signing time: Sun 01 Jan 2023 10:54:50 +0000
ROA not before: Sun 01 Jan 2023 10:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209653
IP address blocks: 91.220.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:4f:1f:86:d4:f8:5a:35:90:c4:b7:07:d3:ca:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f0f78a55a5be5c01db803f438ca611b7f150307
Validity
Not Before: Jan 1 10:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=579d54425962e1027183adb408d28120b0434953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:84:cd:f6:f0:2a:b7:f1:45:a3:b0:42:38:18:
5c:d7:d6:1a:32:2f:f6:6f:7a:b1:25:9a:34:8a:2a:
78:50:0e:42:06:4e:87:d3:45:f8:c8:d5:78:d1:b1:
6b:20:fe:97:ac:5d:27:45:11:d0:eb:9b:ff:51:70:
09:2f:d5:88:db:a7:79:74:bb:31:b6:13:7f:52:84:
60:07:e7:06:9b:95:21:17:c0:81:cc:c8:b5:d4:1e:
5c:bf:cd:5c:3e:1a:da:4c:da:d1:1c:d8:16:23:b2:
aa:14:30:4d:a6:c9:ad:2f:14:e8:5f:2e:82:45:e3:
c7:bf:7b:cf:dc:0e:db:f7:28:be:e0:23:20:0d:c0:
c1:d4:47:a1:67:e0:d1:2e:ea:f8:f0:c5:2d:91:24:
f0:76:b4:7b:d9:58:13:69:de:06:96:f8:62:d5:2b:
fe:b4:a8:8f:f5:df:f7:e8:91:36:49:8b:9c:4e:7f:
4c:d8:7b:73:08:08:52:37:7b:81:bb:6f:7e:fe:78:
28:c0:2d:b8:94:68:60:d1:c4:51:48:ed:cd:8e:d2:
5c:78:c6:06:2d:a0:05:a2:ab:e3:ee:19:e8:89:ed:
88:7e:75:97:d5:2d:13:a6:95:11:92:72:7a:b8:2a:
99:c5:82:c3:ed:76:62:e4:18:64:d9:57:ee:6e:8c:
b0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9D:54:42:59:62:E1:02:71:83:AD:B4:08:D2:81:20:B0:43:49:53
X509v3 Authority Key Identifier:
keyid:1F:0F:78:A5:5A:5B:E5:C0:1D:B8:03:F4:38:CA:61:1B:7F:15:03:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hw94pVpb5cAduAP0OMphG38VAwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/V51UQlli4QJxg620CNKBILBDSVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/Hw94pVpb5cAduAP0OMphG38VAwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.30.0/24
Signature Algorithm: sha256WithRSAEncryption
92:54:16:c0:21:73:d2:ce:2b:3e:d1:bb:47:8a:03:39:cf:01:
cf:29:11:53:91:7f:4a:a7:d0:f8:4c:1e:4c:a4:a6:28:7d:ab:
f7:bb:11:1e:3f:a9:8b:d7:aa:72:7b:72:1c:b0:64:49:e8:68:
eb:b8:49:b9:55:ec:47:bf:b4:5c:0d:10:28:38:02:9a:d4:27:
a2:89:25:da:28:76:69:27:61:17:9a:30:92:57:93:6e:c6:0d:
7d:d2:6b:4c:10:14:2d:b4:5f:25:7b:db:31:c3:6c:07:e4:d8:
7f:be:a9:bf:42:43:8a:82:1e:01:77:9a:5e:cc:02:82:a2:eb:
0c:2e:d8:97:2e:49:43:0a:c6:b8:2e:36:0c:5d:98:77:fb:f6:
2d:29:1c:66:fc:46:fd:a2:fa:76:c3:1b:f8:ef:a3:90:c5:03:
c4:82:d5:40:26:36:38:25:b2:75:2a:46:b1:66:77:6d:86:19:
30:07:0b:1b:63:50:7b:22:22:9f:6d:52:96:3a:bf:2e:3e:b1:
9f:70:95:16:6a:78:a8:a7:fb:de:da:7c:7f:4c:31:81:ce:97:
e7:2e:da:f6:52:b2:56:26:86:37:07:be:87:a9:49:22:a9:26:
5d:dd:0f:cc:42:f5:e3:e2:cb:41:89:2c:c9:51:a2:27:e4:7a:
70:86:4a:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+E8fhtT4WjWQxLcH08opMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMGY3OGE1NWE1YmU1YzAxZGI4MDNmNDM4Y2E2MTFiN2Yx
NTAzMDcwHhcNMjMwMTAxMTA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzlkNTQ0MjU5NjJlMTAyNzE4M2FkYjQwOGQyODEyMGIwNDM0OTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoTN9vAqt/FFo7BCOBhc19YaMi/2
b3qxJZo0iip4UA5CBk6H00X4yNV40bFrIP6XrF0nRRHQ65v/UXAJL9WI26d5dLsx
thN/UoRgB+cGm5UhF8CBzMi11B5cv81cPhraTNrRHNgWI7KqFDBNpsmtLxToXy6C
RePHv3vP3A7b9yi+4CMgDcDB1EehZ+DRLur48MUtkSTwdrR72VgTad4Glvhi1Sv+
tKiP9d/36JE2SYucTn9M2HtzCAhSN3uBu29+/ngowC24lGhg0cRRSO3NjtJceMYG
LaAFoqvj7hnoie2IfnWX1S0TppURknJ6uCqZxYLD7XZi5Bhk2VfuboywuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFedVEJZYuECcYOttAjSgSCwQ0lTMB8GA1UdIwQY
MBaAFB8PeKVaW+XAHbgD9DjKYRt/FQMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHc5NHBWcGI1Y0FkdUFQME9NcGhHMzhWQXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hNTBjN2MtODc4YS00N2ZkLTgxMDct
NzlmMTA1YWVmOGQ2LzEvVjUxVVFsbGk0UUp4ZzYyMENOS0JJTEJEU1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9hNTBjN2MtODc4YS00N2ZkLTgxMDctNzlmMTA1YWVmOGQ2
LzEvSHc5NHBWcGI1Y0FkdUFQME9NcGhHMzhWQXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9weMA0G
CSqGSIb3DQEBCwUAA4IBAQCSVBbAIXPSzis+0btHigM5zwHPKRFTkX9Kp9D4TB5M
pKYofav3uxEeP6mL16pye3IcsGRJ6GjruEm5VexHv7RcDRAoOAKa1CeiiSXaKHZp
J2EXmjCSV5Nuxg190mtMEBQttF8le9sxw2wH5Nh/vqm/QkOKgh4Bd5pezAKCousM
LtiXLklDCsa4LjYMXZh3+/YtKRxm/Eb9ovp2wxv476OQxQPEgtVAJjY4JbJ1Kkax
ZndthhkwBwsbY1B7IiKfbVKWOr8uPrGfcJUWaniop/ve2nx/TDGBzpfnLtr2UrJW
JoY3B76HqUkiqSZd3Q/MQvXj4stBiSzJUaIn5Hpwhko3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:32 2025 by rpki-client