Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/1Tm1ax9RZRmQMHNtsnaKc23EKoQ.roa
File: 1Tm1ax9RZRmQMHNtsnaKc23EKoQ.roa (raw, json)
Hash identifier: LIqHBGFCIXZCPM0muRJsBflsa9qZjBIV5rXm2CoVMZ0=
Subject key identifier: D5:39:B5:6B:1F:51:65:19:90:30:73:6D:B2:76:8A:73:6D:C4:2A:84
Certificate issuer: /CN=505cd61a9f6de9dacc0d3c921706df7d50afbd6f
Certificate serial: 01856BF7E53C292406D5FC19FDE03F9F90BB
Authority key identifier: 50:5C:D6:1A:9F:6D:E9:DA:CC:0D:3C:92:17:06:DF:7D:50:AF:BD:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/1Tm1ax9RZRmQMHNtsnaKc23EKoQ.roa
Signing time: Sun 01 Jan 2023 06:14:46 +0000
ROA not before: Sun 01 Jan 2023 06:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49282
IP address blocks: 91.194.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:f7:e5:3c:29:24:06:d5:fc:19:fd:e0:3f:9f:90:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505cd61a9f6de9dacc0d3c921706df7d50afbd6f
Validity
Not Before: Jan 1 06:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d539b56b1f5165199030736db2768a736dc42a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:df:07:53:1e:f1:3a:31:19:27:a0:34:b5:84:
74:45:51:5e:9f:44:3f:11:48:68:96:29:14:c9:8e:
a8:c7:47:da:e0:ea:dc:1d:2f:e7:d0:19:aa:88:e8:
45:85:91:8d:cd:62:58:fd:d2:73:15:f9:b1:7d:c0:
d7:36:6c:4a:44:1d:0a:aa:fe:e0:47:2b:09:21:99:
c9:3d:9f:64:a7:51:d8:54:f5:10:19:ee:1a:42:9b:
00:2e:3e:41:92:97:96:90:c0:19:e2:79:42:b1:2c:
44:4c:d2:e8:e3:5c:d3:90:93:78:5c:d7:7b:2b:80:
20:39:10:16:69:63:e7:b9:e2:dd:e1:75:77:45:22:
78:15:c8:90:20:c6:4b:63:c1:ff:df:ee:2d:8d:02:
46:f3:ad:0b:cb:d6:b8:62:3d:6a:b5:33:f7:4d:e9:
9b:06:39:35:97:5c:c0:01:81:fd:2e:8e:a9:0c:2a:
8e:07:46:7f:f6:8f:9f:f8:e6:3b:34:af:af:33:61:
12:96:02:c1:b5:11:8f:98:60:7a:4a:a0:55:4f:b9:
85:24:48:bb:9d:0d:af:d0:59:08:84:25:aa:97:2c:
1d:0d:dc:4e:86:be:ed:42:94:28:75:fe:ee:3f:8f:
49:74:33:96:6b:9d:a2:1a:59:a8:11:4b:d1:64:02:
36:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:39:B5:6B:1F:51:65:19:90:30:73:6D:B2:76:8A:73:6D:C4:2A:84
X509v3 Authority Key Identifier:
keyid:50:5C:D6:1A:9F:6D:E9:DA:CC:0D:3C:92:17:06:DF:7D:50:AF:BD:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/1Tm1ax9RZRmQMHNtsnaKc23EKoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.27.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e0:c8:88:15:e1:c6:e1:6e:6e:ce:25:2b:7b:5a:48:53:25:
e9:e8:7a:84:27:33:ff:90:29:9e:15:a9:bf:18:de:fa:41:5b:
f7:e7:6a:89:83:6e:b6:5d:bd:41:eb:ab:d2:4c:b6:d8:fc:e7:
c9:40:c1:b8:eb:6b:27:41:6d:96:16:50:4d:39:9c:e3:47:6b:
74:25:6d:9d:d5:b4:d9:1e:1d:9c:f0:77:3d:0a:e9:40:2d:1d:
72:25:66:a3:a9:c0:c0:56:44:b3:b0:75:3d:29:d9:59:9b:40:
a8:3d:22:74:84:84:bb:b1:58:78:ff:34:1c:d3:7f:94:e1:c0:
34:71:7e:a7:92:83:ed:fa:45:57:ba:20:28:81:37:e2:94:45:
09:17:4b:10:89:72:3f:2e:2a:fc:07:70:b0:7c:37:9e:30:df:
c7:19:c3:37:48:57:da:04:00:57:79:9f:8f:04:df:1c:c0:80:
36:45:23:99:42:58:bb:9b:82:da:6f:91:27:4c:f8:bd:80:ac:
d6:f5:89:a8:28:bd:d0:fc:2f:10:ec:21:63:0d:95:de:1f:cb:
89:4e:9c:89:b6:ee:5f:37:8c:d1:e6:a2:28:6e:2e:4b:fb:b7:
a1:e7:56:92:4c:91:69:bb:e2:69:6a:fc:da:da:eb:91:e9:69:
ec:a1:f8:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr9+U8KSQG1fwZ/eA/n5C7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNWNkNjFhOWY2ZGU5ZGFjYzBkM2M5MjE3MDZkZjdkNTBh
ZmJkNmYwHhcNMjMwMTAxMDYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM5YjU2YjFmNTE2NTE5OTAzMDczNmRiMjc2OGE3MzZkYzQyYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt8HUx7xOjEZJ6A0tYR0RVFen0Q/
EUholikUyY6ox0fa4OrcHS/n0BmqiOhFhZGNzWJY/dJzFfmxfcDXNmxKRB0Kqv7g
RysJIZnJPZ9kp1HYVPUQGe4aQpsALj5BkpeWkMAZ4nlCsSxETNLo41zTkJN4XNd7
K4AgORAWaWPnueLd4XV3RSJ4FciQIMZLY8H/3+4tjQJG860Ly9a4Yj1qtTP3Temb
Bjk1l1zAAYH9Lo6pDCqOB0Z/9o+f+OY7NK+vM2ESlgLBtRGPmGB6SqBVT7mFJEi7
nQ2v0FkIhCWqlywdDdxOhr7tQpQodf7uP49JdDOWa52iGlmoEUvRZAI2pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNU5tWsfUWUZkDBzbbJ2inNtxCqEMB8GA1UdIwQY
MBaAFFBc1hqfbenazA08khcG331Qr71vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMzczNWEtZWNjYy00MWQ3LWI3MjMt
ZTAxMjM3YjVmYzEwLzEvMVRtMWF4OVJaUm1RTUhOdHNuYUtjMjNFS29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMzczNWEtZWNjYy00MWQ3LWI3MjMtZTAxMjM3YjVmYzEw
LzEvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8IbMA0G
CSqGSIb3DQEBCwUAA4IBAQBO4MiIFeHG4W5uziUre1pIUyXp6HqEJzP/kCmeFam/
GN76QVv352qJg262Xb1B66vSTLbY/OfJQMG462snQW2WFlBNOZzjR2t0JW2d1bTZ
Hh2c8Hc9CulALR1yJWajqcDAVkSzsHU9KdlZm0CoPSJ0hIS7sVh4/zQc03+U4cA0
cX6nkoPt+kVXuiAogTfilEUJF0sQiXI/Lir8B3CwfDeeMN/HGcM3SFfaBABXeZ+P
BN8cwIA2RSOZQli7m4Lab5EnTPi9gKzW9YmoKL3Q/C8Q7CFjDZXeH8uJTpyJtu5f
N4zR5qIobi5L+7eh51aSTJFpu+Jpavza2uuR6WnsofgX
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:19 2025 by rpki-client