Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/89afba-4fed-42ef-a751-f5ff9afc3266/1/9Rtz7LyAIr84ZjYq3-ucYPSavrM.roa
File: 9Rtz7LyAIr84ZjYq3-ucYPSavrM.roa (raw, json)
Hash identifier: V5XuASf9i6dMl0DdZpUA+R3x27Ksr0AVPbcISgD/gC4=
Subject key identifier: F5:1B:73:EC:BC:80:22:BF:38:66:36:2A:DF:EB:9C:60:F4:9A:BE:B3
Certificate issuer: /CN=9a764d8d3ae725b45e0d4807f612ec3d1f2a3f4f
Certificate serial: 01856CF85387F9DB96B4ADBF2ED2976098CE
Authority key identifier: 9A:76:4D:8D:3A:E7:25:B4:5E:0D:48:07:F6:12:EC:3D:1F:2A:3F:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnZNjTrnJbReDUgH9hLsPR8qP08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/89afba-4fed-42ef-a751-f5ff9afc3266/1/9Rtz7LyAIr84ZjYq3-ucYPSavrM.roa
Signing time: Sun 01 Jan 2023 10:54:51 +0000
ROA not before: Sun 01 Jan 2023 10:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41880
IP address blocks: 91.102.208.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:53:87:f9:db:96:b4:ad:bf:2e:d2:97:60:98:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a764d8d3ae725b45e0d4807f612ec3d1f2a3f4f
Validity
Not Before: Jan 1 10:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f51b73ecbc8022bf3866362adfeb9c60f49abeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:10:4e:5e:10:3b:29:e4:34:65:8f:41:02:7b:
69:75:65:cc:8e:32:05:0c:7f:ab:24:cb:6c:ad:f8:
72:6d:05:02:a0:21:d1:81:7d:9d:9b:a3:de:6a:5e:
7d:cd:fd:a2:1a:88:e2:c2:64:4c:d7:89:a4:34:0f:
69:69:0c:84:da:76:56:70:aa:5e:07:a8:14:02:af:
59:a5:a6:fd:19:81:ff:9a:6c:55:1f:ab:e3:1c:fa:
8c:85:2f:f9:16:ae:24:5b:a7:05:fc:6a:5a:4a:a6:
50:37:f3:c2:f2:d8:55:44:42:ea:74:26:e4:04:ed:
01:d7:b8:6a:9c:f0:5f:20:6e:1d:e6:0f:b0:13:09:
bc:33:50:49:59:9c:4b:54:d8:dd:fb:ed:de:1c:53:
c2:bc:27:14:2a:81:72:8f:01:d6:37:a4:4e:f2:6b:
e6:b2:2e:32:74:99:2e:a4:a0:2e:b5:ea:b6:81:fc:
e2:e5:da:9e:5a:68:a0:b9:01:ca:54:45:e0:45:07:
8e:e1:ba:e0:53:a4:a0:38:a4:77:19:fc:93:9d:3a:
37:ec:e7:95:dc:e2:02:fa:fd:62:5e:99:79:04:b0:
66:e0:be:68:a9:2a:60:de:b5:bf:4d:d6:d5:35:ef:
47:e0:d5:b9:ea:a4:a1:b7:b5:29:f1:23:e3:a7:93:
29:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1B:73:EC:BC:80:22:BF:38:66:36:2A:DF:EB:9C:60:F4:9A:BE:B3
X509v3 Authority Key Identifier:
keyid:9A:76:4D:8D:3A:E7:25:B4:5E:0D:48:07:F6:12:EC:3D:1F:2A:3F:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnZNjTrnJbReDUgH9hLsPR8qP08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/89afba-4fed-42ef-a751-f5ff9afc3266/1/9Rtz7LyAIr84ZjYq3-ucYPSavrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/89afba-4fed-42ef-a751-f5ff9afc3266/1/mnZNjTrnJbReDUgH9hLsPR8qP08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.208.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:0e:27:7a:95:d3:09:10:cd:d2:a0:99:9a:b8:ca:f5:2d:ce:
af:93:77:11:7a:75:ea:ff:70:a2:c2:cf:0b:70:e9:88:de:d4:
45:00:a2:7e:0e:50:69:10:da:b8:78:a8:fc:3c:36:b1:0e:a5:
e3:0c:5d:6a:a1:55:d2:c4:96:9a:cb:ff:cd:04:d2:ff:27:79:
06:ad:f8:60:09:92:2b:ea:96:4b:0b:11:1c:64:16:6d:22:25:
80:a0:4d:e6:af:4d:86:74:e1:e3:a8:9f:63:10:a6:70:61:dd:
7c:da:18:58:8a:59:d6:e9:a1:7f:4d:3d:c3:ec:19:e6:03:f2:
28:63:f7:f6:87:cf:74:ab:0a:fc:5b:6b:00:c1:aa:94:dc:8a:
31:6a:b4:ff:4d:b9:cc:63:ae:5b:6b:2f:12:c2:8c:9b:0e:3a:
c5:3e:5f:5b:5c:3f:59:aa:fd:45:bd:fe:a7:87:e3:2f:4e:be:
87:18:e6:d6:23:0e:97:83:ec:29:ae:75:15:3f:09:60:9b:57:
18:4b:ef:d2:a8:93:0e:c1:10:76:dc:8b:e5:6e:20:89:6f:36:
08:72:b9:af:f5:12:95:64:03:b8:f0:14:ff:dc:82:e7:31:6a:
86:d2:88:98:6c:28:62:9b:34:cf:43:37:be:f7:96:34:1e:4c:
97:f0:f3:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+FOH+duWtK2/LtKXYJjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzY0ZDhkM2FlNzI1YjQ1ZTBkNDgwN2Y2MTJlYzNkMWYy
YTNmNGYwHhcNMjMwMTAxMTA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFiNzNlY2JjODAyMmJmMzg2NjM2MmFkZmViOWM2MGY0OWFiZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRBOXhA7KeQ0ZY9BAntpdWXMjjIF
DH+rJMtsrfhybQUCoCHRgX2dm6Peal59zf2iGojiwmRM14mkNA9paQyE2nZWcKpe
B6gUAq9Zpab9GYH/mmxVH6vjHPqMhS/5Fq4kW6cF/GpaSqZQN/PC8thVRELqdCbk
BO0B17hqnPBfIG4d5g+wEwm8M1BJWZxLVNjd++3eHFPCvCcUKoFyjwHWN6RO8mvm
si4ydJkupKAuteq2gfzi5dqeWmiguQHKVEXgRQeO4brgU6SgOKR3GfyTnTo37OeV
3OIC+v1iXpl5BLBm4L5oqSpg3rW/TdbVNe9H4NW56qSht7Up8SPjp5MpNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUbc+y8gCK/OGY2Kt/rnGD0mr6zMB8GA1UdIwQY
MBaAFJp2TY065yW0Xg1IB/YS7D0fKj9PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5aTmpUcm5KYlJlRFVnSDloTHNQUjhxUDA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC84OWFmYmEtNGZlZC00MmVmLWE3NTEt
ZjVmZjlhZmMzMjY2LzEvOVJ0ejdMeUFJcjg0WmpZcTMtdWNZUFNhdnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC84OWFmYmEtNGZlZC00MmVmLWE3NTEtZjVmZjlhZmMzMjY2
LzEvbW5aTmpUcm5KYlJlRFVnSDloTHNQUjhxUDA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2bQMA0G
CSqGSIb3DQEBCwUAA4IBAQBsDid6ldMJEM3SoJmauMr1Lc6vk3cRenXq/3Ciws8L
cOmI3tRFAKJ+DlBpENq4eKj8PDaxDqXjDF1qoVXSxJaay//NBNL/J3kGrfhgCZIr
6pZLCxEcZBZtIiWAoE3mr02GdOHjqJ9jEKZwYd182hhYilnW6aF/TT3D7BnmA/Io
Y/f2h890qwr8W2sAwaqU3IoxarT/TbnMY65bay8SwoybDjrFPl9bXD9Zqv1Fvf6n
h+MvTr6HGObWIw6Xg+wprnUVPwlgm1cYS+/SqJMOwRB23IvlbiCJbzYIcrmv9RKV
ZAO48BT/3ILnMWqG0oiYbChimzTPQze+95Y0HkyX8PMp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:17 2025 by rpki-client