Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/DUtUinCNGzu2DJ5PDWctEzPupQI.roa
File: DUtUinCNGzu2DJ5PDWctEzPupQI.roa (raw, json)
Hash identifier: FQrpBtqmAL85+zQCZTV8uJCmcpEZ6fdVUe0nIUsHqo8=
Subject key identifier: 0D:4B:54:8A:70:8D:1B:3B:B6:0C:9E:4F:0D:67:2D:13:33:EE:A5:02
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 0183404968EE9A889EE6F5A68206ED822852
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/DUtUinCNGzu2DJ5PDWctEzPupQI.roa
Signing time: Thu 15 Sep 2022 08:34:56 +0000
ROA not before: Thu 15 Sep 2022 08:34:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43541
IP address blocks: 91.239.200.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:49:68:ee:9a:88:9e:e6:f5:a6:82:06:ed:82:28:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Sep 15 08:34:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d4b548a708d1b3bb60c9e4f0d672d1333eea502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:96:55:e3:ee:0a:c1:cc:b4:70:7b:d8:6e:50:
bc:01:ec:77:77:db:f9:a6:e1:86:c6:b2:f3:53:18:
bc:4c:5d:5d:ea:88:00:11:37:da:5b:f7:a8:ee:a0:
c2:5b:ca:3e:3b:3d:3b:e2:53:1d:f9:a6:cb:30:2f:
67:b4:d1:fa:24:13:f7:c0:4d:c5:10:a4:80:34:2a:
0c:42:bf:54:3f:5d:3e:5a:70:82:c1:93:e3:f1:85:
ae:a0:45:90:86:6a:46:75:c1:1c:f7:8a:ef:89:84:
25:e3:d5:38:ff:77:e3:e2:15:4e:7d:c5:5a:cc:78:
42:66:4b:78:8c:f6:02:13:24:63:48:8e:c0:d1:d6:
de:ab:c3:e1:a0:9b:a3:be:5f:eb:46:c3:5a:25:68:
40:f9:c4:cb:69:22:70:2d:9e:95:17:7c:54:4e:11:
0e:a0:9d:a2:af:e5:4d:bc:42:03:49:c6:0a:d3:f3:
a8:7a:1f:6a:99:f3:77:32:84:51:27:dc:39:aa:28:
33:aa:27:23:3a:c9:24:39:e6:52:b6:09:28:cd:98:
02:96:8b:e9:62:91:a4:68:e1:af:c3:b9:db:79:41:
aa:ca:e0:f0:ec:87:c9:fb:01:0f:8a:f9:09:d4:e6:
05:d0:5e:61:55:8b:ac:f9:a7:a4:22:a0:61:84:4a:
f8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4B:54:8A:70:8D:1B:3B:B6:0C:9E:4F:0D:67:2D:13:33:EE:A5:02
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/DUtUinCNGzu2DJ5PDWctEzPupQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.200.0/22
Signature Algorithm: sha256WithRSAEncryption
19:5c:b3:7e:dc:91:20:96:45:fd:7c:7b:fc:19:31:ea:3f:df:
b9:07:62:99:d5:5c:07:ab:a2:f2:1d:1d:73:24:be:b4:e5:6b:
d6:30:8d:54:51:dc:d9:75:8c:7c:1b:d1:65:4a:5b:fd:cf:ad:
60:ec:3b:41:d2:a2:58:ec:a3:c6:4b:58:26:fb:cb:f3:6b:df:
fe:58:7c:39:4e:6d:be:65:32:24:4c:00:86:de:65:db:8d:dc:
e8:f1:a0:7c:4d:7c:5b:22:cc:ba:57:56:11:b9:3b:a2:c5:94:
ba:4e:8b:45:3a:72:4c:e5:b5:33:b9:92:a4:9c:d4:6c:27:7f:
aa:0f:f8:75:9c:68:c2:0c:c0:22:9d:86:17:af:70:4a:5b:05:
90:7a:19:a4:b8:38:95:79:36:9b:23:c5:2f:2f:9b:7b:57:ea:
70:81:0f:0b:2a:f4:d3:bd:7b:e2:5b:2c:30:71:32:79:69:58:
70:a6:94:41:34:98:49:f8:b9:34:17:55:10:5c:bd:2d:b0:aa:
9f:90:57:84:1b:d7:82:7b:79:27:c4:e8:89:ac:4e:f8:68:aa:
52:0e:5f:ce:d6:df:b4:dd:4c:e2:b8:96:79:aa:e4:a9:28:eb:
a0:1e:4c:8e:fe:c9:f6:6d:8f:bd:4d:61:f1:89:19:9f:94:7c:
f0:ed:17:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNASWjumoie5vWmggbtgihSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjIwOTE1MDgzNDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRiNTQ4YTcwOGQxYjNiYjYwYzllNGYwZDY3MmQxMzMzZWVhNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZZV4+4Kwcy0cHvYblC8Aex3d9v5
puGGxrLzUxi8TF1d6ogAETfaW/eo7qDCW8o+Oz074lMd+abLMC9ntNH6JBP3wE3F
EKSANCoMQr9UP10+WnCCwZPj8YWuoEWQhmpGdcEc94rviYQl49U4/3fj4hVOfcVa
zHhCZkt4jPYCEyRjSI7A0dbeq8PhoJujvl/rRsNaJWhA+cTLaSJwLZ6VF3xUThEO
oJ2ir+VNvEIDScYK0/Ooeh9qmfN3MoRRJ9w5qigzqicjOskkOeZStgkozZgClovp
YpGkaOGvw7nbeUGqyuDw7IfJ+wEPivkJ1OYF0F5hVYus+aekIqBhhEr40QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1LVIpwjRs7tgyeTw1nLRMz7qUCMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvRFV0VWluQ05HenUyREo1UERXY3RFelB1cFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+/IMA0G
CSqGSIb3DQEBCwUAA4IBAQAZXLN+3JEglkX9fHv8GTHqP9+5B2KZ1VwHq6LyHR1z
JL605WvWMI1UUdzZdYx8G9FlSlv9z61g7DtB0qJY7KPGS1gm+8vza9/+WHw5Tm2+
ZTIkTACG3mXbjdzo8aB8TXxbIsy6V1YRuTuixZS6TotFOnJM5bUzuZKknNRsJ3+q
D/h1nGjCDMAinYYXr3BKWwWQehmkuDiVeTabI8UvL5t7V+pwgQ8LKvTTvXviWyww
cTJ5aVhwppRBNJhJ+Lk0F1UQXL0tsKqfkFeEG9eCe3knxOiJrE74aKpSDl/O1t+0
3UziuJZ5quSpKOugHkyO/sn2bY+9TWHxiRmflHzw7Rf7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:13 2025 by rpki-client