Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/_pMfQaS1vL8wGHxXvTAkmYPpibw.roa
File: _pMfQaS1vL8wGHxXvTAkmYPpibw.roa (raw, json)
Hash identifier: 4xmsUOUHzLRSw4Iv6yS7GBVEudLSIiK4pIPkgm04wQU=
Subject key identifier: FE:93:1F:41:A4:B5:BC:BF:30:18:7C:57:BD:30:24:99:83:E9:89:BC
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 018573BA9F5C50A68219AE40BEC4FCEF7672
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/_pMfQaS1vL8wGHxXvTAkmYPpibw.roa
Signing time: Mon 02 Jan 2023 18:24:48 +0000
ROA not before: Mon 02 Jan 2023 18:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43541
IP address blocks: 91.239.200.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:9f:5c:50:a6:82:19:ae:40:be:c4:fc:ef:76:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jan 2 18:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe931f41a4b5bcbf30187c57bd30249983e989bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ae:5b:17:13:bc:83:cd:10:a0:fe:99:74:2b:
34:2d:9b:74:5d:c4:aa:ef:17:46:06:20:00:d9:5c:
d9:8c:57:3b:b9:59:dc:45:a0:57:5f:52:c4:7a:95:
38:2e:1b:33:4b:f4:ea:1a:12:84:f3:d1:12:bd:bc:
1e:d0:08:b8:04:6c:a9:fb:e7:5e:9a:a2:47:51:7e:
f8:15:0e:f8:fa:4c:6c:02:97:36:a2:93:b7:a0:c2:
68:6c:60:15:4e:3f:7f:af:a0:24:ec:4a:2a:f3:64:
42:26:33:82:0f:22:74:f2:ab:4c:a2:64:6e:9b:ae:
4a:4e:0f:f5:75:4c:9b:8b:ef:09:20:2b:7d:9a:fe:
b0:4b:40:f3:ac:c2:f8:15:e0:66:97:bc:3b:51:3f:
f9:df:fe:a5:2c:ca:f4:1c:e8:f8:d6:fa:89:c7:34:
14:4c:71:c5:d1:26:a5:73:f1:06:75:1a:1d:18:2d:
6e:93:77:a1:11:c3:61:15:d7:2f:b7:76:25:92:a9:
c4:e2:d9:39:55:fa:76:73:ad:b8:da:9c:a5:44:95:
24:f4:1c:11:be:c5:a2:0a:50:9a:c7:b1:63:c4:be:
40:51:60:ef:26:da:11:35:41:3c:54:6e:64:6e:d4:
63:02:49:f5:1b:66:d8:3b:ca:d6:82:a8:94:ac:90:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:93:1F:41:A4:B5:BC:BF:30:18:7C:57:BD:30:24:99:83:E9:89:BC
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/_pMfQaS1vL8wGHxXvTAkmYPpibw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:5d:06:08:93:15:72:0c:e6:53:d7:71:35:c7:21:07:d4:fb:
18:5d:a2:2e:98:52:d5:82:46:ed:ea:13:81:95:fa:82:ee:ac:
2c:dd:fd:33:30:74:81:ba:96:7a:6e:da:66:a4:21:91:62:0f:
2f:19:04:64:b7:46:5f:90:66:b6:48:3a:64:6a:33:65:15:c3:
3e:29:de:1c:cc:ab:d3:72:c4:bd:7b:b7:97:26:43:03:82:21:
3f:da:b8:37:87:b1:fa:3f:95:e1:79:e7:e1:69:90:ee:a7:68:
c4:1f:11:4f:e0:dc:66:fe:dc:72:d5:f9:17:d6:e6:cd:a8:21:
ff:76:c6:0f:55:57:3a:7f:09:d8:bb:b8:b8:7e:cb:26:33:ee:
90:e3:8b:f5:04:66:3a:51:96:39:ca:b3:4f:ba:c8:8e:41:f4:
0c:c0:fb:9d:2c:86:77:f1:be:63:81:a5:8c:df:f9:34:2d:e7:
42:a1:23:22:51:33:5b:78:4f:5f:65:f6:e4:c9:8e:f6:2d:a6:
de:b5:3d:84:a7:31:c3:1a:2a:61:cf:2c:ea:30:30:6b:88:d0:
21:20:3d:e2:c3:1e:8b:9d:7e:93:59:61:7e:09:17:39:f7:5c:
dd:28:2d:52:d8:86:2a:4f:3d:86:9c:8f:46:1b:e6:3d:f3:3f:
77:f3:e3:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzup9cUKaCGa5AvsT873ZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjMwMTAyMTgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTkzMWY0MWE0YjViY2JmMzAxODdjNTdiZDMwMjQ5OTgzZTk4OWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha5bFxO8g80QoP6ZdCs0LZt0XcSq
7xdGBiAA2VzZjFc7uVncRaBXX1LEepU4LhszS/TqGhKE89ESvbwe0Ai4BGyp++de
mqJHUX74FQ74+kxsApc2opO3oMJobGAVTj9/r6Ak7Eoq82RCJjOCDyJ08qtMomRu
m65KTg/1dUybi+8JICt9mv6wS0DzrML4FeBml7w7UT/53/6lLMr0HOj41vqJxzQU
THHF0Salc/EGdRodGC1uk3ehEcNhFdcvt3YlkqnE4tk5Vfp2c6242pylRJUk9BwR
vsWiClCax7FjxL5AUWDvJtoRNUE8VG5kbtRjAkn1G2bYO8rWgqiUrJBglwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6TH0Gktby/MBh8V70wJJmD6Ym8MB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvX3BNZlFhUzF2TDh3R0h4WHZUQWttWVBwaWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCOXQYIkxVyDOZT13E1xyEH1PsYXaIumFLVgkbt6hOB
lfqC7qws3f0zMHSBupZ6btpmpCGRYg8vGQRkt0ZfkGa2SDpkajNlFcM+Kd4czKvT
csS9e7eXJkMDgiE/2rg3h7H6P5XheefhaZDup2jEHxFP4Nxm/txy1fkX1ubNqCH/
dsYPVVc6fwnYu7i4fssmM+6Q44v1BGY6UZY5yrNPusiOQfQMwPudLIZ38b5jgaWM
3/k0LedCoSMiUTNbeE9fZfbkyY72LabetT2EpzHDGiphzyzqMDBriNAhID3iwx6L
nX6TWWF+CRc591zdKC1S2IYqTz2GnI9GG+Y98z938+M+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:18 2025 by rpki-client