Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eU9-oMCGTPEx3Yb3_NdAPMptVmc.roa
File: eU9-oMCGTPEx3Yb3_NdAPMptVmc.roa (raw, json)
Hash identifier: v2Z2tDpIVva5XINHSjXmgi1+x7F2L+BVfgfNyreeoTs=
Subject key identifier: 79:4F:7E:A0:C0:86:4C:F1:31:DD:86:F7:FC:D7:40:3C:CA:6D:56:67
Certificate issuer: /CN=79a295c80b54c2dbe77ba47de7daec6b986021b4
Certificate serial: 01857295D90E6B0B8ADB0C3CD4A1FA1D0484
Authority key identifier: 79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eU9-oMCGTPEx3Yb3_NdAPMptVmc.roa
Signing time: Mon 02 Jan 2023 13:05:01 +0000
ROA not before: Mon 02 Jan 2023 13:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44407
IP address blocks: 91.234.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:d9:0e:6b:0b:8a:db:0c:3c:d4:a1:fa:1d:04:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a295c80b54c2dbe77ba47de7daec6b986021b4
Validity
Not Before: Jan 2 13:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=794f7ea0c0864cf131dd86f7fcd7403cca6d5667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:b9:49:ec:70:dd:f7:ee:57:66:38:bb:e4:
a0:3f:a6:c6:7d:a7:f0:5e:10:a1:0f:50:70:97:a7:
06:f6:21:7f:69:39:0a:2e:f1:d8:c2:d4:b9:40:d7:
c2:e6:5d:f9:40:15:fd:d1:5b:9d:d7:64:8f:27:8e:
8c:8a:42:9a:d0:c6:f1:18:f1:10:8d:f8:26:48:1c:
05:47:ab:e9:72:b5:40:1a:d2:09:8d:97:11:e0:99:
7a:e0:02:90:b4:e5:98:d4:2b:3d:08:93:1c:6b:45:
95:9a:bb:05:0e:65:d1:c9:43:b7:1b:6b:ef:45:a8:
f6:d3:e0:de:b4:db:62:d8:be:a5:7b:b5:9c:ae:cf:
56:19:79:47:ff:21:a6:6a:7b:8c:12:f9:c1:3e:8b:
e9:2f:bd:2f:8d:98:b1:2c:a4:c2:96:0d:2c:96:7f:
c0:ef:5e:73:f3:1c:96:8c:ef:22:9f:cc:8c:ba:1f:
09:48:64:b1:22:20:37:5c:58:a0:17:d0:24:81:36:
ae:e6:41:f4:91:c8:56:06:01:9a:08:f4:3c:94:15:
42:86:24:5c:13:52:52:26:b4:2c:97:58:76:20:71:
4a:27:48:40:a7:6a:53:00:54:0c:d8:5f:c3:69:3b:
81:69:15:af:25:4b:23:c2:68:ca:02:f4:75:16:71:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4F:7E:A0:C0:86:4C:F1:31:DD:86:F7:FC:D7:40:3C:CA:6D:56:67
X509v3 Authority Key Identifier:
keyid:79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eU9-oMCGTPEx3Yb3_NdAPMptVmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eaKVyAtUwtvne6R959rsa5hgIbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.236.0/24
Signature Algorithm: sha256WithRSAEncryption
70:89:d6:9b:b1:04:90:c4:a7:e2:84:a9:6e:b7:34:76:2d:00:
b2:94:f4:73:0a:fa:8f:81:af:25:cb:5d:5c:b8:98:66:9a:81:
58:fc:02:db:8d:ee:24:eb:89:3a:b5:ac:63:50:d4:2a:5d:fa:
f6:5e:9b:81:57:e4:6a:ab:6d:16:d1:d3:cb:86:93:6d:7e:66:
a1:c8:2b:93:a3:cd:ba:2c:f6:ec:07:5b:dc:01:1d:96:13:b5:
b4:7c:70:a8:7a:b3:0d:fd:eb:5c:25:91:2e:a7:48:87:6a:f4:
15:0f:2e:11:42:c3:c8:be:a7:43:09:33:2a:eb:01:a2:1f:54:
68:a8:96:5b:d4:18:50:0f:0d:47:c7:85:33:a1:cf:9a:b9:0a:
d7:9a:15:0f:82:3b:9a:7e:2c:de:71:89:d7:35:3f:aa:1b:c1:
c6:4f:05:aa:6d:d0:a2:d5:8e:9b:2b:1e:1e:14:94:75:44:99:
fb:a8:e3:9c:54:d5:09:39:a2:e1:b9:a3:7f:f6:c2:5a:01:5c:
31:a7:ef:77:27:95:7b:9c:14:25:72:b9:f1:f3:b8:7e:bc:43:
d2:83:bc:d9:0d:f3:c7:49:d1:ad:45:e0:83:10:19:1c:d6:7d:
cf:e3:3f:4e:64:5b:65:a5:cd:ec:cf:d4:22:87:da:38:26:00:
5f:32:98:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyldkOawuK2ww81KH6HQSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTI5NWM4MGI1NGMyZGJlNzdiYTQ3ZGU3ZGFlYzZiOTg2
MDIxYjQwHhcNMjMwMTAyMTMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTRmN2VhMGMwODY0Y2YxMzFkZDg2ZjdmY2Q3NDAzY2NhNmQ1NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFa5Sexw3ffuV2Y4u+SgP6bGfafw
XhChD1Bwl6cG9iF/aTkKLvHYwtS5QNfC5l35QBX90Vud12SPJ46MikKa0MbxGPEQ
jfgmSBwFR6vpcrVAGtIJjZcR4Jl64AKQtOWY1Cs9CJMca0WVmrsFDmXRyUO3G2vv
Raj20+DetNti2L6le7Wcrs9WGXlH/yGmanuMEvnBPovpL70vjZixLKTClg0sln/A
715z8xyWjO8in8yMuh8JSGSxIiA3XFigF9AkgTau5kH0kchWBgGaCPQ8lBVChiRc
E1JSJrQsl1h2IHFKJ0hAp2pTAFQM2F/DaTuBaRWvJUsjwmjKAvR1FnGCBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlPfqDAhkzxMd2G9/zXQDzKbVZnMB8GA1UdIwQY
MBaAFHmilcgLVMLb53ukfefa7GuYYCG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEt
MmJiYjQ4ZWZiMGVkLzEvZVU5LW9NQ0dUUEV4M1liM19OZEFQTXB0Vm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEtMmJiYjQ4ZWZiMGVk
LzEvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rsMA0G
CSqGSIb3DQEBCwUAA4IBAQBwidabsQSQxKfihKlutzR2LQCylPRzCvqPga8ly11c
uJhmmoFY/ALbje4k64k6taxjUNQqXfr2XpuBV+Rqq20W0dPLhpNtfmahyCuTo826
LPbsB1vcAR2WE7W0fHCoerMN/etcJZEup0iHavQVDy4RQsPIvqdDCTMq6wGiH1Ro
qJZb1BhQDw1Hx4Uzoc+auQrXmhUPgjuafizecYnXNT+qG8HGTwWqbdCi1Y6bKx4e
FJR1RJn7qOOcVNUJOaLhuaN/9sJaAVwxp+93J5V7nBQlcrnx87h+vEPSg7zZDfPH
SdGtReCDEBkc1n3P4z9OZFtlpc3sz9Qih9o4JgBfMpjA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:18 2025 by rpki-client