Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/nd4mfWLSHWwtvH_uK_l_vYQfuj0.roa
File: nd4mfWLSHWwtvH_uK_l_vYQfuj0.roa (raw, json)
Hash identifier: vVSWePQjrsx3MeJ7NKVcZZ1iQZ0FWiKz6eXrmBtF6xU=
Subject key identifier: 9D:DE:26:7D:62:D2:1D:6C:2D:BC:7F:EE:2B:F9:7F:BD:84:1F:BA:3D
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 1C5D612A
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/nd4mfWLSHWwtvH_uK_l_vYQfuj0.roa
Signing time: Sat 01 Jan 2022 11:57:34 +0000
ROA not before: Sat 01 Jan 2022 11:57:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31465
IP address blocks: 91.215.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 475881770 (0x1c5d612a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jan 1 11:57:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dde267d62d21d6c2dbc7fee2bf97fbd841fba3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:46:39:74:e8:8c:e2:68:ea:4f:a4:26:28:db:
15:e3:86:5c:e5:7f:a0:55:8c:35:9c:55:9e:b9:8d:
b9:0f:39:30:bc:22:5d:36:df:ac:a1:0a:89:db:41:
77:e1:0a:70:66:48:56:10:22:fc:50:bb:4e:c6:d5:
c9:af:dc:50:1b:c6:a5:9b:33:03:9a:00:1b:91:3e:
40:ca:b6:4a:df:b0:9c:2f:85:c4:0b:21:c6:55:5e:
8d:16:8f:f2:fb:3d:3d:63:e1:67:ab:84:20:73:94:
10:59:bd:30:e6:08:86:07:4c:52:ed:3d:e0:83:f7:
47:3b:de:06:48:1a:59:50:9d:59:fe:5e:ef:f9:6a:
a7:05:f5:a8:ec:28:16:64:ca:b0:b4:56:fd:da:c6:
f2:77:b6:9b:ce:28:4b:f9:47:ba:af:cb:28:4f:78:
60:f3:f5:ce:7a:d3:27:b4:ad:0c:0a:4e:27:57:ea:
2e:67:8a:69:95:67:10:7d:e6:74:4c:91:48:0e:e3:
77:4b:5a:70:d3:2e:15:86:44:d8:0d:5a:69:6b:7c:
40:5e:c0:b2:a2:9f:1b:77:bb:b5:af:dc:ae:d6:52:
a1:6d:cb:83:0a:26:81:ea:33:c3:f3:97:49:80:97:
70:07:81:4f:3f:db:ce:e9:81:ba:e4:80:56:f4:97:
c7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DE:26:7D:62:D2:1D:6C:2D:BC:7F:EE:2B:F9:7F:BD:84:1F:BA:3D
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/nd4mfWLSHWwtvH_uK_l_vYQfuj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.138.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e9:6a:19:ea:92:2d:27:8c:a6:c0:2e:91:be:8b:f5:0f:fd:
fc:77:88:c3:c7:03:60:34:12:4a:99:34:1b:51:91:62:7b:f5:
d5:18:9c:32:42:93:ce:37:0b:8c:5d:49:f4:55:1e:1b:62:a5:
7a:de:d3:7e:50:ee:62:34:44:90:7f:58:05:5a:e9:bf:15:08:
3e:e0:ca:36:b2:e8:6e:9e:73:5b:1d:3c:a7:ef:ff:6e:bd:f2:
cf:0e:d6:fd:8a:64:6a:8a:ff:08:e8:af:bb:26:d4:c4:27:0f:
e2:fa:05:5f:18:83:78:81:f8:ce:03:9d:8a:54:f0:bb:4e:60:
de:fa:84:0d:1a:ef:14:b0:c9:e8:a6:61:b7:d9:f0:f5:93:96:
cc:c2:5d:89:a1:57:18:e0:c3:02:74:c5:fd:20:a0:b8:a7:7a:
47:d8:1e:26:33:6d:ca:0a:3e:be:07:da:e7:5a:6a:e9:44:90:
3e:33:16:c2:32:67:76:75:61:1f:91:21:73:a0:1f:72:a7:f4:
6f:d2:33:8c:59:6f:99:0d:14:ed:78:0b:d9:7b:4d:d0:fe:25:
a9:73:d6:53:41:5b:a0:6e:03:fc:7d:91:52:d2:ab:b5:14:3a:
1b:4a:d9:1f:12:42:ce:d6:2e:1a:f3:79:52:0a:47:b7:f8:42:
e2:47:1e:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHF1hKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODQ3YjU5ZDIxZWEzNmIzMDYyZmNhODBjZTc1YzE2MTZhZjUxMTlhMB4XDTIyMDEw
MTExNTczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRkZTI2N2Q2MmQy
MWQ2YzJkYmM3ZmVlMmJmOTdmYmQ4NDFmYmEzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxGOXTojOJo6k+kJijbFeOGXOV/oFWMNZxVnrmNuQ85MLwi
XTbfrKEKidtBd+EKcGZIVhAi/FC7TsbVya/cUBvGpZszA5oAG5E+QMq2St+wnC+F
xAshxlVejRaP8vs9PWPhZ6uEIHOUEFm9MOYIhgdMUu094IP3RzveBkgaWVCdWf5e
7/lqpwX1qOwoFmTKsLRW/drG8ne2m84oS/lHuq/LKE94YPP1znrTJ7StDApOJ1fq
LmeKaZVnEH3mdEyRSA7jd0tacNMuFYZE2A1aaWt8QF7AsqKfG3e7ta/crtZSoW3L
gwomgeozw/OXSYCXcAeBTz/bzumBuuSAVvSXx0ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSd3iZ9YtIdbC28f+4r+X+9hB+6PTAfBgNVHSMEGDAWgBQYR7WdIeo2swYv
yoDOdcFhavURmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dFZTFuU0hxTnJNR0w4cUF6blhCWVdyMUVaby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvMzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIxNy8x
L25kNG1mV0xTSFd3dHZIX3VLX2xfdllRZnVqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
MzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIxNy8xL0dFZTFuU0hxTnJN
R0w4cUF6blhCWVdyMUVaby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvXijANBgkqhkiG9w0BAQsFAAOC
AQEAHOlqGeqSLSeMpsAukb6L9Q/9/HeIw8cDYDQSSpk0G1GRYnv11RicMkKTzjcL
jF1J9FUeG2Klet7TflDuYjREkH9YBVrpvxUIPuDKNrLobp5zWx08p+//br3yzw7W
/Ypkaor/COivuybUxCcP4voFXxiDeIH4zgOdilTwu05g3vqEDRrvFLDJ6KZht9nw
9ZOWzMJdiaFXGODDAnTF/SCguKd6R9geJjNtygo+vgfa51pq6USQPjMWwjJndnVh
H5Ehc6Afcqf0b9IzjFlvmQ0U7XgL2XtN0P4lqXPWU0FboG4D/H2RUtKrtRQ6G0rZ
HxJCztYuGvN5UgpHt/hC4kce7w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:22 2025 by rpki-client