Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/hVfH3U1maE5Eb-IQCV7cn-CPoKQ.roa
File: hVfH3U1maE5Eb-IQCV7cn-CPoKQ.roa (raw, json)
Hash identifier: 8a/9j71LJsYYvKZz/kPCroSRcj6/tN04gv/BjBPW6DU=
Subject key identifier: 85:57:C7:DD:4D:66:68:4E:44:6F:E2:10:09:5E:DC:9F:E0:8F:A0:A4
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 018572BA42D6A7CEBCB0BCD80BB8635BA8F7
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/hVfH3U1maE5Eb-IQCV7cn-CPoKQ.roa
Signing time: Mon 02 Jan 2023 13:44:47 +0000
ROA not before: Mon 02 Jan 2023 13:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57903
IP address blocks: 91.236.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:42:d6:a7:ce:bc:b0:bc:d8:0b:b8:63:5b:a8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 2 13:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8557c7dd4d66684e446fe210095edc9fe08fa0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f9:2f:d6:3d:a6:9b:fc:fb:77:5f:49:94:75:
2d:48:db:b4:aa:af:23:2f:14:57:d4:7a:b9:36:f5:
9b:d3:95:a5:02:dd:5e:a3:45:f7:3d:82:89:d9:82:
5a:55:68:d5:6f:ff:67:47:9d:42:0b:cc:cc:1d:c3:
b4:18:ca:b9:2b:af:34:4d:c3:43:ca:d3:69:26:ed:
4d:ff:1e:49:f7:d0:6a:98:71:a1:de:1b:3a:b3:c0:
6f:81:e0:fa:4f:e0:0e:36:5b:12:c5:34:1f:82:7a:
26:81:1e:9b:36:b8:a0:32:9f:10:3d:95:64:39:d9:
4d:3f:05:3a:52:69:9c:a9:a2:9a:16:5e:0a:e3:b0:
1d:7b:ff:a3:bb:7e:f4:c7:86:90:59:54:18:a1:15:
e0:b2:8c:38:8f:24:a9:5d:96:45:67:0d:8c:18:53:
dd:d2:f2:fa:87:b5:5b:00:c3:de:6e:4a:ac:61:15:
71:7c:ad:a8:6b:39:38:2f:c0:24:12:e9:74:e9:eb:
fd:21:04:4b:7a:e6:f4:73:a4:97:ac:96:33:66:45:
29:7e:21:61:89:71:aa:6c:22:32:b1:ee:01:af:d4:
f9:f9:3a:58:6a:45:e6:5c:e7:cf:66:3d:ef:21:d1:
1e:3f:0a:35:5e:b9:c4:70:f8:92:21:14:c9:fd:8a:
c7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:57:C7:DD:4D:66:68:4E:44:6F:E2:10:09:5E:DC:9F:E0:8F:A0:A4
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/hVfH3U1maE5Eb-IQCV7cn-CPoKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:ac:10:cb:1e:67:9e:91:2f:dd:d3:e0:ea:6e:41:53:b6:cf:
d1:98:b2:40:c3:7b:6a:3e:b4:0a:74:f8:0f:e8:cd:1f:be:d5:
4a:62:1a:10:cd:8a:d8:8b:58:6e:a9:b0:26:e2:24:92:24:1e:
4c:93:58:19:42:e1:f7:73:3a:b4:d7:90:02:45:e1:c2:3e:8f:
4b:44:53:6a:32:3f:00:5b:6b:55:ea:13:f0:81:f3:ee:65:36:
c4:52:c5:d5:32:3d:d9:de:f9:58:b3:7c:e7:d2:29:0d:0a:33:
f1:40:16:0e:3e:cc:72:1d:46:99:92:a4:71:2e:43:ea:64:10:
67:6a:f5:e4:df:4a:29:02:69:7b:23:ed:9f:35:1f:d9:87:02:
15:dd:83:3f:ee:19:21:35:e1:93:ed:17:48:43:22:c4:82:e0:
28:5c:b2:3a:2d:81:92:f6:3b:1f:38:c0:51:3d:98:11:f7:9e:
9e:67:3b:9f:3b:3f:47:3f:6b:b8:90:21:35:c8:0a:a0:1d:be:
41:0c:a9:8b:6d:fc:d7:cf:de:fa:bd:96:54:b5:ba:48:29:85:
3e:07:d4:6e:d4:f2:26:6f:dc:ae:37:d9:ae:10:8a:d9:0c:2d:
9c:06:dc:61:b1:e1:b3:43:51:76:bd:97:9e:b3:01:7b:78:99:
9b:82:79:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyukLWp868sLzYC7hjW6j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5
ZDNiYWUwHhcNMjMwMTAyMTM0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU3YzdkZDRkNjY2ODRlNDQ2ZmUyMTAwOTVlZGM5ZmUwOGZhMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvkv1j2mm/z7d19JlHUtSNu0qq8j
LxRX1Hq5NvWb05WlAt1eo0X3PYKJ2YJaVWjVb/9nR51CC8zMHcO0GMq5K680TcND
ytNpJu1N/x5J99BqmHGh3hs6s8BvgeD6T+AONlsSxTQfgnomgR6bNrigMp8QPZVk
OdlNPwU6UmmcqaKaFl4K47Ade/+ju370x4aQWVQYoRXgsow4jySpXZZFZw2MGFPd
0vL6h7VbAMPebkqsYRVxfK2oazk4L8AkEul06ev9IQRLeub0c6SXrJYzZkUpfiFh
iXGqbCIyse4Br9T5+TpYakXmXOfPZj3vIdEePwo1XrnEcPiSIRTJ/YrH9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVXx91NZmhORG/iEAle3J/gj6CkMB8GA1UdIwQY
MBaAFDTVGSR0Arz73w7OkCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQt
ZmJkMzk5YTQ0NzVlLzEvaFZmSDNVMW1hRTVFYi1JUUNWN2NuLUNQb0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVl
LzEvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+xyMA0G
CSqGSIb3DQEBCwUAA4IBAQArrBDLHmeekS/d0+DqbkFTts/RmLJAw3tqPrQKdPgP
6M0fvtVKYhoQzYrYi1huqbAm4iSSJB5Mk1gZQuH3czq015ACReHCPo9LRFNqMj8A
W2tV6hPwgfPuZTbEUsXVMj3Z3vlYs3zn0ikNCjPxQBYOPsxyHUaZkqRxLkPqZBBn
avXk30opAml7I+2fNR/ZhwIV3YM/7hkhNeGT7RdIQyLEguAoXLI6LYGS9jsfOMBR
PZgR956eZzufOz9HP2u4kCE1yAqgHb5BDKmLbfzXz976vZZUtbpIKYU+B9Ru1PIm
b9yuN9muEIrZDC2cBtxhseGzQ1F2vZeeswF7eJmbgnkG
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:42:44 2025 by rpki-client