Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/2166a8-357c-4cf6-b6f2-f8d6d1a74b1d/1/1WBTIYpK7ipkMHDheh8HKyDb34o.roa
File: 1WBTIYpK7ipkMHDheh8HKyDb34o.roa (raw, json)
Hash identifier: h1G/AUDI0rbItDrVc7vNQruf3I2NZgsyqxCsjgLsqyc=
Subject key identifier: D5:60:53:21:8A:4A:EE:2A:64:30:70:E1:7A:1F:07:2B:20:DB:DF:8A
Certificate issuer: /CN=7e39825b26775e1551072f457d1edfd9d0ebe2df
Certificate serial: 018B94E0EBC092D140CE16B01909289D91B7
Authority key identifier: 7E:39:82:5B:26:77:5E:15:51:07:2F:45:7D:1E:DF:D9:D0:EB:E2:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fjmCWyZ3XhVRBy9FfR7f2dDr4t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/2166a8-357c-4cf6-b6f2-f8d6d1a74b1d/1/1WBTIYpK7ipkMHDheh8HKyDb34o.roa
Signing time: Fri 03 Nov 2023 11:10:50 +0000
ROA not before: Fri 03 Nov 2023 11:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48219
IP address blocks: 91.223.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:e0:eb:c0:92:d1:40:ce:16:b0:19:09:28:9d:91:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e39825b26775e1551072f457d1edfd9d0ebe2df
Validity
Not Before: Nov 3 11:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d56053218a4aee2a643070e17a1f072b20dbdf8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:6b:2c:11:97:b6:a8:90:db:25:15:80:03:
1d:c0:c6:52:74:2e:e2:e9:7d:5e:e5:a0:c3:f7:3d:
54:a7:fb:67:a6:b3:36:b7:39:18:f8:b3:6d:62:84:
d2:ff:5b:63:4b:4c:0b:5c:6e:00:25:c5:ce:fc:23:
bb:25:48:8a:ab:b0:3f:87:8a:33:70:65:03:32:7b:
78:dd:ed:bd:de:88:b2:7d:32:08:9f:79:0c:ca:91:
aa:9f:e8:91:3c:79:99:0a:cb:03:ca:5d:86:f6:ed:
7d:fc:a3:5e:97:eb:46:cd:d7:38:6c:80:cb:a5:f1:
fe:f5:4e:24:c1:cb:2e:7c:60:63:dc:8b:a3:ad:09:
2c:98:7f:b2:03:e5:5e:0c:56:9c:4b:6f:29:83:9f:
50:1c:66:32:68:8b:ae:5e:1d:66:c1:f1:07:09:a9:
6c:0c:ee:f6:67:7e:a3:8f:3d:c2:23:b0:16:cc:8d:
4f:6f:22:20:25:4f:38:50:99:a1:78:6c:f4:8d:17:
78:ce:88:89:86:81:83:38:46:f8:84:f4:67:82:c6:
6c:21:d9:0e:bc:a7:d8:7d:b2:ce:18:a0:8d:0d:1f:
5a:19:dd:12:98:e3:da:1b:87:4d:8d:38:b3:b0:9e:
61:bc:5b:bb:15:62:d8:b0:5a:ef:04:ff:0d:de:93:
12:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:60:53:21:8A:4A:EE:2A:64:30:70:E1:7A:1F:07:2B:20:DB:DF:8A
X509v3 Authority Key Identifier:
keyid:7E:39:82:5B:26:77:5E:15:51:07:2F:45:7D:1E:DF:D9:D0:EB:E2:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fjmCWyZ3XhVRBy9FfR7f2dDr4t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2166a8-357c-4cf6-b6f2-f8d6d1a74b1d/1/1WBTIYpK7ipkMHDheh8HKyDb34o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2166a8-357c-4cf6-b6f2-f8d6d1a74b1d/1/fjmCWyZ3XhVRBy9FfR7f2dDr4t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.137.0/24
Signature Algorithm: sha256WithRSAEncryption
28:49:79:c7:a3:1f:4a:4d:e3:56:9d:fd:d3:c0:f9:09:ce:75:
f2:8a:f3:17:8f:bb:0f:31:ff:76:33:c4:32:0b:a0:e0:d0:63:
1e:cb:17:02:16:e0:02:e8:ed:6d:75:0f:ee:1f:e8:40:ca:30:
70:dc:11:11:3e:0c:91:8b:98:e7:c5:f7:b5:9a:8c:87:43:5a:
e4:47:f6:66:d2:60:c7:1e:84:6e:7e:42:1c:31:2e:6b:11:a1:
a0:b8:79:05:a8:dd:4c:e3:14:0b:39:c0:c4:99:ab:d4:9b:5f:
cd:3c:30:ff:25:c3:74:fb:65:58:1f:c9:5d:41:19:8f:14:09:
f3:b8:2a:4f:e7:df:ad:d9:2f:53:00:f1:5a:c3:9a:9a:76:32:
ae:cd:5a:06:0a:ec:f9:cf:c8:e0:a7:02:dc:83:e1:95:c7:90:
a2:3d:ed:38:21:1a:1c:dc:82:7c:ee:17:32:74:37:ac:dc:09:
e7:3f:c5:8c:a3:36:41:1f:80:e0:f9:96:16:b7:43:a9:60:80:
8c:23:f5:ca:db:f7:2c:6d:eb:5f:14:5d:fd:ce:3f:54:31:9a:
5c:9b:9b:ec:af:19:b0:f8:8c:c5:21:df:a0:04:12:a3:7d:db:
b0:28:d0:29:4e:e6:40:b8:1e:0e:95:64:06:94:40:d0:0c:84:
0a:71:35:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuU4OvAktFAzhawGQkonZG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMzk4MjViMjY3NzVlMTU1MTA3MmY0NTdkMWVkZmQ5ZDBl
YmUyZGYwHhcNMjMxMTAzMTExMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTYwNTMyMThhNGFlZTJhNjQzMDcwZTE3YTFmMDcyYjIwZGJkZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHNrLBGXtqiQ2yUVgAMdwMZSdC7i
6X1e5aDD9z1Up/tnprM2tzkY+LNtYoTS/1tjS0wLXG4AJcXO/CO7JUiKq7A/h4oz
cGUDMnt43e293oiyfTIIn3kMypGqn+iRPHmZCssDyl2G9u19/KNel+tGzdc4bIDL
pfH+9U4kwcsufGBj3IujrQksmH+yA+VeDFacS28pg59QHGYyaIuuXh1mwfEHCals
DO72Z36jjz3CI7AWzI1PbyIgJU84UJmheGz0jRd4zoiJhoGDOEb4hPRngsZsIdkO
vKfYfbLOGKCNDR9aGd0SmOPaG4dNjTizsJ5hvFu7FWLYsFrvBP8N3pMSnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVgUyGKSu4qZDBw4XofBysg29+KMB8GA1UdIwQY
MBaAFH45glsmd14VUQcvRX0e39nQ6+LfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmptQ1d5WjNYaFZSQnk5RmZSN2YyZERyNHQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8yMTY2YTgtMzU3Yy00Y2Y2LWI2ZjIt
ZjhkNmQxYTc0YjFkLzEvMVdCVElZcEs3aXBrTUhEaGVoOEhLeURiMzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8yMTY2YTgtMzU3Yy00Y2Y2LWI2ZjItZjhkNmQxYTc0YjFk
LzEvZmptQ1d5WjNYaFZSQnk5RmZSN2YyZERyNHQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+JMA0G
CSqGSIb3DQEBCwUAA4IBAQAoSXnHox9KTeNWnf3TwPkJznXyivMXj7sPMf92M8Qy
C6Dg0GMeyxcCFuAC6O1tdQ/uH+hAyjBw3BERPgyRi5jnxfe1moyHQ1rkR/Zm0mDH
HoRufkIcMS5rEaGguHkFqN1M4xQLOcDEmavUm1/NPDD/JcN0+2VYH8ldQRmPFAnz
uCpP59+t2S9TAPFaw5qadjKuzVoGCuz5z8jgpwLcg+GVx5CiPe04IRoc3IJ87hcy
dDes3AnnP8WMozZBH4Dg+ZYWt0OpYICMI/XK2/csbetfFF39zj9UMZpcm5vsrxmw
+IzFId+gBBKjfduwKNApTuZAuB4OlWQGlEDQDIQKcTW1
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:34:44 2025 by rpki-client