Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/ANgNhf8uKS3s4ckcnb-bXfDIBkU.roa
File: ANgNhf8uKS3s4ckcnb-bXfDIBkU.roa (raw, json)
Hash identifier: YJm775t7nxnWzUidRa2R5LxdScc8UMa0nx5T38UuWXs=
Subject key identifier: 00:D8:0D:85:FF:2E:29:2D:EC:E1:C9:1C:9D:BF:9B:5D:F0:C8:06:45
Certificate issuer: /CN=71071c85a3482958f87f032b6463198c7fd9eb07
Certificate serial: 018571BA1F062B37127828697714705C7832
Authority key identifier: 71:07:1C:85:A3:48:29:58:F8:7F:03:2B:64:63:19:8C:7F:D9:EB:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQcchaNIKVj4fwMrZGMZjH_Z6wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/ANgNhf8uKS3s4ckcnb-bXfDIBkU.roa
Signing time: Mon 02 Jan 2023 09:05:01 +0000
ROA not before: Mon 02 Jan 2023 09:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212285
IP address blocks: 91.243.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:1f:06:2b:37:12:78:28:69:77:14:70:5c:78:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71071c85a3482958f87f032b6463198c7fd9eb07
Validity
Not Before: Jan 2 09:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00d80d85ff2e292dece1c91c9dbf9b5df0c80645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:78:00:60:66:92:01:1a:76:0e:50:04:20:eb:
b8:c8:47:0a:ae:6a:a2:34:6a:15:e2:ba:bf:e3:7f:
43:82:a5:27:f6:f6:d2:e9:41:ec:d4:6b:9d:54:f7:
6d:a1:17:70:b8:3b:b0:58:de:47:59:d7:15:f7:11:
fb:a2:89:63:82:7f:c8:ed:5d:6a:b6:02:e4:44:57:
bb:95:b3:35:4b:f8:6a:0c:f0:60:d8:6a:f7:4c:12:
c3:c3:fd:ef:d5:6d:8f:f5:dc:60:9b:91:09:db:9d:
82:21:26:6a:ee:4b:4e:d4:c5:f3:f4:d3:0c:a2:67:
89:57:1c:2a:ed:5f:12:52:dd:13:db:9d:44:19:9b:
5f:0c:d2:63:fb:5b:20:82:ae:03:15:93:56:35:02:
fc:a5:cd:b8:d6:3c:b5:d3:42:a6:7e:eb:50:6d:62:
16:c8:cc:70:71:87:0a:15:93:6a:25:48:4c:a0:22:
8b:2a:13:cf:4e:a2:9a:8d:73:42:06:71:ba:10:37:
68:5b:87:8c:1e:74:ef:56:b2:d1:d6:b7:e2:d3:4c:
30:11:53:16:43:72:3e:3e:1f:d8:db:f0:c7:b5:67:
16:73:9f:41:32:fc:8c:2b:ac:f6:6a:eb:67:d4:04:
9f:9c:a8:b0:d4:d2:2f:a7:5d:9a:aa:c8:20:5f:f7:
05:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D8:0D:85:FF:2E:29:2D:EC:E1:C9:1C:9D:BF:9B:5D:F0:C8:06:45
X509v3 Authority Key Identifier:
keyid:71:07:1C:85:A3:48:29:58:F8:7F:03:2B:64:63:19:8C:7F:D9:EB:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQcchaNIKVj4fwMrZGMZjH_Z6wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/ANgNhf8uKS3s4ckcnb-bXfDIBkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/cQcchaNIKVj4fwMrZGMZjH_Z6wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.116.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c9:34:01:0b:06:97:cd:e7:f0:32:d6:72:de:fd:a6:b6:cb:
7e:df:b2:ca:06:3c:63:cf:c2:24:fb:f9:28:58:10:cb:ac:f1:
6d:7a:db:6a:f1:17:31:7d:83:a3:27:8a:85:23:cd:b6:03:4d:
4c:35:de:fd:d5:2d:8e:80:5d:6f:af:75:96:7b:66:f5:27:0e:
d9:be:38:bb:68:4e:2f:58:44:c4:ef:87:e4:0b:bb:d5:d8:0a:
f7:7a:d9:01:bc:d1:1c:01:d8:83:41:d4:c8:da:9a:73:2c:79:
de:8c:bb:81:c1:f7:58:d2:fa:75:cd:07:99:d7:d8:80:bf:25:
02:34:ee:04:57:b2:1f:1f:26:a2:67:bf:a9:67:9e:09:75:f5:
e8:ec:1a:fc:17:e0:96:35:a8:f8:76:bb:c5:7f:73:d7:1e:fb:
60:8c:47:88:db:dd:4f:10:c4:07:2b:d7:d0:52:1c:8f:27:bb:
ba:2f:3d:a3:62:ff:cc:92:2b:e9:6c:2a:0d:bb:2c:ec:1c:da:
1c:30:a3:1f:74:ed:d0:c9:15:03:50:87:71:4f:3c:a3:b0:ae:
34:2c:89:10:c3:a2:b4:78:00:31:fa:ce:06:d6:4d:be:a2:a9:
0f:c2:1c:58:4f:16:f8:6d:86:66:16:a8:4e:05:ff:b3:ea:c2:
94:44:c1:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxuh8GKzcSeChpdxRwXHgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDcxYzg1YTM0ODI5NThmODdmMDMyYjY0NjMxOThjN2Zk
OWViMDcwHhcNMjMwMTAyMDkwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQ4MGQ4NWZmMmUyOTJkZWNlMWM5MWM5ZGJmOWI1ZGYwYzgwNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ngAYGaSARp2DlAEIOu4yEcKrmqi
NGoV4rq/439DgqUn9vbS6UHs1GudVPdtoRdwuDuwWN5HWdcV9xH7ooljgn/I7V1q
tgLkRFe7lbM1S/hqDPBg2Gr3TBLDw/3v1W2P9dxgm5EJ252CISZq7ktO1MXz9NMM
omeJVxwq7V8SUt0T251EGZtfDNJj+1sggq4DFZNWNQL8pc241jy100KmfutQbWIW
yMxwcYcKFZNqJUhMoCKLKhPPTqKajXNCBnG6EDdoW4eMHnTvVrLR1rfi00wwEVMW
Q3I+Ph/Y2/DHtWcWc59BMvyMK6z2autn1ASfnKiw1NIvp12aqsggX/cFkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADYDYX/Likt7OHJHJ2/m13wyAZFMB8GA1UdIwQY
MBaAFHEHHIWjSClY+H8DK2RjGYx/2esHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FjY2hhTklLVmo0ZndNclpHTVpqSF9aNndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9mODYxZjItYmY4My00MjQxLWJiNmEt
YWVmZDgwODcyNTMyLzEvQU5nTmhmOHVLUzNzNGNrY25iLWJYZkRJQmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9mODYxZjItYmY4My00MjQxLWJiNmEtYWVmZDgwODcyNTMy
LzEvY1FjY2hhTklLVmo0ZndNclpHTVpqSF9aNndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/N0MA0G
CSqGSIb3DQEBCwUAA4IBAQAqyTQBCwaXzefwMtZy3v2mtst+37LKBjxjz8Ik+/ko
WBDLrPFtettq8RcxfYOjJ4qFI822A01MNd791S2OgF1vr3WWe2b1Jw7Zvji7aE4v
WETE74fkC7vV2Ar3etkBvNEcAdiDQdTI2ppzLHnejLuBwfdY0vp1zQeZ19iAvyUC
NO4EV7IfHyaiZ7+pZ54JdfXo7Br8F+CWNaj4drvFf3PXHvtgjEeI291PEMQHK9fQ
UhyPJ7u6Lz2jYv/MkivpbCoNuyzsHNocMKMfdO3QyRUDUIdxTzyjsK40LIkQw6K0
eAAx+s4G1k2+oqkPwhxYTxb4bYZmFqhOBf+z6sKURMFO
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:11:44 2025 by rpki-client