Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5c0b4a-2da4-43a5-9289-1937bde8cd6f/1/pl0QLmgQeGoAtmh4GaqTpfDBzik.roa
File: pl0QLmgQeGoAtmh4GaqTpfDBzik.roa (raw, json)
Hash identifier: 5Tf+iuX5xjU1wZpD0oX5if0vs3Tj2n5I1DsZdufwvOc=
Subject key identifier: A6:5D:10:2E:68:10:78:6A:00:B6:68:78:19:AA:93:A5:F0:C1:CE:29
Certificate issuer: /CN=9a918b80cbb32737a46b244869a6ad5509543fa1
Certificate serial: 018615F656D11A04B14B412FE53A4432F231
Authority key identifier: 9A:91:8B:80:CB:B3:27:37:A4:6B:24:48:69:A6:AD:55:09:54:3F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpGLgMuzJzekayRIaaatVQlUP6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5c0b4a-2da4-43a5-9289-1937bde8cd6f/1/pl0QLmgQeGoAtmh4GaqTpfDBzik.roa
Signing time: Fri 03 Feb 2023 06:28:30 +0000
ROA not before: Fri 03 Feb 2023 06:28:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51347
IP address blocks: 91.247.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:15:f6:56:d1:1a:04:b1:4b:41:2f:e5:3a:44:32:f2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a918b80cbb32737a46b244869a6ad5509543fa1
Validity
Not Before: Feb 3 06:28:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a65d102e6810786a00b6687819aa93a5f0c1ce29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:21:fa:90:e8:d7:aa:57:8e:1b:d1:2f:9c:38:
44:3d:b7:bd:d5:95:2d:45:af:16:34:9f:e0:5a:38:
b0:5b:d5:86:49:3f:db:4e:d0:26:f7:e8:66:34:f4:
aa:af:9d:f3:3b:25:f0:74:4f:1a:ea:47:79:2b:bd:
c8:87:54:8c:10:8c:35:9b:35:28:88:28:8b:97:fe:
aa:52:aa:98:44:2a:e9:a6:68:a9:1a:78:c6:af:7b:
f9:47:69:0e:57:ba:c6:10:49:5a:43:e6:12:4e:77:
1c:da:71:1a:a3:04:6c:6e:34:56:fa:66:84:e7:e9:
2f:d6:99:cb:6e:28:9a:8b:f5:58:f1:fa:f1:11:38:
c8:80:9f:8b:69:2c:d7:f8:fc:8c:90:9e:8f:ab:77:
64:df:3b:d2:40:ea:5a:96:f3:de:ff:6c:b0:39:dd:
85:ec:cb:87:2d:57:b7:47:94:ec:11:72:39:79:bf:
74:40:ac:fc:ff:56:00:2a:c2:1d:8d:a9:f4:30:a9:
32:89:68:b4:26:02:02:c1:47:ad:50:e4:67:d5:31:
8e:60:79:46:94:f5:23:26:b0:8d:c4:9e:b9:1b:8b:
14:d7:4d:5a:40:e6:cb:88:d2:2b:59:ad:bf:e3:e4:
ec:74:59:e6:fa:bb:6c:4b:6d:bc:75:40:a9:42:d0:
e7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5D:10:2E:68:10:78:6A:00:B6:68:78:19:AA:93:A5:F0:C1:CE:29
X509v3 Authority Key Identifier:
keyid:9A:91:8B:80:CB:B3:27:37:A4:6B:24:48:69:A6:AD:55:09:54:3F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpGLgMuzJzekayRIaaatVQlUP6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5c0b4a-2da4-43a5-9289-1937bde8cd6f/1/pl0QLmgQeGoAtmh4GaqTpfDBzik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5c0b4a-2da4-43a5-9289-1937bde8cd6f/1/mpGLgMuzJzekayRIaaatVQlUP6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.72.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:85:76:36:5d:05:29:fc:b0:a9:ba:57:e3:54:91:0a:4f:86:
3c:ae:ca:4d:86:44:e5:c4:13:dd:f5:42:f2:28:5c:16:b6:78:
a6:40:3b:82:e8:51:56:de:92:2e:40:b3:c6:bb:3a:02:b8:59:
f8:7b:5a:0d:c9:9c:f0:ae:6c:73:e3:4b:ec:97:f9:23:aa:47:
95:94:86:ee:6a:8e:bd:93:bd:4f:2b:69:27:f1:fd:69:6b:bc:
ca:80:00:89:3a:e7:90:db:8f:5f:09:13:19:b9:82:67:bf:d8:
d2:38:ce:d2:45:75:64:c2:5a:85:2a:51:7d:37:6e:f0:2a:0e:
c5:e6:8f:8c:e2:73:b1:d3:d9:cc:bc:b9:12:32:04:75:95:d6:
bf:ba:6b:b3:64:c5:1f:f2:df:29:89:d3:d9:6d:e7:cd:3a:a3:
5f:85:74:7f:4a:df:a0:23:c6:0b:a1:19:d6:96:97:b7:e8:96:
9f:cd:fa:80:49:60:42:3b:ab:ac:76:77:70:5d:78:8f:ec:2e:
8b:ce:64:8d:fe:78:d6:30:c1:6e:65:6f:16:73:ab:06:ad:b1:
ac:b8:cc:ae:f7:8f:50:b4:2f:d3:4c:fc:56:23:e2:27:08:d8:
03:31:54:bd:46:50:7b:9c:66:27:28:8f:6a:01:1d:6a:18:17:
e2:75:53:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYV9lbRGgSxS0Ev5TpEMvIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTE4YjgwY2JiMzI3MzdhNDZiMjQ0ODY5YTZhZDU1MDk1
NDNmYTEwHhcNMjMwMjAzMDYyODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjVkMTAyZTY4MTA3ODZhMDBiNjY4NzgxOWFhOTNhNWYwYzFjZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCH6kOjXqleOG9EvnDhEPbe91ZUt
Ra8WNJ/gWjiwW9WGST/bTtAm9+hmNPSqr53zOyXwdE8a6kd5K73Ih1SMEIw1mzUo
iCiLl/6qUqqYRCrppmipGnjGr3v5R2kOV7rGEElaQ+YSTncc2nEaowRsbjRW+maE
5+kv1pnLbiiai/VY8frxETjIgJ+LaSzX+PyMkJ6Pq3dk3zvSQOpalvPe/2ywOd2F
7MuHLVe3R5TsEXI5eb90QKz8/1YAKsIdjan0MKkyiWi0JgICwUetUORn1TGOYHlG
lPUjJrCNxJ65G4sU101aQObLiNIrWa2/4+TsdFnm+rtsS228dUCpQtDnowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZdEC5oEHhqALZoeBmqk6Xwwc4pMB8GA1UdIwQY
MBaAFJqRi4DLsyc3pGskSGmmrVUJVD+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBHTGdNdXpKemVrYXlSSWFhYXRWUWxVUDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YzBiNGEtMmRhNC00M2E1LTkyODkt
MTkzN2JkZThjZDZmLzEvcGwwUUxtZ1FlR29BdG1oNEdhcVRwZkRCemlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YzBiNGEtMmRhNC00M2E1LTkyODktMTkzN2JkZThjZDZm
LzEvbXBHTGdNdXpKemVrYXlSSWFhYXRWUWxVUDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/dIMA0G
CSqGSIb3DQEBCwUAA4IBAQBchXY2XQUp/LCpulfjVJEKT4Y8rspNhkTlxBPd9ULy
KFwWtnimQDuC6FFW3pIuQLPGuzoCuFn4e1oNyZzwrmxz40vsl/kjqkeVlIbuao69
k71PK2kn8f1pa7zKgACJOueQ249fCRMZuYJnv9jSOM7SRXVkwlqFKlF9N27wKg7F
5o+M4nOx09nMvLkSMgR1lda/umuzZMUf8t8pidPZbefNOqNfhXR/St+gI8YLoRnW
lpe36JafzfqASWBCO6usdndwXXiP7C6LzmSN/njWMMFuZW8Wc6sGrbGsuMyu949Q
tC/TTPxWI+InCNgDMVS9RlB7nGYnKI9qAR1qGBfidVPR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:00 2025 by rpki-client