Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/28c5b6-23f0-45fb-9b21-294d9cf79e2e/1/d3QPc8V_jJjcNPRj5FtDeCsnwTk.roa
File: d3QPc8V_jJjcNPRj5FtDeCsnwTk.roa (raw, json)
Hash identifier: hmjPVCJNtGdLraOWJL5M2GyEF8qz0TkjLqnqjq1b34k=
Subject key identifier: 77:74:0F:73:C5:7F:8C:98:DC:34:F4:63:E4:5B:43:78:2B:27:C1:39
Certificate issuer: /CN=4728eba001359cdd418346f651c0a187c89fbabf
Certificate serial: 01856CAF41221E76F75D16B3D38752EFBA68
Authority key identifier: 47:28:EB:A0:01:35:9C:DD:41:83:46:F6:51:C0:A1:87:C8:9F:BA:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyjroAE1nN1Bg0b2UcChh8ifur8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/28c5b6-23f0-45fb-9b21-294d9cf79e2e/1/d3QPc8V_jJjcNPRj5FtDeCsnwTk.roa
Signing time: Sun 01 Jan 2023 09:35:02 +0000
ROA not before: Sun 01 Jan 2023 09:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198286
IP address blocks: 91.233.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:41:22:1e:76:f7:5d:16:b3:d3:87:52:ef:ba:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4728eba001359cdd418346f651c0a187c89fbabf
Validity
Not Before: Jan 1 09:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77740f73c57f8c98dc34f463e45b43782b27c139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dc:71:1f:2c:1f:02:b1:30:00:2d:e5:15:98:
1e:b9:be:8d:05:c6:85:d1:94:f6:3e:5e:0d:b6:1d:
e6:da:81:76:6f:25:89:18:08:87:d9:01:24:cc:6f:
36:8e:c2:de:82:5f:e8:b9:3d:8d:12:71:95:c3:b4:
8f:bc:28:9e:4b:df:27:14:72:2f:69:22:07:3f:e5:
99:44:c2:db:e9:39:c2:33:a3:8c:0b:a8:58:f5:a0:
91:0a:ef:c2:08:92:03:39:c5:46:92:a9:23:f5:26:
0f:26:01:b4:af:73:b4:03:ac:79:db:0a:db:64:73:
9e:8d:88:59:7b:bd:f6:66:8c:28:d9:41:57:b9:ac:
14:99:b8:b7:b7:6f:56:db:04:6e:0f:9b:71:33:9c:
36:c2:95:ef:11:a8:97:69:04:fc:f0:02:88:f8:35:
3d:de:eb:a5:42:b3:94:35:11:85:67:6c:8d:a2:32:
98:bf:d3:7e:ac:f4:33:c4:2e:bf:46:f4:ef:78:e3:
9f:25:8d:a6:0e:4b:fb:b6:d6:b2:0d:48:72:49:8f:
e2:a8:3a:8e:90:3e:8c:3b:22:d3:a1:84:17:21:a0:
86:53:ed:84:7f:90:35:d1:90:12:d3:94:a9:a0:63:
17:a4:e3:04:01:5a:e5:9f:f7:1c:cb:e9:b7:9e:9e:
ac:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:74:0F:73:C5:7F:8C:98:DC:34:F4:63:E4:5B:43:78:2B:27:C1:39
X509v3 Authority Key Identifier:
keyid:47:28:EB:A0:01:35:9C:DD:41:83:46:F6:51:C0:A1:87:C8:9F:BA:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyjroAE1nN1Bg0b2UcChh8ifur8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/28c5b6-23f0-45fb-9b21-294d9cf79e2e/1/d3QPc8V_jJjcNPRj5FtDeCsnwTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/28c5b6-23f0-45fb-9b21-294d9cf79e2e/1/RyjroAE1nN1Bg0b2UcChh8ifur8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.51.0/24
Signature Algorithm: sha256WithRSAEncryption
69:16:e8:2d:64:83:36:13:d9:23:ff:4a:5a:0e:b1:90:51:04:
8c:d9:af:aa:55:57:8a:04:fc:2e:39:6a:5c:3d:07:44:10:70:
68:c3:94:13:23:bf:d7:91:3c:f6:67:47:db:dc:1d:af:95:98:
e1:5e:de:4f:bc:34:d4:8e:12:8c:8a:13:05:6e:5a:89:cf:3d:
b6:5f:68:b2:a2:92:42:f2:92:00:54:de:9f:6f:f3:fe:88:7f:
e4:20:54:03:d4:f1:c3:06:99:62:40:e7:f5:25:81:f2:43:ed:
73:0f:d8:f5:b6:c6:4f:d7:c5:9e:c2:3c:41:e2:7f:90:df:2b:
22:97:f8:8e:dd:34:0c:ed:02:0d:9a:55:a8:81:d0:e3:67:37:
8c:8d:8a:cd:8a:f2:77:c3:37:4b:12:48:cd:ba:69:7d:56:3a:
0b:f3:12:71:46:b3:b3:79:ef:1c:da:6d:93:29:3e:54:cc:3c:
4f:ee:f8:83:f8:ec:81:43:8d:af:ad:34:15:98:62:37:d5:66:
be:18:51:b7:d8:80:9c:df:64:01:6e:62:12:f4:2e:86:57:1d:
71:05:7b:40:e5:fe:48:41:2e:ed:fd:af:12:4d:a5:03:ce:1d:
63:ae:a6:12:b3:58:33:25:08:fe:94:5c:49:af:30:43:b5:77:
c3:00:33:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsr0EiHnb3XRaz04dS77poMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjhlYmEwMDEzNTljZGQ0MTgzNDZmNjUxYzBhMTg3Yzg5
ZmJhYmYwHhcNMjMwMTAxMDkzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzc0MGY3M2M1N2Y4Yzk4ZGMzNGY0NjNlNDViNDM3ODJiMjdjMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptxxHywfArEwAC3lFZgeub6NBcaF
0ZT2Pl4Nth3m2oF2byWJGAiH2QEkzG82jsLegl/ouT2NEnGVw7SPvCieS98nFHIv
aSIHP+WZRMLb6TnCM6OMC6hY9aCRCu/CCJIDOcVGkqkj9SYPJgG0r3O0A6x52wrb
ZHOejYhZe732Zowo2UFXuawUmbi3t29W2wRuD5txM5w2wpXvEaiXaQT88AKI+DU9
3uulQrOUNRGFZ2yNojKYv9N+rPQzxC6/RvTveOOfJY2mDkv7ttayDUhySY/iqDqO
kD6MOyLToYQXIaCGU+2Ef5A10ZAS05SpoGMXpOMEAVrln/ccy+m3np6sIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHd0D3PFf4yY3DT0Y+RbQ3grJ8E5MB8GA1UdIwQY
MBaAFEco66ABNZzdQYNG9lHAoYfIn7q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlqcm9BRTFuTjFCZzBiMlVjQ2hoOGlmdXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yOGM1YjYtMjNmMC00NWZiLTliMjEt
Mjk0ZDljZjc5ZTJlLzEvZDNRUGM4Vl9qSmpjTlBSajVGdERlQ3Nud1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8yOGM1YjYtMjNmMC00NWZiLTliMjEtMjk0ZDljZjc5ZTJl
LzEvUnlqcm9BRTFuTjFCZzBiMlVjQ2hoOGlmdXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kzMA0G
CSqGSIb3DQEBCwUAA4IBAQBpFugtZIM2E9kj/0paDrGQUQSM2a+qVVeKBPwuOWpc
PQdEEHBow5QTI7/XkTz2Z0fb3B2vlZjhXt5PvDTUjhKMihMFblqJzz22X2iyopJC
8pIAVN6fb/P+iH/kIFQD1PHDBpliQOf1JYHyQ+1zD9j1tsZP18WewjxB4n+Q3ysi
l/iO3TQM7QINmlWogdDjZzeMjYrNivJ3wzdLEkjNuml9VjoL8xJxRrOzee8c2m2T
KT5UzDxP7viD+OyBQ42vrTQVmGI31Wa+GFG32ICc32QBbmIS9C6GVx1xBXtA5f5I
QS7t/a8STaUDzh1jrqYSs1gzJQj+lFxJrzBDtXfDADNz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:56 2025 by rpki-client