Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/v0FSf_uyoxULFCJXeAcnoZlRJ2o.roa
File: v0FSf_uyoxULFCJXeAcnoZlRJ2o.roa (raw, json)
Hash identifier: mAmGcNtdIVvYr9HygmhE8RRzeSi7i+uPD7U/vbJ8iMQ=
Subject key identifier: BF:41:52:7F:FB:B2:A3:15:0B:14:22:57:78:07:27:A1:99:51:27:6A
Certificate issuer: /CN=169ea0275c765e17603eb59eef39e2fab5380ef0
Certificate serial: 01856E54189909E647AC6EF0B4ACE7CB80EE
Authority key identifier: 16:9E:A0:27:5C:76:5E:17:60:3E:B5:9E:EF:39:E2:FA:B5:38:0E:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fp6gJ1x2XhdgPrWe7zni-rU4DvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/v0FSf_uyoxULFCJXeAcnoZlRJ2o.roa
Signing time: Sun 01 Jan 2023 17:14:43 +0000
ROA not before: Sun 01 Jan 2023 17:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44309
IP address blocks: 91.201.172.0/22 maxlen: 24
91.237.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:18:99:09:e6:47:ac:6e:f0:b4:ac:e7:cb:80:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169ea0275c765e17603eb59eef39e2fab5380ef0
Validity
Not Before: Jan 1 17:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf41527ffbb2a3150b142257780727a19951276a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1f:26:bc:b6:48:fd:07:fd:47:ea:57:5f:15:
58:8c:42:34:ca:85:86:f2:7d:0c:c2:2c:4b:54:7a:
bb:42:d4:69:16:36:0b:b7:c4:ce:91:5e:cd:82:9e:
4c:e1:3f:ae:0c:54:c7:3e:05:fd:ba:5d:3f:49:e2:
b5:18:eb:25:3a:fb:25:6a:af:ad:e5:3f:4a:49:ce:
02:30:fa:7d:d2:c9:1a:6b:75:c8:5b:ee:90:2b:26:
3d:16:3c:09:36:f5:8f:67:96:b0:8a:79:fd:4c:f4:
e5:0b:c9:56:8b:0f:f3:e1:22:cb:c8:4f:7d:8d:0a:
82:82:63:17:46:37:83:de:84:39:ca:fe:98:64:ce:
b1:92:8f:73:90:10:34:f4:a2:7d:2a:87:06:d4:fe:
da:e8:7b:d5:70:c3:4b:4b:23:3d:f3:e3:0c:c9:ae:
3b:69:70:c1:6c:cf:a2:e4:b4:18:a0:1b:1a:be:ef:
11:03:58:13:47:b7:20:9f:04:9d:98:a3:0c:c6:ae:
1e:84:a8:5c:39:88:94:d6:bd:4c:83:27:55:bd:80:
19:8b:08:bf:9c:b3:95:d6:55:ef:df:f2:55:b3:3b:
0c:2c:a8:eb:1a:c2:71:a8:c1:c6:e8:95:e7:60:9b:
1c:e7:a3:6b:c7:28:bf:46:1c:4b:17:dc:07:f4:40:
3f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:41:52:7F:FB:B2:A3:15:0B:14:22:57:78:07:27:A1:99:51:27:6A
X509v3 Authority Key Identifier:
keyid:16:9E:A0:27:5C:76:5E:17:60:3E:B5:9E:EF:39:E2:FA:B5:38:0E:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fp6gJ1x2XhdgPrWe7zni-rU4DvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/v0FSf_uyoxULFCJXeAcnoZlRJ2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4a54fd-bbea-415a-b969-d69ef422c167/1/Fp6gJ1x2XhdgPrWe7zni-rU4DvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.172.0/22
91.237.56.0/22
Signature Algorithm: sha256WithRSAEncryption
94:65:ab:d9:ef:ff:f0:81:84:ad:da:75:5c:a7:d3:69:c7:05:
88:03:25:ce:48:f0:9a:47:41:99:df:a6:35:f4:df:d0:35:ed:
db:3c:5f:e8:9c:7b:18:7e:37:cb:d6:8b:c9:03:67:7d:19:75:
b0:ee:3f:5e:9d:b3:2a:87:7b:4b:e9:e6:3f:ed:65:39:70:7b:
ca:7e:5f:aa:de:72:55:5a:14:a5:f7:60:48:69:2d:ab:1a:fc:
4e:02:06:84:3d:12:d5:7f:4e:5b:6c:ab:9b:bb:a3:a2:60:9a:
e6:87:1a:bd:e9:12:6e:04:1b:d2:92:64:78:9c:98:6d:2b:34:
9f:c8:d6:1f:48:1d:75:a3:fc:80:e9:c0:16:df:b9:14:86:0a:
c6:d5:6b:19:8b:9d:c3:57:6b:85:94:6e:70:df:68:27:24:f1:
70:b5:bd:6e:2c:4a:bd:14:bc:af:62:45:54:c0:ee:28:7a:a8:
7f:45:4d:41:05:44:d1:e2:c2:d7:7c:af:bc:4e:c2:9f:79:63:
db:01:76:ef:73:89:1f:8e:5e:2b:99:5e:f3:09:22:c7:60:86:
3c:ba:35:f8:a2:e9:19:a8:f5:68:56:29:8e:ac:5d:bb:35:eb:
02:ce:bd:e0:68:0f:c0:ca:c4:16:9f:a7:1f:92:b0:65:58:53:
de:10:6e:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuVBiZCeZHrG7wtKzny4DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OWVhMDI3NWM3NjVlMTc2MDNlYjU5ZWVmMzllMmZhYjUz
ODBlZjAwHhcNMjMwMTAxMTcxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQxNTI3ZmZiYjJhMzE1MGIxNDIyNTc3ODA3MjdhMTk5NTEyNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR8mvLZI/Qf9R+pXXxVYjEI0yoWG
8n0MwixLVHq7QtRpFjYLt8TOkV7Ngp5M4T+uDFTHPgX9ul0/SeK1GOslOvslaq+t
5T9KSc4CMPp90skaa3XIW+6QKyY9FjwJNvWPZ5awinn9TPTlC8lWiw/z4SLLyE99
jQqCgmMXRjeD3oQ5yv6YZM6xko9zkBA09KJ9KocG1P7a6HvVcMNLSyM98+MMya47
aXDBbM+i5LQYoBsavu8RA1gTR7cgnwSdmKMMxq4ehKhcOYiU1r1MgydVvYAZiwi/
nLOV1lXv3/JVszsMLKjrGsJxqMHG6JXnYJsc56Nrxyi/RhxLF9wH9EA/5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL9BUn/7sqMVCxQiV3gHJ6GZUSdqMB8GA1UdIwQY
MBaAFBaeoCdcdl4XYD61nu854vq1OA7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnA2Z0oxeDJYaGRnUHJXZTd6bmktclU0RHZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YTU0ZmQtYmJlYS00MTVhLWI5Njkt
ZDY5ZWY0MjJjMTY3LzEvdjBGU2ZfdXlveFVMRkNKWGVBY25vWmxSSjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YTU0ZmQtYmJlYS00MTVhLWI5NjktZDY5ZWY0MjJjMTY3
LzEvRnA2Z0oxeDJYaGRnUHJXZTd6bmktclU0RHZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8msAwQC
W+04MA0GCSqGSIb3DQEBCwUAA4IBAQCUZavZ7//wgYSt2nVcp9NpxwWIAyXOSPCa
R0GZ36Y19N/QNe3bPF/onHsYfjfL1ovJA2d9GXWw7j9enbMqh3tL6eY/7WU5cHvK
fl+q3nJVWhSl92BIaS2rGvxOAgaEPRLVf05bbKubu6OiYJrmhxq96RJuBBvSkmR4
nJhtKzSfyNYfSB11o/yA6cAW37kUhgrG1WsZi53DV2uFlG5w32gnJPFwtb1uLEq9
FLyvYkVUwO4oeqh/RU1BBUTR4sLXfK+8TsKfeWPbAXbvc4kfjl4rmV7zCSLHYIY8
ujX4oukZqPVoVimOrF27NesCzr3gaA/AysQWn6cfkrBlWFPeEG5M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:21 2025 by rpki-client