Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4f8185-ddd8-48a5-8059-685ddb65556f/1/rSN_um6vsCw52F7hssgpSWE_78Q.roa
File: rSN_um6vsCw52F7hssgpSWE_78Q.roa (raw, json)
Hash identifier: 9SayQ6EkwT+faZUTtAADHC3VxJ5q1SfUfIiBc+Ar4qA=
Subject key identifier: AD:23:7F:BA:6E:AF:B0:2C:39:D8:5E:E1:B2:C8:29:49:61:3F:EF:C4
Certificate issuer: /CN=c1b32f21f2892be7c4bcd7ee106f019a6de88707
Certificate serial: 01870AF7868D62AD84D191DEDC6B3A48F69E
Authority key identifier: C1:B3:2F:21:F2:89:2B:E7:C4:BC:D7:EE:10:6F:01:9A:6D:E8:87:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbMvIfKJK-fEvNfuEG8Bmm3ohwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4f8185-ddd8-48a5-8059-685ddb65556f/1/rSN_um6vsCw52F7hssgpSWE_78Q.roa
Signing time: Wed 22 Mar 2023 20:16:46 +0000
ROA not before: Wed 22 Mar 2023 20:16:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56408
IP address blocks: 91.223.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0a:f7:86:8d:62:ad:84:d1:91:de:dc:6b:3a:48:f6:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b32f21f2892be7c4bcd7ee106f019a6de88707
Validity
Not Before: Mar 22 20:16:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad237fba6eafb02c39d85ee1b2c82949613fefc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:a8:34:6d:74:fe:41:a2:7d:56:f1:81:31:
e8:fa:0b:e2:f7:28:0c:76:fe:27:e0:ea:3d:ce:3a:
06:57:a6:0c:bf:2b:af:4a:5a:37:b1:79:13:8e:f5:
62:75:3d:e6:2c:88:d0:c2:42:25:7b:5d:a4:46:ec:
99:1a:49:b1:06:35:86:8b:7a:ca:ad:70:20:3e:bd:
41:e8:74:ac:27:cf:d9:45:56:1b:e9:dc:b7:cb:d8:
5b:5e:2b:03:23:aa:31:c0:fe:21:92:45:ad:67:e3:
ac:e9:35:f5:b8:fb:df:1b:c4:ea:d7:b3:83:d2:d2:
c7:b2:8d:7b:ac:cc:76:f0:b1:f7:b2:6a:3f:d0:08:
78:74:85:29:9d:65:9f:63:02:f6:bb:c2:d5:56:1f:
43:54:65:df:c9:02:b5:f3:32:00:8c:c3:c3:52:ff:
d0:31:60:ab:a0:85:1c:0f:db:a5:1f:a2:ab:9d:43:
a1:ee:4d:88:75:ef:2e:79:86:8e:e7:ca:e5:ad:d1:
b0:e4:c2:d0:b0:09:6b:44:44:9b:d6:d7:27:1b:6a:
a0:99:24:5c:f7:a0:73:2e:b2:74:30:b3:cb:68:ac:
c3:2e:9b:f9:b1:5f:19:af:f8:da:91:ef:80:c0:10:
a3:62:3a:f0:bc:bc:71:ef:0d:35:f0:2c:fe:6a:da:
16:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:23:7F:BA:6E:AF:B0:2C:39:D8:5E:E1:B2:C8:29:49:61:3F:EF:C4
X509v3 Authority Key Identifier:
keyid:C1:B3:2F:21:F2:89:2B:E7:C4:BC:D7:EE:10:6F:01:9A:6D:E8:87:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbMvIfKJK-fEvNfuEG8Bmm3ohwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4f8185-ddd8-48a5-8059-685ddb65556f/1/rSN_um6vsCw52F7hssgpSWE_78Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4f8185-ddd8-48a5-8059-685ddb65556f/1/wbMvIfKJK-fEvNfuEG8Bmm3ohwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.130.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:35:78:0f:c6:10:7b:9f:71:f8:76:d7:cb:f2:83:85:7e:b4:
a8:51:17:e6:6a:ba:b8:c5:bf:5a:74:58:e0:1e:4c:a2:92:50:
bf:ba:a2:a2:0a:a5:27:bf:64:f8:08:94:50:ff:b4:a4:15:15:
c6:ac:ab:b6:7f:bd:ce:9e:79:ef:7f:17:35:ae:81:f4:c5:ee:
4d:1a:af:8e:11:38:0f:99:7a:ff:e7:f6:09:98:2e:90:57:75:
aa:09:d4:4b:d7:5d:fa:b8:43:dc:f7:91:93:1f:a1:2c:9a:e1:
3f:02:1b:bf:fd:6e:c9:60:17:d6:a4:4f:f2:89:be:79:89:36:
4a:ab:86:46:70:d7:5e:8c:8a:5a:23:d4:81:aa:4b:fb:ec:7e:
5b:20:49:1a:62:4d:b8:d0:e8:4f:8d:99:f1:7a:f3:af:9e:b2:
b5:de:42:6f:3c:2e:d2:bd:08:1c:e3:8f:23:b5:e8:68:3b:70:
9e:3b:ab:92:c0:b6:3c:a0:77:46:a9:dc:66:3e:64:8d:96:8f:
27:74:32:03:11:db:3c:14:b6:74:8f:c0:26:4e:5b:26:2d:86:
82:a1:73:60:6c:a5:7f:72:fd:fa:59:63:e5:40:ad:b0:fa:f4:
5c:59:dd:9c:96:bc:9e:85:0b:1c:26:a7:ae:d3:68:66:c7:26:
be:5b:c2:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcK94aNYq2E0ZHe3Gs6SPaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjMyZjIxZjI4OTJiZTdjNGJjZDdlZTEwNmYwMTlhNmRl
ODg3MDcwHhcNMjMwMzIyMjAxNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDIzN2ZiYTZlYWZiMDJjMzlkODVlZTFiMmM4Mjk0OTYxM2ZlZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVuoNG10/kGifVbxgTHo+gvi9ygM
dv4n4Oo9zjoGV6YMvyuvSlo3sXkTjvVidT3mLIjQwkIle12kRuyZGkmxBjWGi3rK
rXAgPr1B6HSsJ8/ZRVYb6dy3y9hbXisDI6oxwP4hkkWtZ+Os6TX1uPvfG8Tq17OD
0tLHso17rMx28LH3smo/0Ah4dIUpnWWfYwL2u8LVVh9DVGXfyQK18zIAjMPDUv/Q
MWCroIUcD9ulH6KrnUOh7k2Ide8ueYaO58rlrdGw5MLQsAlrRESb1tcnG2qgmSRc
96BzLrJ0MLPLaKzDLpv5sV8Zr/jake+AwBCjYjrwvLxx7w018Cz+atoWRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0jf7pur7AsOdhe4bLIKUlhP+/EMB8GA1UdIwQY
MBaAFMGzLyHyiSvnxLzX7hBvAZpt6IcHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JNdklmS0pLLWZFdk5mdUVHOEJtbTNvaHdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZjgxODUtZGRkOC00OGE1LTgwNTkt
Njg1ZGRiNjU1NTZmLzEvclNOX3VtNnZzQ3c1MkY3aHNzZ3BTV0VfNzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZjgxODUtZGRkOC00OGE1LTgwNTktNjg1ZGRiNjU1NTZm
LzEvd2JNdklmS0pLLWZFdk5mdUVHOEJtbTNvaHdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+CMA0G
CSqGSIb3DQEBCwUAA4IBAQB/NXgPxhB7n3H4dtfL8oOFfrSoURfmarq4xb9adFjg
HkyiklC/uqKiCqUnv2T4CJRQ/7SkFRXGrKu2f73Onnnvfxc1roH0xe5NGq+OETgP
mXr/5/YJmC6QV3WqCdRL1136uEPc95GTH6EsmuE/Ahu//W7JYBfWpE/yib55iTZK
q4ZGcNdejIpaI9SBqkv77H5bIEkaYk240OhPjZnxevOvnrK13kJvPC7SvQgc448j
tehoO3CeO6uSwLY8oHdGqdxmPmSNlo8ndDIDEds8FLZ0j8AmTlsmLYaCoXNgbKV/
cv36WWPlQK2w+vRcWd2clryehQscJqeu02hmxya+W8L5
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:23 2025 by rpki-client