Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/izt9pb-ya7sF3snrCjjOCt0w4ds.roa
File: izt9pb-ya7sF3snrCjjOCt0w4ds.roa (raw, json)
Hash identifier: NQ+H63/oeeMG/4g7X3eiG0DAGcF+BHzwDPyKnwAzFJQ=
Subject key identifier: 8B:3B:7D:A5:BF:B2:6B:BB:05:DE:C9:EB:0A:38:CE:0A:DD:30:E1:DB
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018BAB3172C721E529163303DD629AB17848
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/izt9pb-ya7sF3snrCjjOCt0w4ds.roa
Signing time: Tue 07 Nov 2023 19:10:26 +0000
ROA not before: Tue 07 Nov 2023 19:10:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44901
IP address blocks: 91.132.63.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ab:31:72:c7:21:e5:29:16:33:03:dd:62:9a:b1:78:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Nov 7 19:10:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3b7da5bfb26bbb05dec9eb0a38ce0add30e1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cf:ba:73:f4:81:8e:d2:c0:b8:b3:6f:ad:9a:
a0:bf:5b:59:12:3a:2d:9d:5a:d7:43:24:02:5d:ff:
4e:45:ec:65:a6:a6:05:6b:56:52:1a:c3:9f:ce:aa:
9f:3c:cd:04:a9:da:20:df:03:f1:2d:aa:12:53:eb:
19:1d:b9:6a:0a:a1:e2:a8:9e:86:d8:d4:36:c5:df:
51:37:7a:32:d5:3d:99:b2:34:67:2e:af:69:4d:26:
7d:1a:39:b0:25:3c:68:a1:ae:dd:a2:68:3c:0c:b5:
4a:54:4e:e9:40:04:b8:38:48:e3:37:7b:7e:76:69:
41:76:e2:42:92:58:37:be:14:42:da:e5:06:f6:01:
d9:46:59:99:d2:7e:0e:a9:c1:ce:3c:f9:07:e6:a4:
e1:74:4f:f0:5d:92:29:29:d5:a2:af:20:2c:eb:25:
4a:0e:0e:49:20:8d:be:74:7e:30:ee:73:6f:51:60:
08:f7:af:a3:6f:27:80:c3:be:37:15:64:cc:aa:74:
ce:37:d7:10:00:be:6c:77:c0:be:31:04:fd:96:42:
32:2d:9b:c9:d1:fd:74:87:22:4c:0e:33:70:a5:95:
43:0a:1d:56:3a:7b:07:1d:55:1e:32:75:db:22:17:
34:f5:12:1b:8e:d6:fd:f6:1c:8f:5c:7e:14:e9:23:
e3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3B:7D:A5:BF:B2:6B:BB:05:DE:C9:EB:0A:38:CE:0A:DD:30:E1:DB
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/izt9pb-ya7sF3snrCjjOCt0w4ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.60.0/24
91.132.62.0/23
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
79:22:80:78:53:20:d6:01:f4:c2:1e:9d:e9:77:76:87:f9:f3:
dd:1a:ce:06:39:21:c2:c2:09:1c:ef:32:08:66:a6:a1:84:68:
22:e4:e1:8b:83:be:ff:d1:b9:5f:c4:ef:7d:66:8b:e3:28:4b:
b7:71:cf:c8:1b:47:2e:8f:0c:a7:ad:f3:8e:91:81:0d:c8:0b:
51:84:aa:d9:99:88:40:63:e1:17:2b:4f:a7:fd:8f:69:92:46:
e1:f1:70:da:c2:94:b6:8d:c4:69:db:1f:bd:83:24:4e:ab:9d:
d9:65:ad:ca:15:e9:fc:ac:fb:92:f7:6f:88:1f:b6:e1:bf:02:
3c:e0:35:8e:9e:bc:dd:66:36:f2:e9:24:83:4d:21:0b:68:5b:
38:88:23:7f:cc:1c:55:be:5e:90:03:ad:5f:ca:b4:95:a5:dd:
db:c6:27:18:4f:2d:b6:dc:94:8d:78:fb:49:a8:a9:e5:99:92:
f8:89:ff:6f:32:77:57:a2:0b:f8:ff:84:63:d1:4b:2d:31:c0:
8c:ad:a9:c6:32:92:8b:61:26:27:94:07:16:f5:47:aa:f3:21:
fe:10:9a:c2:2a:ac:90:36:86:99:3f:2f:de:cf:a2:26:e9:4a:
85:52:35:9b:00:7c:45:69:70:6c:92:65:70:5e:59:74:41:32:
52:82:53:47
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYurMXLHIeUpFjMD3WKasXhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjMxMTA3MTkxMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNiN2RhNWJmYjI2YmJiMDVkZWM5ZWIwYTM4Y2UwYWRkMzBlMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgs+6c/SBjtLAuLNvrZqgv1tZEjot
nVrXQyQCXf9ORexlpqYFa1ZSGsOfzqqfPM0Eqdog3wPxLaoSU+sZHblqCqHiqJ6G
2NQ2xd9RN3oy1T2ZsjRnLq9pTSZ9GjmwJTxooa7domg8DLVKVE7pQAS4OEjjN3t+
dmlBduJCklg3vhRC2uUG9gHZRlmZ0n4OqcHOPPkH5qThdE/wXZIpKdWiryAs6yVK
Dg5JII2+dH4w7nNvUWAI96+jbyeAw743FWTMqnTON9cQAL5sd8C+MQT9lkIyLZvJ
0f10hyJMDjNwpZVDCh1WOnsHHVUeMnXbIhc09RIbjtb99hyPXH4U6SPjiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIs7faW/smu7Bd7J6wo4zgrdMOHbMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvaXp0OXBiLXlhN3NGM3NuckNqak9DdDB3NGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW4Q8AwQB
W4Q+AwQAufPVMA0EAgACMAcDBQAqCb6AMA0GCSqGSIb3DQEBCwUAA4IBAQB5IoB4
UyDWAfTCHp3pd3aH+fPdGs4GOSHCwgkc7zIIZqahhGgi5OGLg77/0blfxO99Zovj
KEu3cc/IG0cujwynrfOOkYENyAtRhKrZmYhAY+EXK0+n/Y9pkkbh8XDawpS2jcRp
2x+9gyROq53ZZa3KFen8rPuS92+IH7bhvwI84DWOnrzdZjby6SSDTSELaFs4iCN/
zBxVvl6QA61fyrSVpd3bxicYTy223JSNePtJqKnlmZL4if9vMndXogv4/4Rj0Ust
McCMranGMpKLYSYnlAcW9Ueq8yH+EJrCKqyQNoaZPy/ez6Im6UqFUjWbAHxFaXBs
kmVwXll0QTJSglNH
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:58:49 2025 by rpki-client