Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/95L97SNix2cphx6uhz5dxk1SpjM.roa
File: 95L97SNix2cphx6uhz5dxk1SpjM.roa (raw, json)
Hash identifier: vLiZHh0gS4gp8O+eoE0mgOyLO9tUItbKTdwQoDDOcAU=
Subject key identifier: F7:92:FD:ED:23:62:C7:67:29:87:1E:AE:87:3E:5D:C6:4D:52:A6:33
Certificate issuer: /CN=010a7d4c64aed4bc98c6b5b064ff0a9b82eada82
Certificate serial: 01856D53DA7DA1BF0553467DDC8B5632094F
Authority key identifier: 01:0A:7D:4C:64:AE:D4:BC:98:C6:B5:B0:64:FF:0A:9B:82:EA:DA:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/95L97SNix2cphx6uhz5dxk1SpjM.roa
Signing time: Sun 01 Jan 2023 12:34:50 +0000
ROA not before: Sun 01 Jan 2023 12:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12301
IP address blocks: 91.220.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:da:7d:a1:bf:05:53:46:7d:dc:8b:56:32:09:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=010a7d4c64aed4bc98c6b5b064ff0a9b82eada82
Validity
Not Before: Jan 1 12:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f792fded2362c76729871eae873e5dc64d52a633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2f:94:12:72:e6:f0:2b:ff:d5:40:3e:be:8a:
99:35:65:a9:e3:a7:e5:f8:c4:5c:fa:4f:6a:75:e6:
35:e2:7d:c1:27:d4:ac:49:c7:73:b5:5d:b7:52:fb:
01:55:4d:e0:7b:9f:a5:ab:26:96:0e:8f:d2:ff:a7:
e4:f5:72:ab:35:a4:d8:4d:49:64:98:f9:e2:ca:f3:
50:24:69:58:b1:74:36:9f:83:7e:6e:cf:93:91:6c:
ec:95:c9:1c:42:a9:40:6f:c0:89:bf:dd:4e:06:97:
eb:19:a8:3d:1b:7a:cb:92:5f:0c:85:29:7b:c4:48:
c8:4f:13:05:d0:52:86:66:9f:e2:0f:30:89:12:3b:
27:39:41:58:bf:7c:04:6a:26:6f:d5:b8:b4:77:01:
19:bd:72:8e:3c:4b:d6:72:85:be:b7:21:f3:02:d2:
48:2a:30:e7:be:0f:3c:2c:0f:cf:22:e5:19:13:96:
45:6a:c4:b3:66:e9:13:47:5b:ee:69:82:e1:bc:c2:
f0:45:93:02:28:1c:71:96:97:c7:28:2e:4b:31:17:
13:e4:98:2f:fe:c2:ef:3d:55:19:f4:60:b6:e7:ce:
31:c9:0e:76:c1:71:fc:69:62:01:6f:02:c5:93:6a:
f5:52:66:54:fa:14:40:bf:99:8a:30:cd:a7:a8:af:
11:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:92:FD:ED:23:62:C7:67:29:87:1E:AE:87:3E:5D:C6:4D:52:A6:33
X509v3 Authority Key Identifier:
keyid:01:0A:7D:4C:64:AE:D4:BC:98:C6:B5:B0:64:FF:0A:9B:82:EA:DA:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/95L97SNix2cphx6uhz5dxk1SpjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.251.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3f:a4:d5:6a:71:f9:6d:4d:d1:3e:fc:41:2c:05:dd:93:19:
3d:2b:d1:36:ae:81:2d:09:87:d7:6c:fe:a7:c8:97:17:5e:64:
e7:8a:6e:8c:0c:07:0d:0d:30:cf:c8:54:20:39:75:6b:16:dc:
57:7d:8a:be:1f:84:06:f1:25:57:47:bd:ff:91:2b:9e:cf:97:
a8:84:46:09:b0:78:9e:0b:1b:be:37:7a:53:ca:a2:6a:80:7f:
90:cf:5f:b3:c4:d0:ca:f2:55:ce:1a:8b:5f:70:9e:e0:58:0e:
1c:2b:63:e7:07:8c:bf:9d:87:4f:27:0c:55:02:c1:d5:1c:16:
01:f4:63:dd:db:a0:ee:77:c4:1e:f0:e6:54:d7:7b:b9:e7:6f:
dd:ae:74:9d:e0:d4:02:f3:8e:ed:ff:72:b0:fe:98:54:98:78:
bd:c0:a8:86:e5:79:fa:5d:94:f4:b6:90:4e:85:9e:a4:9b:31:
4c:38:9d:54:4d:7a:39:65:31:5d:c9:8c:df:ad:00:2d:a4:1c:
55:93:64:5b:8f:c1:20:ba:d0:56:38:75:0e:78:58:f8:ef:8e:
c2:ec:89:7e:2f:3a:ce:66:e1:23:96:ab:c8:44:7a:be:87:e1:
98:21:4b:98:e8:28:29:de:f9:02:e1:a0:a0:28:67:81:7e:c4:
59:eb:3c:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9p9ob8FU0Z93ItWMglPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMGE3ZDRjNjRhZWQ0YmM5OGM2YjViMDY0ZmYwYTliODJl
YWRhODIwHhcNMjMwMTAxMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzkyZmRlZDIzNjJjNzY3Mjk4NzFlYWU4NzNlNWRjNjRkNTJhNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi+UEnLm8Cv/1UA+voqZNWWp46fl
+MRc+k9qdeY14n3BJ9SsScdztV23UvsBVU3ge5+lqyaWDo/S/6fk9XKrNaTYTUlk
mPniyvNQJGlYsXQ2n4N+bs+TkWzslckcQqlAb8CJv91OBpfrGag9G3rLkl8MhSl7
xEjITxMF0FKGZp/iDzCJEjsnOUFYv3wEaiZv1bi0dwEZvXKOPEvWcoW+tyHzAtJI
KjDnvg88LA/PIuUZE5ZFasSzZukTR1vuaYLhvMLwRZMCKBxxlpfHKC5LMRcT5Jgv
/sLvPVUZ9GC2584xyQ52wXH8aWIBbwLFk2r1UmZU+hRAv5mKMM2nqK8RNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPeS/e0jYsdnKYceroc+XcZNUqYzMB8GA1UdIwQY
MBaAFAEKfUxkrtS8mMa1sGT/CpuC6tqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVFwOVRHU3UxTHlZeHJXd1pQOEttNExxMm9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMzM2M2UtNDgzMi00ZDU3LTlkYTUt
ZGJmNzZlZDM5MzlmLzEvOTVMOTdTTml4MmNwaHg2dWh6NWR4azFTcGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMzM2M2UtNDgzMi00ZDU3LTlkYTUtZGJmNzZlZDM5Mzlm
LzEvQVFwOVRHU3UxTHlZeHJXd1pQOEttNExxMm9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9z7MA0G
CSqGSIb3DQEBCwUAA4IBAQBoP6TVanH5bU3RPvxBLAXdkxk9K9E2roEtCYfXbP6n
yJcXXmTnim6MDAcNDTDPyFQgOXVrFtxXfYq+H4QG8SVXR73/kSuez5eohEYJsHie
Cxu+N3pTyqJqgH+Qz1+zxNDK8lXOGotfcJ7gWA4cK2PnB4y/nYdPJwxVAsHVHBYB
9GPd26Dud8Qe8OZU13u552/drnSd4NQC847t/3Kw/phUmHi9wKiG5Xn6XZT0tpBO
hZ6kmzFMOJ1UTXo5ZTFdyYzfrQAtpBxVk2Rbj8EgutBWOHUOeFj4747C7Il+LzrO
ZuEjlqvIRHq+h+GYIUuY6Cgp3vkC4aCgKGeBfsRZ6zz3
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:58:58 2025 by rpki-client