Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/aJYJcW_WkCPTuw7L1Js7FNlpKJc.roa
File: aJYJcW_WkCPTuw7L1Js7FNlpKJc.roa (raw, json)
Hash identifier: kADRz9R3+zvA3MKzfSxEtHM0vd89ltCgeoDIctsLPo8=
Subject key identifier: 68:96:09:71:6F:D6:90:23:D3:BB:0E:CB:D4:9B:3B:14:D9:69:28:97
Certificate issuer: /CN=dd188ec2e49ac94585245b4b8745a1bb7a1cdc66
Certificate serial: 0188342A42C19F025D870E7152C5BBD0275F
Authority key identifier: DD:18:8E:C2:E4:9A:C9:45:85:24:5B:4B:87:45:A1:BB:7A:1C:DC:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3RiOwuSayUWFJFtLh0Whu3oc3GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/aJYJcW_WkCPTuw7L1Js7FNlpKJc.roa
Signing time: Fri 19 May 2023 13:19:24 +0000
ROA not before: Fri 19 May 2023 13:19:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205342
IP address blocks: 91.240.245.0/24 maxlen: 24
2a12:db40::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:2a:42:c1:9f:02:5d:87:0e:71:52:c5:bb:d0:27:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd188ec2e49ac94585245b4b8745a1bb7a1cdc66
Validity
Not Before: May 19 13:19:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=689609716fd69023d3bb0ecbd49b3b14d9692897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:c3:fa:e5:5b:9f:42:d4:38:31:9e:04:f5:
98:3c:f7:32:37:52:05:76:c4:14:cd:8c:5b:22:74:
bb:28:ab:00:f2:11:9b:67:4f:c2:54:31:ec:f6:3c:
f8:d9:2c:6e:cb:d1:75:58:ae:08:6d:77:95:f7:4d:
e9:41:c5:ff:8f:0d:3a:1c:48:37:f7:ec:77:a0:3b:
b9:53:73:83:95:47:a9:3b:b1:5d:18:03:55:03:7a:
cb:9a:05:e2:c5:b7:3d:f7:8e:f1:6f:25:fe:f2:99:
d8:5c:08:3c:f5:ac:39:69:c5:5c:fe:c9:2b:f8:e0:
3b:e0:15:09:9c:d4:62:10:5f:86:5a:55:ed:77:fb:
70:9f:ed:cb:14:ec:bd:94:05:cd:69:6d:f2:f6:6c:
70:76:ad:86:a7:26:3b:6b:5a:b0:2e:3e:de:55:55:
14:25:7e:ab:b1:5e:0c:a4:39:1e:f6:a0:68:2d:d6:
92:93:ba:32:09:ba:13:05:41:28:c5:a8:11:8c:14:
7f:e1:a1:78:05:a0:64:a4:43:02:52:0e:6e:9f:84:
12:22:5e:39:be:e9:13:bb:b2:5f:70:70:a0:86:18:
fc:36:cc:ac:36:55:5e:14:26:00:ed:6b:5f:09:ff:
c0:03:67:5e:d9:b7:0e:65:d1:06:ce:01:6c:c7:f4:
44:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:96:09:71:6F:D6:90:23:D3:BB:0E:CB:D4:9B:3B:14:D9:69:28:97
X509v3 Authority Key Identifier:
keyid:DD:18:8E:C2:E4:9A:C9:45:85:24:5B:4B:87:45:A1:BB:7A:1C:DC:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RiOwuSayUWFJFtLh0Whu3oc3GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/aJYJcW_WkCPTuw7L1Js7FNlpKJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.245.0/24
IPv6:
2a12:db40::/29
Signature Algorithm: sha256WithRSAEncryption
51:1b:b5:b3:ad:fb:c5:b0:b8:d4:75:ef:d9:40:bf:e2:df:51:
3b:69:c4:38:f7:93:96:35:ef:80:6e:97:7d:f4:d6:8b:9b:f4:
3e:1f:2c:6f:87:02:55:fb:94:ed:66:db:03:69:ab:6f:10:13:
d1:1e:c9:86:d6:f3:33:fd:1b:3c:6d:05:1f:3d:bc:21:d9:5e:
52:f6:d7:11:37:d3:df:47:d1:6e:4f:64:80:41:24:0e:5f:36:
fe:17:06:87:ee:c4:86:bf:39:10:cc:4a:d8:4e:94:0d:cf:a8:
d8:a9:9b:7c:0a:c2:cc:87:46:c7:05:87:1c:50:56:8f:a0:aa:
91:06:2a:ee:5d:be:2a:af:75:6d:01:cb:91:ad:d3:67:e4:eb:
5d:0e:75:ff:6a:43:b4:c7:d8:da:e8:66:ec:72:1e:47:1f:fe:
7d:cb:92:3a:7e:70:54:22:0d:68:c9:cd:ba:41:47:8a:4c:21:
e4:23:d5:0e:e0:2c:b8:64:bd:e5:d8:cf:96:de:d0:c6:43:8a:
67:db:5b:df:18:3e:d2:51:f4:cc:e4:68:8e:43:a4:6e:6f:44:
2c:c6:37:47:9e:d7:ec:7b:75:31:2f:4d:85:04:b5:8b:2f:33:
ee:6c:d4:8b:f6:5a:9b:51:bf:f3:96:45:b8:ab:17:86:72:53:
ef:10:52:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYg0KkLBnwJdhw5xUsW70CdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTg4ZWMyZTQ5YWM5NDU4NTI0NWI0Yjg3NDVhMWJiN2Ex
Y2RjNjYwHhcNMjMwNTE5MTMxOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk2MDk3MTZmZDY5MDIzZDNiYjBlY2JkNDliM2IxNGQ5NjkyODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHjD+uVbn0LUODGeBPWYPPcyN1IF
dsQUzYxbInS7KKsA8hGbZ0/CVDHs9jz42Sxuy9F1WK4IbXeV903pQcX/jw06HEg3
9+x3oDu5U3ODlUepO7FdGANVA3rLmgXixbc9947xbyX+8pnYXAg89aw5acVc/skr
+OA74BUJnNRiEF+GWlXtd/twn+3LFOy9lAXNaW3y9mxwdq2GpyY7a1qwLj7eVVUU
JX6rsV4MpDke9qBoLdaSk7oyCboTBUEoxagRjBR/4aF4BaBkpEMCUg5un4QSIl45
vukTu7JfcHCghhj8NsysNlVeFCYA7WtfCf/AA2de2bcOZdEGzgFsx/REOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGiWCXFv1pAj07sOy9SbOxTZaSiXMB8GA1UdIwQY
MBaAFN0YjsLkmslFhSRbS4dFobt6HNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JpT3d1U2F5VVdGSkZ0TGgwV2h1M29jM0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hNDFlZGItOWRmNS00MGY5LTllY2Ut
YjU5MTk4YjkxNTVkLzEvYUpZSmNXX1drQ1BUdXc3TDFKczdGTmxwS0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hNDFlZGItOWRmNS00MGY5LTllY2UtYjU5MTk4YjkxNTVk
LzEvM1JpT3d1U2F5VVdGSkZ0TGgwV2h1M29jM0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW/D1MA0E
AgACMAcDBQMqEttAMA0GCSqGSIb3DQEBCwUAA4IBAQBRG7WzrfvFsLjUde/ZQL/i
31E7acQ495OWNe+Abpd99NaLm/Q+HyxvhwJV+5TtZtsDaatvEBPRHsmG1vMz/Rs8
bQUfPbwh2V5S9tcRN9PfR9FuT2SAQSQOXzb+FwaH7sSGvzkQzErYTpQNz6jYqZt8
CsLMh0bHBYccUFaPoKqRBiruXb4qr3VtAcuRrdNn5OtdDnX/akO0x9ja6Gbsch5H
H/59y5I6fnBUIg1oyc26QUeKTCHkI9UO4Cy4ZL3l2M+W3tDGQ4pn21vfGD7SUfTM
5GiOQ6Rub0QsxjdHntfse3UxL02FBLWLLzPubNSL9lqbUb/zlkW4qxeGclPvEFLr
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:34:14 2025 by rpki-client