Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2c4fbb-7745-4759-a0c8-6689f872fc87/1/9lTYmreKw2Z-Ot1TP1N4bC6_QUM.roa
File: 9lTYmreKw2Z-Ot1TP1N4bC6_QUM.roa (raw, json)
Hash identifier: FZ7vvrCoUBHcRGI99V89fDAkiNC6mtaWTB4UezyLyXM=
Subject key identifier: F6:54:D8:9A:B7:8A:C3:66:7E:3A:DD:53:3F:53:78:6C:2E:BF:41:43
Certificate issuer: /CN=3351a9ec0aa91b932ac3c3586cfcacf0ca29f580
Certificate serial: 018484E0A33F39A8BB0DAF4C40C1276B9DBC
Authority key identifier: 33:51:A9:EC:0A:A9:1B:93:2A:C3:C3:58:6C:FC:AC:F0:CA:29:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1Gp7AqpG5Mqw8NYbPys8Mop9YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/2c4fbb-7745-4759-a0c8-6689f872fc87/1/9lTYmreKw2Z-Ot1TP1N4bC6_QUM.roa
Signing time: Thu 17 Nov 2022 09:17:05 +0000
ROA not before: Thu 17 Nov 2022 09:17:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59934
IP address blocks: 91.247.179.0/24 maxlen: 24
89.35.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:e0:a3:3f:39:a8:bb:0d:af:4c:40:c1:27:6b:9d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3351a9ec0aa91b932ac3c3586cfcacf0ca29f580
Validity
Not Before: Nov 17 09:17:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f654d89ab78ac3667e3add533f53786c2ebf4143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9c:fc:8d:5d:13:a3:f5:02:a5:52:0c:d8:e5:
1f:3d:31:db:e6:7c:e7:7b:3b:ed:b6:a1:56:ce:94:
c7:26:03:de:0d:e3:81:86:51:63:99:e6:00:1a:60:
41:be:f1:6a:ec:c5:ed:77:48:d1:3b:b5:72:20:89:
79:b6:14:c5:cb:d3:6d:aa:5c:34:a9:3d:94:69:d6:
5a:6b:56:e4:28:7d:61:03:29:f9:6d:db:5b:bb:49:
41:45:06:ff:50:d5:63:0d:7b:f5:4b:2a:6c:d3:96:
c9:f9:08:77:cd:80:56:90:2d:72:3d:a2:ce:16:da:
2c:57:52:bb:c7:65:fd:98:40:c4:90:05:77:c2:4e:
aa:a9:52:5c:6d:bc:18:c1:e8:eb:dd:ed:97:40:82:
83:57:f0:98:1a:5b:e9:04:3c:7e:32:1d:2a:ff:4a:
42:a2:44:b2:58:31:df:83:02:66:96:38:73:9f:fa:
54:70:d0:b8:65:f5:a6:bd:e9:bd:3c:d1:53:ae:36:
f2:6d:23:f7:7c:39:7a:ef:b7:f4:f7:96:21:cf:66:
73:25:56:13:bf:4f:c1:4f:a8:c2:9e:e1:16:c8:af:
86:f7:ad:92:9a:cb:d9:27:35:ab:07:c2:d4:b6:80:
e9:2f:06:0d:d7:4b:d7:99:2b:40:e1:5d:55:33:14:
4b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:54:D8:9A:B7:8A:C3:66:7E:3A:DD:53:3F:53:78:6C:2E:BF:41:43
X509v3 Authority Key Identifier:
keyid:33:51:A9:EC:0A:A9:1B:93:2A:C3:C3:58:6C:FC:AC:F0:CA:29:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1Gp7AqpG5Mqw8NYbPys8Mop9YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2c4fbb-7745-4759-a0c8-6689f872fc87/1/9lTYmreKw2Z-Ot1TP1N4bC6_QUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2c4fbb-7745-4759-a0c8-6689f872fc87/1/M1Gp7AqpG5Mqw8NYbPys8Mop9YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.35.0/24
91.247.179.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:21:bb:20:64:d1:44:11:50:90:9e:65:e4:cf:35:59:31:e9:
a3:55:16:f8:45:4c:80:31:df:dc:52:73:2a:09:58:43:17:be:
36:3f:a4:64:36:30:1d:eb:5a:5f:23:20:58:bf:be:7b:92:16:
c6:ab:5d:82:32:cd:8a:52:58:4e:49:4d:95:56:d7:e7:f8:2a:
39:45:a0:79:88:3a:2a:06:35:58:72:b6:77:66:a7:ca:6f:48:
c5:06:e4:77:54:f6:b2:ed:c1:56:09:34:a5:f7:3b:9d:63:ff:
06:ba:71:86:2a:da:4c:5d:30:07:be:38:25:44:c6:38:ae:49:
33:26:28:c8:82:a7:fb:69:f2:b2:17:46:c3:34:cf:85:19:48:
7b:df:5f:ba:46:1a:9b:95:20:e5:78:c8:ec:ef:d4:cb:93:1f:
39:06:8a:1b:05:d0:92:a6:ea:be:84:09:43:8a:98:ea:a0:87:
89:cd:59:ad:4e:71:fd:53:23:4e:14:54:63:8f:7c:5f:94:4f:
db:78:17:e0:a0:5f:e4:57:18:ed:2a:04:6e:35:51:08:23:0f:
b5:f3:19:c4:90:1c:8f:7d:a4:04:e0:6c:32:56:75:04:07:90:
2b:d0:24:01:ee:93:55:69:77:88:67:5c:61:35:49:53:fc:50:
02:6e:64:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSE4KM/Oai7Da9MQMEna528MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTFhOWVjMGFhOTFiOTMyYWMzYzM1ODZjZmNhY2YwY2Ey
OWY1ODAwHhcNMjIxMTE3MDkxNzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU0ZDg5YWI3OGFjMzY2N2UzYWRkNTMzZjUzNzg2YzJlYmY0MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pz8jV0To/UCpVIM2OUfPTHb5nzn
ezvttqFWzpTHJgPeDeOBhlFjmeYAGmBBvvFq7MXtd0jRO7VyIIl5thTFy9Ntqlw0
qT2UadZaa1bkKH1hAyn5bdtbu0lBRQb/UNVjDXv1Syps05bJ+Qh3zYBWkC1yPaLO
FtosV1K7x2X9mEDEkAV3wk6qqVJcbbwYwejr3e2XQIKDV/CYGlvpBDx+Mh0q/0pC
okSyWDHfgwJmljhzn/pUcNC4ZfWmvem9PNFTrjbybSP3fDl677f095Yhz2ZzJVYT
v0/BT6jCnuEWyK+G962SmsvZJzWrB8LUtoDpLwYN10vXmStA4V1VMxRLGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZU2Jq3isNmfjrdUz9TeGwuv0FDMB8GA1UdIwQY
MBaAFDNRqewKqRuTKsPDWGz8rPDKKfWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFHcDdBcXBHNU1xdzhOWWJQeXM4TW9wOVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yYzRmYmItNzc0NS00NzU5LWEwYzgt
NjY4OWY4NzJmYzg3LzEvOWxUWW1yZUt3MlotT3QxVFAxTjRiQzZfUVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yYzRmYmItNzc0NS00NzU5LWEwYzgtNjY4OWY4NzJmYzg3
LzEvTTFHcDdBcXBHNU1xdzhOWWJQeXM4TW9wOVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSMjAwQA
W/ezMA0GCSqGSIb3DQEBCwUAA4IBAQCuIbsgZNFEEVCQnmXkzzVZMemjVRb4RUyA
Md/cUnMqCVhDF742P6RkNjAd61pfIyBYv757khbGq12CMs2KUlhOSU2VVtfn+Co5
RaB5iDoqBjVYcrZ3ZqfKb0jFBuR3VPay7cFWCTSl9zudY/8GunGGKtpMXTAHvjgl
RMY4rkkzJijIgqf7afKyF0bDNM+FGUh731+6RhqblSDleMjs79TLkx85BoobBdCS
puq+hAlDipjqoIeJzVmtTnH9UyNOFFRjj3xflE/beBfgoF/kVxjtKgRuNVEIIw+1
8xnEkByPfaQE4GwyVnUEB5Ar0CQB7pNVaXeIZ1xhNUlT/FACbmT+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:36 2025 by rpki-client