Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/13J3VpsDe5YsT8hGU9xkRAGBaeg.roa
File: 13J3VpsDe5YsT8hGU9xkRAGBaeg.roa (raw, json)
Hash identifier: fL1q6jbkDNvgkLvUgCageN0nqityuIxAFMAWJ27nmeQ=
Subject key identifier: D7:72:77:56:9B:03:7B:96:2C:4F:C8:46:53:DC:64:44:01:81:69:E8
Certificate issuer: /CN=1d87f30274951cadfb5b737e1333c73d64b04256
Certificate serial: 01856EB913393DE497E3CAE098CA30890B67
Authority key identifier: 1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/13J3VpsDe5YsT8hGU9xkRAGBaeg.roa
Signing time: Sun 01 Jan 2023 19:05:00 +0000
ROA not before: Sun 01 Jan 2023 19:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49964
IP address blocks: 91.220.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:13:39:3d:e4:97:e3:ca:e0:98:ca:30:89:0b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d87f30274951cadfb5b737e1333c73d64b04256
Validity
Not Before: Jan 1 19:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d77277569b037b962c4fc84653dc6444018169e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a2:06:eb:7b:74:6a:2b:66:4b:4a:4f:8f:61:
b8:d2:1a:af:db:67:6f:cb:b1:35:60:ed:35:94:96:
91:11:5c:43:d3:a9:78:d6:ba:8b:39:fd:9d:90:3a:
f4:d9:92:b4:16:32:f8:53:9f:b8:c9:5c:6a:d0:63:
a4:06:8e:75:a3:66:02:58:d9:f6:95:51:a0:15:8a:
74:df:6f:4d:42:be:6f:28:79:49:73:59:92:23:32:
37:10:66:59:81:0f:0a:50:bb:1c:64:24:52:66:d5:
f7:8a:33:65:1d:77:83:7e:03:0b:6e:b7:17:9c:ca:
46:79:98:f3:85:e0:dd:71:e8:93:b7:1f:6d:f9:65:
52:4d:32:6e:c6:85:c9:c8:5a:60:ac:84:c3:0a:3f:
6b:3c:02:5b:91:55:68:e8:9d:d2:ab:f8:17:db:6a:
e6:87:a2:9e:fa:23:48:1d:65:d3:34:22:a1:f2:f3:
d6:f6:52:7a:09:89:fa:a9:2a:6f:c7:38:84:c8:58:
a6:7b:1a:3e:17:ea:84:43:9d:38:f5:59:57:fd:bf:
8c:4a:a9:3c:d3:8d:41:5a:9d:46:98:49:e8:a3:85:
14:5b:30:71:1d:47:f2:d6:47:59:fa:e2:72:dc:ed:
93:c9:2e:8e:c1:79:fd:98:c8:71:63:97:f3:1c:a1:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:72:77:56:9B:03:7B:96:2C:4F:C8:46:53:DC:64:44:01:81:69:E8
X509v3 Authority Key Identifier:
keyid:1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/13J3VpsDe5YsT8hGU9xkRAGBaeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.111.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f1:e1:97:79:d9:f8:7b:7c:9e:12:4a:a7:a6:24:a2:ed:f9:
bd:3e:8a:f9:8e:c6:1e:11:ca:b2:e3:af:d8:82:c7:b2:6d:ae:
f0:b1:fe:e0:3f:68:92:87:ab:eb:f4:2f:11:f4:e2:33:d8:34:
96:57:dd:cf:0a:94:0b:cc:c2:cc:ad:17:d7:c9:4e:38:7e:f2:
f6:c4:97:03:73:93:2f:9f:15:86:ba:99:c1:03:ce:d2:bd:da:
71:10:1a:aa:fd:3c:94:af:ea:1c:5a:6b:c4:ad:4e:ee:c2:b4:
cb:40:a4:8f:af:cf:e4:00:df:9c:a9:a5:25:9b:4f:a4:7c:c5:
0c:b6:80:f6:e7:03:0d:b2:d1:87:5f:14:7b:f3:2e:56:3a:2c:
e6:f9:aa:61:0e:44:86:74:bc:8b:a2:bb:e5:42:05:6e:fe:2c:
97:8f:aa:db:e5:48:41:1c:bb:10:6f:bf:f5:f0:fc:ab:a9:8d:
ff:0f:c6:92:36:19:07:9b:34:84:e3:86:b0:a6:26:8f:ba:78:
7b:01:2d:bc:2a:2a:0d:c5:a7:3d:05:d0:65:1b:9f:ef:40:88:
40:bf:e4:03:1e:05:dd:96:3b:8b:40:57:27:a3:67:10:51:72:
ab:c0:7a:ee:ee:bb:fc:bb:2d:c2:37:12:92:5d:0f:55:32:c4:
bd:c4:1e:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuRM5PeSX48rgmMowiQtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODdmMzAyNzQ5NTFjYWRmYjViNzM3ZTEzMzNjNzNkNjRi
MDQyNTYwHhcNMjMwMTAxMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzcyNzc1NjliMDM3Yjk2MmM0ZmM4NDY1M2RjNjQ0NDAxODE2OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqIG63t0aitmS0pPj2G40hqv22dv
y7E1YO01lJaREVxD06l41rqLOf2dkDr02ZK0FjL4U5+4yVxq0GOkBo51o2YCWNn2
lVGgFYp0329NQr5vKHlJc1mSIzI3EGZZgQ8KULscZCRSZtX3ijNlHXeDfgMLbrcX
nMpGeZjzheDdceiTtx9t+WVSTTJuxoXJyFpgrITDCj9rPAJbkVVo6J3Sq/gX22rm
h6Ke+iNIHWXTNCKh8vPW9lJ6CYn6qSpvxziEyFimexo+F+qEQ5049VlX/b+MSqk8
041BWp1GmEnoo4UUWzBxHUfy1kdZ+uJy3O2TyS6OwXn9mMhxY5fzHKF1XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdyd1abA3uWLE/IRlPcZEQBgWnoMB8GA1UdIwQY
MBaAFB2H8wJ0lRyt+1tzfhMzxz1ksEJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlmekFuU1ZISzM3VzNOLUV6UEhQV1N3UWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8yNDg1ZjUtZGYzZS00ZGJhLTgxMGUt
ZmU0NDAxMTFkODA3LzEvMTNKM1Zwc0RlNVlzVDhoR1U5eGtSQUdCYWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8yNDg1ZjUtZGYzZS00ZGJhLTgxMGUtZmU0NDAxMTFkODA3
LzEvSFlmekFuU1ZISzM3VzNOLUV6UEhQV1N3UWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xvMA0G
CSqGSIb3DQEBCwUAA4IBAQAn8eGXedn4e3yeEkqnpiSi7fm9Por5jsYeEcqy46/Y
gseyba7wsf7gP2iSh6vr9C8R9OIz2DSWV93PCpQLzMLMrRfXyU44fvL2xJcDc5Mv
nxWGupnBA87SvdpxEBqq/TyUr+ocWmvErU7uwrTLQKSPr8/kAN+cqaUlm0+kfMUM
toD25wMNstGHXxR78y5WOizm+aphDkSGdLyLorvlQgVu/iyXj6rb5UhBHLsQb7/1
8PyrqY3/D8aSNhkHmzSE44awpiaPunh7AS28KioNxac9BdBlG5/vQIhAv+QDHgXd
ljuLQFcno2cQUXKrwHru7rv8uy3CNxKSXQ9VMsS9xB7H
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:39:32 2025 by rpki-client