Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/1_zmNlrb1z7B6Y1BbM9zZpNdh8I.roa
File: 1_zmNlrb1z7B6Y1BbM9zZpNdh8I.roa (raw, json)
Hash identifier: l3669m741toSEnpu6Om16jK0MXLJrONIAN6wz2PKQFw=
Subject key identifier: D7:FC:E6:36:5A:DB:D7:3E:C1:E9:8D:41:6C:CF:73:66:93:5D:87:C2
Certificate issuer: /CN=a2cd4301b2895f1d98a850e589ce7c063c539f4d
Certificate serial: 01856C65E574EBB36730BDD2DB5E3BC4A042
Authority key identifier: A2:CD:43:01:B2:89:5F:1D:98:A8:50:E5:89:CE:7C:06:3C:53:9F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/1_zmNlrb1z7B6Y1BbM9zZpNdh8I.roa
Signing time: Sun 01 Jan 2023 08:14:55 +0000
ROA not before: Sun 01 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50636
IP address blocks: 91.194.185.0/24 maxlen: 24
91.194.184.0/24 maxlen: 24
2001:67c:2940::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e5:74:eb:b3:67:30:bd:d2:db:5e:3b:c4:a0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2cd4301b2895f1d98a850e589ce7c063c539f4d
Validity
Not Before: Jan 1 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7fce6365adbd73ec1e98d416ccf7366935d87c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:17:a3:63:b1:4f:26:2d:42:92:8a:63:c1:
2f:1b:45:20:c6:de:a2:21:d6:db:1f:8d:71:59:d7:
5d:ba:ab:8d:68:e4:87:2a:9f:f1:79:61:54:7f:5e:
4f:08:ed:6f:18:7a:f9:fd:b7:19:c3:e7:81:c9:b1:
8b:cf:95:b5:81:11:96:f6:f5:b6:ce:2a:7e:57:63:
4a:73:39:82:97:c9:83:2f:9b:b1:6a:52:c9:dc:f0:
1f:63:6f:57:78:f0:66:f1:67:b4:12:73:6b:bf:92:
17:13:d8:d7:a7:96:be:48:8c:3b:9c:82:ea:9f:22:
b0:68:42:90:2b:c1:30:88:51:f5:c0:a0:e0:ea:fc:
e7:e4:51:e9:5b:e3:da:53:2f:ba:bd:29:a1:4e:d4:
e0:c0:45:12:f8:31:89:d8:0a:84:d6:c2:f6:26:a7:
c8:ad:1c:92:ec:95:45:2e:16:46:76:1b:0d:cb:78:
8e:85:a7:10:c0:15:a5:0b:fd:f4:d1:4d:0b:00:b4:
e5:2e:5d:db:a6:18:09:ab:97:3d:39:10:db:45:e2:
d1:e9:a1:7d:be:04:dd:67:df:d4:b4:67:f7:86:87:
06:cd:39:1a:44:b7:f7:0b:ef:01:d1:d9:5c:8f:a1:
f9:1c:74:5e:41:0b:0c:98:50:ef:de:74:3f:27:03:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FC:E6:36:5A:DB:D7:3E:C1:E9:8D:41:6C:CF:73:66:93:5D:87:C2
X509v3 Authority Key Identifier:
keyid:A2:CD:43:01:B2:89:5F:1D:98:A8:50:E5:89:CE:7C:06:3C:53:9F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/1_zmNlrb1z7B6Y1BbM9zZpNdh8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.184.0/23
IPv6:
2001:67c:2940::/48
Signature Algorithm: sha256WithRSAEncryption
50:30:84:55:08:c7:d7:eb:a3:e8:99:69:c8:a8:85:ed:ad:dd:
6f:3d:60:c5:13:c0:31:5d:9d:c9:f5:ee:04:a6:fa:a0:dc:de:
fd:a3:41:ec:da:99:20:ae:f8:f9:16:d6:96:0e:34:b6:ef:e9:
f2:d8:90:0a:ef:c8:73:de:55:e7:df:e2:33:31:ed:99:f7:d3:
58:f9:37:b4:85:f2:bd:b2:e0:e0:9d:48:84:c1:f4:34:b3:9d:
25:46:26:1f:9e:5d:ab:c4:9d:08:a4:a3:30:44:b1:d6:63:e1:
94:a5:f5:ba:fe:e5:91:d7:c9:c0:49:e6:d8:92:6e:9f:4b:f7:
2e:bb:35:b9:0c:ee:2a:a2:0c:08:47:4e:8f:0b:3d:e7:f2:c5:
c2:68:7c:b8:e5:aa:a7:51:9b:5e:16:0d:41:cc:ab:36:9c:81:
97:38:26:75:ad:0e:75:5b:f3:0b:ab:74:e4:08:ad:02:d4:5d:
b8:2d:1b:a5:41:2c:26:cb:29:b1:26:ce:58:62:77:f6:78:e5:
79:ee:66:64:95:ac:aa:95:1e:a4:0f:a1:37:c2:f1:55:20:6d:
49:15:be:8d:95:0c:cf:d3:67:23:f2:bd:29:c8:3b:7a:92:fc:
9d:e7:79:50:41:33:bf:6d:db:df:50:18:4d:3c:b2:fa:69:36:
b2:2c:da:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsZeV067NnML3S2147xKBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2Q0MzAxYjI4OTVmMWQ5OGE4NTBlNTg5Y2U3YzA2M2M1
MzlmNGQwHhcNMjMwMTAxMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZjZTYzNjVhZGJkNzNlYzFlOThkNDE2Y2NmNzM2NjkzNWQ4N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI4Xo2OxTyYtQpKKY8EvG0Ugxt6i
IdbbH41xWddduquNaOSHKp/xeWFUf15PCO1vGHr5/bcZw+eBybGLz5W1gRGW9vW2
zip+V2NKczmCl8mDL5uxalLJ3PAfY29XePBm8We0EnNrv5IXE9jXp5a+SIw7nILq
nyKwaEKQK8EwiFH1wKDg6vzn5FHpW+PaUy+6vSmhTtTgwEUS+DGJ2AqE1sL2JqfI
rRyS7JVFLhZGdhsNy3iOhacQwBWlC/300U0LALTlLl3bphgJq5c9ORDbReLR6aF9
vgTdZ9/UtGf3hocGzTkaRLf3C+8B0dlcj6H5HHReQQsMmFDv3nQ/JwNwCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNf85jZa29c+wemNQWzPc2aTXYfCMB8GA1UdIwQY
MBaAFKLNQwGyiV8dmKhQ5YnOfAY8U59NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zODQ4NmMtOWRlMy00NGVmLWFiMjkt
NThmM2YzN2NjZGQ5LzEvMV96bU5scmIxejdCNlkxQmJNOXpacE5kaDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zODQ4NmMtOWRlMy00NGVmLWFiMjktNThmM2YzN2NjZGQ5
LzEvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8K4MA8E
AgACMAkDBwAgAQZ8KUAwDQYJKoZIhvcNAQELBQADggEBAFAwhFUIx9fro+iZacio
he2t3W89YMUTwDFdncn17gSm+qDc3v2jQezamSCu+PkW1pYONLbv6fLYkArvyHPe
Veff4jMx7Zn301j5N7SF8r2y4OCdSITB9DSznSVGJh+eXavEnQikozBEsdZj4ZSl
9br+5ZHXycBJ5tiSbp9L9y67NbkM7iqiDAhHTo8LPefyxcJofLjlqqdRm14WDUHM
qzacgZc4JnWtDnVb8wurdOQIrQLUXbgtG6VBLCbLKbEmzlhid/Z45XnuZmSVrKqV
HqQPoTfC8VUgbUkVvo2VDM/TZyPyvSnIO3qS/J3neVBBM79t299QGE08svppNrIs
2sQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:20 2025 by rpki-client