Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/EszNBFQ8GDKMLD_bu0JW81H2SUQ.roa
File: EszNBFQ8GDKMLD_bu0JW81H2SUQ.roa (raw, json)
Hash identifier: R3+hntCw2OqV5IBbxSK09sO6eSMPihJIplLLQIM8SpA=
Subject key identifier: 12:CC:CD:04:54:3C:18:32:8C:2C:3F:DB:BB:42:56:F3:51:F6:49:44
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018578AA405B5F3AA5686228385D8065CD2B
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/EszNBFQ8GDKMLD_bu0JW81H2SUQ.roa
Signing time: Tue 03 Jan 2023 17:25:01 +0000
ROA not before: Tue 03 Jan 2023 17:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 91.147.121.0/24 maxlen: 24
91.147.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:aa:40:5b:5f:3a:a5:68:62:28:38:5d:80:65:cd:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 3 17:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12cccd04543c18328c2c3fdbbb4256f351f64944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e1:6f:0e:13:7d:2d:4d:a3:ae:a6:0d:51:cc:
0f:e1:2e:ec:ab:ce:43:81:8a:83:b2:55:07:ed:b6:
83:45:4d:6e:62:07:d1:e5:8c:1a:38:f1:bb:23:9a:
04:c8:a2:f2:ae:30:e6:39:d0:e1:e4:3d:a8:7a:d9:
16:59:94:fc:a8:79:a5:2b:36:d6:8e:e2:80:21:64:
a0:6f:bd:db:d4:3b:99:c3:c4:c6:e7:e7:62:ee:02:
be:98:5b:1f:48:fc:04:de:1c:ba:94:a5:cb:0f:ad:
2b:66:42:40:a2:f3:3a:b0:f2:43:46:16:5b:46:4f:
1a:02:fe:6a:46:10:41:1a:76:9a:8b:51:5e:3f:26:
2c:e8:0d:07:ca:69:b4:59:f2:51:42:de:1a:08:86:
d2:e8:23:1b:18:5d:82:9c:89:7b:49:19:38:0b:13:
ea:fb:83:de:7b:f8:61:5c:d3:17:0c:9a:22:5f:bd:
ac:da:a3:30:4d:d0:2c:86:bc:70:4a:c9:6a:1e:2d:
65:19:d6:e5:85:3b:7d:36:13:c5:a9:7e:8d:b3:81:
be:dd:3b:e3:3c:f7:d9:0b:29:77:f5:56:f5:4a:2f:
21:70:d7:2f:dc:75:3e:33:10:f7:74:13:8d:2f:47:
48:79:2c:33:50:49:18:9f:ce:ae:4c:00:0a:7b:66:
94:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CC:CD:04:54:3C:18:32:8C:2C:3F:DB:BB:42:56:F3:51:F6:49:44
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/EszNBFQ8GDKMLD_bu0JW81H2SUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.120.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:58:cb:32:b5:ac:95:7f:09:b5:41:90:f0:73:c2:05:8e:cb:
e0:a5:82:2b:89:26:94:98:71:63:c2:ce:98:da:33:a8:d1:24:
d4:97:d7:30:20:d1:27:05:75:ea:86:76:71:01:8b:ce:dd:4f:
c8:1d:76:9d:c1:0c:07:29:de:cd:2f:8b:09:1d:f1:06:87:f1:
eb:ae:11:aa:44:e2:fa:6d:ce:bc:4f:ff:06:8e:05:99:ff:58:
62:5f:d5:a4:ba:cd:8b:42:57:ea:52:0a:9a:b6:8d:c1:96:63:
3d:04:b9:d5:1a:de:d3:f7:de:25:f1:46:2d:68:55:7f:9c:2f:
2c:e3:ab:ce:3b:dd:91:0d:b3:ab:a0:89:d9:5a:2e:5c:4e:98:
50:ab:07:f5:22:0b:60:28:5a:3c:64:41:92:3e:a1:91:ca:78:
bb:a2:64:06:c6:a7:d1:9a:32:28:dd:56:0b:9b:da:25:0d:9c:
e3:70:02:01:38:47:60:e4:42:9d:25:e4:60:8e:e1:15:46:b4:
3e:c5:63:02:85:72:a2:95:c0:7e:50:9c:5b:9e:5f:15:f0:9f:
f6:7b:90:18:97:d3:0c:29:12:21:97:df:83:78:c4:67:62:d8:
86:f6:72:df:3e:da:31:ae:42:c6:89:1d:cb:84:1b:6c:6f:d6:
d0:7d:b0:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV4qkBbXzqlaGIoOF2AZc0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwMTAzMTcyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNjY2QwNDU0M2MxODMyOGMyYzNmZGJiYjQyNTZmMzUxZjY0OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOFvDhN9LU2jrqYNUcwP4S7sq85D
gYqDslUH7baDRU1uYgfR5YwaOPG7I5oEyKLyrjDmOdDh5D2oetkWWZT8qHmlKzbW
juKAIWSgb73b1DuZw8TG5+di7gK+mFsfSPwE3hy6lKXLD60rZkJAovM6sPJDRhZb
Rk8aAv5qRhBBGnaai1FePyYs6A0Hymm0WfJRQt4aCIbS6CMbGF2CnIl7SRk4CxPq
+4Pee/hhXNMXDJoiX72s2qMwTdAshrxwSslqHi1lGdblhTt9NhPFqX6Ns4G+3Tvj
PPfZCyl39Vb1Si8hcNcv3HU+MxD3dBONL0dIeSwzUEkYn86uTAAKe2aUawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBLMzQRUPBgyjCw/27tCVvNR9klEMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvRXN6TkJGUThHREtNTERfYnUwSlc4MUgyU1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW5N4MA0G
CSqGSIb3DQEBCwUAA4IBAQCwWMsytayVfwm1QZDwc8IFjsvgpYIriSaUmHFjws6Y
2jOo0STUl9cwINEnBXXqhnZxAYvO3U/IHXadwQwHKd7NL4sJHfEGh/HrrhGqROL6
bc68T/8GjgWZ/1hiX9Wkus2LQlfqUgqato3BlmM9BLnVGt7T994l8UYtaFV/nC8s
46vOO92RDbOroInZWi5cTphQqwf1IgtgKFo8ZEGSPqGRyni7omQGxqfRmjIo3VYL
m9olDZzjcAIBOEdg5EKdJeRgjuEVRrQ+xWMChXKilcB+UJxbnl8V8J/2e5AYl9MM
KRIhl9+DeMRnYtiG9nLfPtoxrkLGiR3LhBtsb9bQfbAd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:32 2025 by rpki-client