Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/c-XRgtnSrbOitIInLC7gvBP3EpE.roa
File: c-XRgtnSrbOitIInLC7gvBP3EpE.roa (raw, json)
Hash identifier: UiWpXNS1MYnyzGd/OQGQByoNzQxPKeu2PY+i+GEjvQg=
Subject key identifier: 73:E5:D1:82:D9:D2:AD:B3:A2:B4:82:27:2C:2E:E0:BC:13:F7:12:91
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01845C3FEC2ADD94F7FF526C1CF66B69FBBC
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/c-XRgtnSrbOitIInLC7gvBP3EpE.roa
Signing time: Wed 09 Nov 2022 11:56:43 +0000
ROA not before: Wed 09 Nov 2022 11:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 212.116.246.0/24 maxlen: 24
212.116.244.0/24 maxlen: 24
91.147.124.0/23 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:3f:ec:2a:dd:94:f7:ff:52:6c:1c:f6:6b:69:fb:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Nov 9 11:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73e5d182d9d2adb3a2b482272c2ee0bc13f71291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1b:76:ee:36:c6:ad:91:fa:bc:95:a3:ac:94:
8f:a3:9c:8c:24:f9:8a:89:c8:74:47:1e:a2:97:96:
cd:7f:e1:10:7f:cc:2b:c5:90:2e:3c:82:cf:14:8e:
3e:0e:55:0d:ce:ec:11:cd:4e:ad:b9:c3:ab:95:f1:
ff:c3:be:a3:67:2b:72:3b:3f:63:05:b7:ee:37:f4:
fa:23:83:fd:fd:86:9a:73:bd:ec:e5:aa:38:d1:1a:
0e:03:1f:79:eb:e5:2f:38:a5:16:cd:b0:ce:55:16:
b8:e2:bf:47:69:81:90:e9:66:b8:93:90:6e:ca:e5:
39:fe:e8:ac:d3:78:0e:83:26:23:1d:55:89:92:a0:
5b:37:b0:86:ec:5f:2a:18:1d:90:f1:b4:69:83:ed:
52:51:09:cd:ea:56:04:1a:70:c8:3c:81:6d:94:a1:
72:43:90:44:b7:97:66:65:fc:30:f7:34:d2:79:eb:
b3:bc:eb:bc:ee:88:22:36:c6:33:b4:e8:c8:f1:bb:
28:9c:30:31:cc:e3:4a:d8:78:6d:95:b5:87:ff:b8:
52:c7:dd:f0:d6:6b:b8:00:e7:74:9e:17:ee:9b:8f:
63:31:ec:c0:6b:74:0e:e0:47:93:92:12:82:73:9b:
e1:65:49:4c:70:0d:b8:ad:e4:fd:ce:55:56:0e:2f:
49:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E5:D1:82:D9:D2:AD:B3:A2:B4:82:27:2C:2E:E0:BC:13:F7:12:91
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/c-XRgtnSrbOitIInLC7gvBP3EpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.124.0/22
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
60:71:1c:84:2b:2b:42:fb:fe:ce:6d:5a:8f:f1:a3:af:f0:ed:
79:ef:91:f2:b0:a9:8d:4e:a0:1b:39:db:99:78:4d:b2:96:fe:
0b:4c:44:17:9c:07:87:17:61:8c:b4:28:65:b1:c9:e9:e2:1b:
2a:39:7d:4a:8a:86:5b:94:f9:17:5b:02:75:f7:13:72:6d:32:
a7:d8:73:d9:bd:8e:96:49:35:9f:62:91:e9:41:83:e7:b5:d9:
04:39:e6:10:67:08:07:c1:03:8d:f7:06:73:cc:82:6d:00:87:
a6:a9:af:fe:10:8b:91:d9:af:90:b9:4e:c6:20:85:b5:7a:08:
94:03:53:1d:bd:c2:b4:e5:91:84:7f:49:17:b1:29:8e:69:94:
43:1d:cf:1e:e5:96:a6:10:ab:73:cd:4b:bc:da:4e:81:8e:23:
67:32:39:23:4e:2a:5a:f0:23:09:b0:1b:3a:e4:b8:e7:8e:53:
ea:57:a2:34:2f:9b:9e:4f:7d:2a:b6:b8:c4:74:84:c2:bd:b5:
5e:1b:fc:f8:dc:64:1a:60:d5:88:a4:db:49:c8:2b:f3:cb:ec:
e9:83:9f:f9:dd:57:a7:1c:14:28:11:4a:f2:e3:d7:de:22:21:
7f:40:61:30:9a:81:a5:45:cf:97:2a:b3:01:e2:f4:da:e6:12:
74:e9:fc:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRcP+wq3ZT3/1JsHPZrafu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjIxMTA5MTE1NjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U1ZDE4MmQ5ZDJhZGIzYTJiNDgyMjcyYzJlZTBiYzEzZjcxMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBt27jbGrZH6vJWjrJSPo5yMJPmK
ich0Rx6il5bNf+EQf8wrxZAuPILPFI4+DlUNzuwRzU6tucOrlfH/w76jZytyOz9j
BbfuN/T6I4P9/Yaac73s5ao40RoOAx956+UvOKUWzbDOVRa44r9HaYGQ6Wa4k5Bu
yuU5/uis03gOgyYjHVWJkqBbN7CG7F8qGB2Q8bRpg+1SUQnN6lYEGnDIPIFtlKFy
Q5BEt5dmZfww9zTSeeuzvOu87ogiNsYztOjI8bsonDAxzONK2HhtlbWH/7hSx93w
1mu4AOd0nhfum49jMezAa3QO4EeTkhKCc5vhZUlMcA24reT9zlVWDi9JewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHPl0YLZ0q2zorSCJywu4LwT9xKRMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvYy1YUmd0blNyYk9pdElJbkxDN2d2QlAzRXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW5N8AwQA
1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQBgcRyEKytC+/7ObVqP8aOv8O15
75HysKmNTqAbOduZeE2ylv4LTEQXnAeHF2GMtChlscnp4hsqOX1KioZblPkXWwJ1
9xNybTKn2HPZvY6WSTWfYpHpQYPntdkEOeYQZwgHwQON9wZzzIJtAIemqa/+EIuR
2a+QuU7GIIW1egiUA1MdvcK05ZGEf0kXsSmOaZRDHc8e5ZamEKtzzUu82k6BjiNn
MjkjTipa8CMJsBs65LjnjlPqV6I0L5ueT30qtrjEdITCvbVeG/z43GQaYNWIpNtJ
yCvzy+zpg5/53VenHBQoEUry49feIiF/QGEwmoGlRc+XKrMB4vTa5hJ06fyp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:16 2025 by rpki-client