Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/g0nBlnNLZZvPCAxjPogb6fiFCv4.roa
File: g0nBlnNLZZvPCAxjPogb6fiFCv4.roa (raw, json)
Hash identifier: dSBvgsQQ+EV3v6TTgcvRLUYelrrjfBLYLdiTdVos/b0=
Subject key identifier: 83:49:C1:96:73:4B:65:9B:CF:08:0C:63:3E:88:1B:E9:F8:85:0A:FE
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01858575B5CE8A5870E6BDE1BCAA32CAA7D8
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/g0nBlnNLZZvPCAxjPogb6fiFCv4.roa
Signing time: Fri 06 Jan 2023 05:02:42 +0000
ROA not before: Fri 06 Jan 2023 05:02:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210439
IP address blocks: 91.147.116.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:85:75:b5:ce:8a:58:70:e6:bd:e1:bc:aa:32:ca:a7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 6 05:02:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8349c196734b659bcf080c633e881be9f8850afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:e7:d8:3a:91:0d:a8:45:8b:ae:48:94:2b:
9f:6f:46:ab:d6:9c:49:27:c8:e7:1e:6a:27:f8:8b:
5c:12:70:64:34:6c:38:40:a0:15:c7:ee:d3:13:99:
79:e8:21:57:02:3b:63:36:06:24:fc:bc:82:3a:08:
1d:d3:c8:44:69:8c:1e:a2:44:8f:0e:79:a6:14:72:
a5:47:4b:ec:85:c7:a3:3d:dc:6e:48:4a:2b:68:a3:
3d:14:4b:88:8f:a8:63:7c:7b:1f:7d:d7:d7:d7:3f:
c8:e8:9f:58:ab:1a:07:55:17:fd:4b:23:92:28:3a:
34:b9:58:10:c0:1a:20:51:ea:c7:90:77:38:96:c9:
20:fe:ad:1a:b3:17:e5:03:fc:f9:32:7e:69:dc:29:
d6:4a:eb:aa:67:21:e0:59:bb:ed:db:85:d4:bc:42:
71:3b:36:22:b1:64:f4:b3:ad:6a:b8:5b:77:6f:84:
c1:aa:a0:76:68:ab:b0:a3:af:38:2f:3e:11:eb:55:
8c:e5:03:37:af:94:16:c0:86:00:1e:52:c4:40:4a:
03:6f:d1:27:bb:6e:22:38:36:06:8d:7c:c4:6b:d1:
8c:01:52:bf:14:7d:a7:9e:6f:71:ad:7e:d4:62:c2:
5b:78:08:3f:8e:e9:c6:1b:7c:29:57:74:aa:42:fc:
79:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:49:C1:96:73:4B:65:9B:CF:08:0C:63:3E:88:1B:E9:F8:85:0A:FE
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/g0nBlnNLZZvPCAxjPogb6fiFCv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/24
91.147.118.0/24
91.147.123.0/24
Signature Algorithm: sha256WithRSAEncryption
70:be:b0:50:81:ff:58:b1:06:5e:93:d7:52:33:22:f2:0f:4a:
5b:83:73:1b:6a:1b:47:86:85:06:33:36:aa:62:c3:e8:64:f5:
4c:92:6c:2d:6d:60:59:c1:0b:0e:ee:47:fd:60:78:ac:a1:d8:
38:8f:28:a5:9a:f7:70:a3:34:9e:00:a4:83:3b:70:1b:2d:20:
b8:e5:3b:09:11:ba:c4:63:21:62:af:25:5f:87:67:94:e8:56:
d7:ee:8b:79:0e:bd:e6:d0:55:72:c2:18:28:bd:e3:dc:3f:1e:
5b:1b:7d:45:08:07:a2:9e:2e:b0:fc:15:4b:e1:27:6a:fb:ce:
62:11:a2:22:33:7e:4e:30:50:7c:f3:2f:5a:7e:70:9f:33:8c:
11:82:f8:88:ac:7b:ba:3f:80:26:4a:e8:6c:79:6e:74:8e:0b:
fe:9b:84:c4:5a:61:e2:81:18:52:59:c1:2f:f6:cb:f7:11:52:
c9:56:e4:26:a1:0e:ce:22:fd:02:bc:63:59:fe:d9:51:b9:7a:
59:a5:f0:04:11:58:24:1d:33:6f:4b:c8:18:a5:9b:5a:23:a0:
17:48:9a:97:5f:60:ad:fc:f0:86:c0:7b:f6:d3:5b:d5:31:dd:
b4:ae:88:80:c3:97:39:a5:89:2a:90:ff:75:d9:b6:48:4e:5c:
26:f5:df:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWFdbXOilhw5r3hvKoyyqfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwMTA2MDUwMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ5YzE5NjczNGI2NTliY2YwODBjNjMzZTg4MWJlOWY4ODUwYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdfn2DqRDahFi65IlCufb0ar1pxJ
J8jnHmon+ItcEnBkNGw4QKAVx+7TE5l56CFXAjtjNgYk/LyCOggd08hEaYweokSP
DnmmFHKlR0vshcejPdxuSEoraKM9FEuIj6hjfHsffdfX1z/I6J9YqxoHVRf9SyOS
KDo0uVgQwBogUerHkHc4lskg/q0asxflA/z5Mn5p3CnWSuuqZyHgWbvt24XUvEJx
OzYisWT0s61quFt3b4TBqqB2aKuwo684Lz4R61WM5QM3r5QWwIYAHlLEQEoDb9En
u24iODYGjXzEa9GMAVK/FH2nnm9xrX7UYsJbeAg/junGG3wpV3SqQvx5cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFINJwZZzS2WbzwgMYz6IG+n4hQr+MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvZzBuQmxuTkxaWnZQQ0F4alBvZ2I2ZmlGQ3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5N0AwQA
W5N2AwQAW5N7MA0GCSqGSIb3DQEBCwUAA4IBAQBwvrBQgf9YsQZek9dSMyLyD0pb
g3MbahtHhoUGMzaqYsPoZPVMkmwtbWBZwQsO7kf9YHisodg4jyilmvdwozSeAKSD
O3AbLSC45TsJEbrEYyFiryVfh2eU6FbX7ot5Dr3m0FVywhgovePcPx5bG31FCAei
ni6w/BVL4Sdq+85iEaIiM35OMFB88y9afnCfM4wRgviIrHu6P4AmSuhseW50jgv+
m4TEWmHigRhSWcEv9sv3EVLJVuQmoQ7OIv0CvGNZ/tlRuXpZpfAEEVgkHTNvS8gY
pZtaI6AXSJqXX2Ct/PCGwHv201vVMd20roiAw5c5pYkqkP912bZITlwm9d/T
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:13 2025 by rpki-client