Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/B1HBc_RgEoirRjftwXGs_id0Oxs.roa
File: B1HBc_RgEoirRjftwXGs_id0Oxs.roa (raw, json)
Hash identifier: HCg/mCln8KKT5uNoh02XOomDW7JKI7zGYDD3bAmvtuc=
Subject key identifier: 07:51:C1:73:F4:60:12:88:AB:46:37:ED:C1:71:AC:FE:27:74:3B:1B
Certificate issuer: /CN=327b3420c25013795e822a2ae50d38dc1d382793
Certificate serial: 01856C25E3E5A44653B382918B8257E0787F
Authority key identifier: 32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/B1HBc_RgEoirRjftwXGs_id0Oxs.roa
Signing time: Sun 01 Jan 2023 07:05:00 +0000
ROA not before: Sun 01 Jan 2023 07:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207582
IP address blocks: 91.205.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:e3:e5:a4:46:53:b3:82:91:8b:82:57:e0:78:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=327b3420c25013795e822a2ae50d38dc1d382793
Validity
Not Before: Jan 1 07:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0751c173f4601288ab4637edc171acfe27743b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a4:38:ea:f5:d5:21:40:36:4e:7f:19:7c:d1:
15:55:69:90:d5:a1:fe:3c:5b:2c:62:39:9c:44:31:
01:df:60:85:b9:e7:61:4c:52:17:bf:83:27:6c:ec:
3c:92:78:6e:76:96:a0:84:6f:62:5a:fb:f8:82:e1:
df:5e:a4:c9:a2:2f:6f:07:9d:de:ab:20:06:38:81:
ff:31:d7:d1:16:c5:8d:8e:ff:13:27:7f:c4:f0:10:
a1:36:61:f3:90:ab:39:4b:75:59:83:f6:7e:44:d6:
40:a6:33:d1:5f:58:02:9e:e4:d9:c9:d0:51:aa:4b:
ee:91:cb:f9:21:fc:04:d6:b4:be:33:3f:a6:1c:d8:
32:24:f3:ae:aa:8c:7f:4c:bf:83:e3:d4:97:e4:7c:
49:46:7e:15:f7:eb:cc:95:8e:30:cf:ad:1f:c5:08:
9b:6a:a4:d7:52:69:2f:4d:49:1d:82:a3:d9:ca:4a:
59:ea:6d:75:e0:87:ab:bb:77:1f:25:0a:48:69:25:
43:34:19:a5:28:ae:98:1c:7b:18:4f:11:65:6c:d6:
27:75:3a:aa:54:2b:b1:72:90:90:12:f2:23:5b:29:
48:fb:50:cc:65:41:62:72:c5:fc:61:5d:5a:8c:88:
ad:75:13:d8:89:27:b8:f6:9f:5e:44:4b:dd:df:86:
fe:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:51:C1:73:F4:60:12:88:AB:46:37:ED:C1:71:AC:FE:27:74:3B:1B
X509v3 Authority Key Identifier:
keyid:32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/B1HBc_RgEoirRjftwXGs_id0Oxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.41.0/24
Signature Algorithm: sha256WithRSAEncryption
22:d5:1e:a8:64:bb:5c:10:88:bc:f1:8d:19:f9:9e:94:8f:11:
95:b0:24:10:37:bf:e8:50:a0:ec:e5:c3:7c:b2:4b:34:33:53:
8c:38:6e:d6:fa:c4:4a:47:1b:9c:80:ce:2d:cb:f7:c2:4b:34:
37:9d:c5:98:22:b5:3d:a3:88:ae:26:ed:7e:47:b5:45:6c:1d:
28:04:e6:77:48:56:7a:63:c1:39:da:e8:17:f2:51:3f:00:44:
12:67:18:e7:fe:3c:dc:6e:28:55:d9:3c:cd:81:a2:0d:85:a3:
53:e5:63:f8:23:23:a4:2b:cf:e2:3b:5a:04:30:26:59:fa:e0:
39:8b:92:c8:46:90:55:11:46:57:4e:cd:5f:f4:71:a2:38:a5:
4a:af:2f:ea:f0:fe:28:5b:89:82:10:e3:86:d6:51:ea:e1:89:
5f:30:80:58:b4:a7:80:c7:c7:84:8f:e6:2f:2e:29:7f:4f:64:
7f:e5:99:72:2c:e5:a0:22:a7:fc:3b:c0:71:ef:e8:b2:e9:e7:
44:4f:5e:d9:7e:af:2e:75:c2:8b:0c:cf:2f:b7:1f:5f:46:5b:
5e:ef:48:bf:96:16:c4:50:78:cf:31:9b:f9:ec:6b:84:82:cc:
84:c6:4b:29:d0:9e:97:33:9b:0a:28:d4:8a:51:ce:a5:02:87:
b1:04:dd:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJePlpEZTs4KRi4JX4Hh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyN2IzNDIwYzI1MDEzNzk1ZTgyMmEyYWU1MGQzOGRjMWQz
ODI3OTMwHhcNMjMwMTAxMDcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzUxYzE3M2Y0NjAxMjg4YWI0NjM3ZWRjMTcxYWNmZTI3NzQzYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaQ46vXVIUA2Tn8ZfNEVVWmQ1aH+
PFssYjmcRDEB32CFuedhTFIXv4MnbOw8knhudpaghG9iWvv4guHfXqTJoi9vB53e
qyAGOIH/MdfRFsWNjv8TJ3/E8BChNmHzkKs5S3VZg/Z+RNZApjPRX1gCnuTZydBR
qkvukcv5IfwE1rS+Mz+mHNgyJPOuqox/TL+D49SX5HxJRn4V9+vMlY4wz60fxQib
aqTXUmkvTUkdgqPZykpZ6m114Ieru3cfJQpIaSVDNBmlKK6YHHsYTxFlbNYndTqq
VCuxcpCQEvIjWylI+1DMZUFicsX8YV1ajIitdRPYiSe49p9eREvd34b+fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdRwXP0YBKIq0Y37cFxrP4ndDsbMB8GA1UdIwQY
MBaAFDJ7NCDCUBN5XoIqKuUNONwdOCeTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zNjMxZTAtNTZkNy00YzI5LTk1YzQt
NjY4MmIwN2ZhOTQ3LzEvQjFIQmNfUmdFb2lyUmpmdHdYR3NfaWQwT3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zNjMxZTAtNTZkNy00YzI5LTk1YzQtNjY4MmIwN2ZhOTQ3
LzEvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW80pMA0G
CSqGSIb3DQEBCwUAA4IBAQAi1R6oZLtcEIi88Y0Z+Z6UjxGVsCQQN7/oUKDs5cN8
sks0M1OMOG7W+sRKRxucgM4ty/fCSzQ3ncWYIrU9o4iuJu1+R7VFbB0oBOZ3SFZ6
Y8E52ugX8lE/AEQSZxjn/jzcbihV2TzNgaINhaNT5WP4IyOkK8/iO1oEMCZZ+uA5
i5LIRpBVEUZXTs1f9HGiOKVKry/q8P4oW4mCEOOG1lHq4YlfMIBYtKeAx8eEj+Yv
Lil/T2R/5ZlyLOWgIqf8O8Bx7+iy6edET17Zfq8udcKLDM8vtx9fRlte70i/lhbE
UHjPMZv57GuEgsyExksp0J6XM5sKKNSKUc6lAoexBN1Y
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:18:44 2025 by rpki-client