Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cc843e-60c7-47ac-823b-f8d6bd30cc19/1/3MkQ0p3ZtbvWhR4mexsEy3ZqBb8.roa
File: 3MkQ0p3ZtbvWhR4mexsEy3ZqBb8.roa (raw, json)
Hash identifier: 2WrOl4xRr0UE8Cuds6by2pagtjQX9j7G/6ki+0ZNgzg=
Subject key identifier: DC:C9:10:D2:9D:D9:B5:BB:D6:85:1E:26:7B:1B:04:CB:76:6A:05:BF
Certificate issuer: /CN=0adcf62c6b5411139a5d1309dd9ed926f4314320
Certificate serial: 0185724C656FFB36A5C9FF502E3D28B290A4
Authority key identifier: 0A:DC:F6:2C:6B:54:11:13:9A:5D:13:09:DD:9E:D9:26:F4:31:43:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ctz2LGtUEROaXRMJ3Z7ZJvQxQyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cc843e-60c7-47ac-823b-f8d6bd30cc19/1/3MkQ0p3ZtbvWhR4mexsEy3ZqBb8.roa
Signing time: Mon 02 Jan 2023 11:44:47 +0000
ROA not before: Mon 02 Jan 2023 11:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208693
IP address blocks: 91.132.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:65:6f:fb:36:a5:c9:ff:50:2e:3d:28:b2:90:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0adcf62c6b5411139a5d1309dd9ed926f4314320
Validity
Not Before: Jan 2 11:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcc910d29dd9b5bbd6851e267b1b04cb766a05bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8e:61:1b:1d:55:28:90:77:49:15:c4:36:e0:
cd:9f:de:90:2d:ec:b9:d2:0e:7b:42:74:a8:30:c3:
da:5b:22:0a:80:a5:21:4c:99:04:d5:da:42:8b:f3:
20:26:9f:66:42:fc:b1:0c:ed:d5:3a:90:18:82:94:
4b:d9:ee:4f:ab:c8:8a:26:ab:42:3d:c8:fb:26:1b:
87:d8:99:df:41:48:7c:fe:c9:9e:96:4d:d6:9e:c1:
4a:93:1c:6a:7b:c0:0b:ab:0e:d9:e5:95:f2:5d:4f:
3f:13:95:be:51:eb:12:87:77:3e:c7:9c:6a:13:de:
9a:63:41:df:83:a9:a3:a9:ef:36:1c:9c:db:ea:5f:
e3:9d:5b:1d:8b:2b:df:98:a2:1e:a0:e8:b7:15:e8:
59:56:21:b7:97:2b:de:5d:fa:32:f9:ce:da:f1:e3:
e1:42:fa:fb:ee:54:40:31:e4:bb:02:5b:b7:88:e5:
77:1c:c6:f5:c5:b8:36:c4:24:ba:9f:a1:db:f3:ae:
1b:4b:a4:dc:37:0b:3b:a0:f7:7a:90:97:37:b2:74:
77:63:55:33:8f:82:2c:ce:c7:df:c3:6d:7d:d1:b3:
cd:f0:5f:15:f3:17:5a:8a:a5:ca:9b:55:af:a3:6a:
46:ca:bc:25:c1:70:c9:71:94:b0:d4:a9:a4:97:81:
6b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C9:10:D2:9D:D9:B5:BB:D6:85:1E:26:7B:1B:04:CB:76:6A:05:BF
X509v3 Authority Key Identifier:
keyid:0A:DC:F6:2C:6B:54:11:13:9A:5D:13:09:DD:9E:D9:26:F4:31:43:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ctz2LGtUEROaXRMJ3Z7ZJvQxQyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cc843e-60c7-47ac-823b-f8d6bd30cc19/1/3MkQ0p3ZtbvWhR4mexsEy3ZqBb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cc843e-60c7-47ac-823b-f8d6bd30cc19/1/Ctz2LGtUEROaXRMJ3Z7ZJvQxQyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.243.0/24
Signature Algorithm: sha256WithRSAEncryption
30:43:21:5f:e5:91:87:26:0b:5d:22:74:e9:e5:c6:5b:bf:c4:
55:cc:d4:02:7e:b4:ff:ae:58:04:6f:0f:14:16:0f:a2:07:70:
6c:b3:9c:f6:92:9f:ec:37:32:78:cf:43:f6:a8:e3:9c:d0:19:
1d:f6:ea:a8:27:e7:1b:0c:ef:60:85:ce:63:ee:90:66:21:f0:
f8:c9:ee:4b:3c:46:d8:73:da:dd:be:7c:50:e0:ab:e7:6e:aa:
3e:70:cf:1d:25:d7:ff:03:0e:28:31:86:4f:0e:34:17:18:75:
3e:82:92:ee:76:81:19:c9:05:b6:c4:5d:65:68:7d:81:b1:68:
01:b5:9e:ee:81:55:20:4c:99:0e:b3:c7:8b:56:93:de:a1:07:
a7:92:3d:a2:8c:49:7b:52:47:c7:75:8d:2c:d4:c0:17:ea:b2:
32:82:a6:3d:a0:81:b8:bf:6c:68:36:d8:f9:50:ee:83:44:4e:
ca:16:81:9f:3b:d4:e2:bc:ba:89:5b:d0:53:01:f1:7e:d3:b0:
97:f7:6b:87:8b:ff:59:61:d0:4d:35:ae:07:d3:73:4b:73:fe:
eb:6a:ab:ae:a0:ff:d4:63:53:87:75:71:07:0c:8e:e9:b1:35:
43:ce:a3:7e:5d:e3:bb:41:69:63:b0:1f:9e:b2:f9:be:24:34:
98:0d:bf:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTGVv+zalyf9QLj0ospCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZGNmNjJjNmI1NDExMTM5YTVkMTMwOWRkOWVkOTI2ZjQz
MTQzMjAwHhcNMjMwMTAyMTE0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M5MTBkMjlkZDliNWJiZDY4NTFlMjY3YjFiMDRjYjc2NmEwNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7o5hGx1VKJB3SRXENuDNn96QLey5
0g57QnSoMMPaWyIKgKUhTJkE1dpCi/MgJp9mQvyxDO3VOpAYgpRL2e5Pq8iKJqtC
Pcj7JhuH2JnfQUh8/smelk3WnsFKkxxqe8ALqw7Z5ZXyXU8/E5W+UesSh3c+x5xq
E96aY0Hfg6mjqe82HJzb6l/jnVsdiyvfmKIeoOi3FehZViG3lyveXfoy+c7a8ePh
Qvr77lRAMeS7Alu3iOV3HMb1xbg2xCS6n6Hb864bS6TcNws7oPd6kJc3snR3Y1Uz
j4Iszsffw2190bPN8F8V8xdaiqXKm1Wvo2pGyrwlwXDJcZSw1Kmkl4FrYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzJENKd2bW71oUeJnsbBMt2agW/MB8GA1UdIwQY
MBaAFArc9ixrVBETml0TCd2e2Sb0MUMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3R6MkxHdFVFUk9hWFJNSjNaN1pKdlF4UXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYzg0M2UtNjBjNy00N2FjLTgyM2It
ZjhkNmJkMzBjYzE5LzEvM01rUTBwM1p0YnZXaFI0bWV4c0V5M1pxQmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYzg0M2UtNjBjNy00N2FjLTgyM2ItZjhkNmJkMzBjYzE5
LzEvQ3R6MkxHdFVFUk9hWFJNSjNaN1pKdlF4UXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW4TzMA0G
CSqGSIb3DQEBCwUAA4IBAQAwQyFf5ZGHJgtdInTp5cZbv8RVzNQCfrT/rlgEbw8U
Fg+iB3Bss5z2kp/sNzJ4z0P2qOOc0Bkd9uqoJ+cbDO9ghc5j7pBmIfD4ye5LPEbY
c9rdvnxQ4Kvnbqo+cM8dJdf/Aw4oMYZPDjQXGHU+gpLudoEZyQW2xF1laH2BsWgB
tZ7ugVUgTJkOs8eLVpPeoQenkj2ijEl7UkfHdY0s1MAX6rIygqY9oIG4v2xoNtj5
UO6DRE7KFoGfO9TivLqJW9BTAfF+07CX92uHi/9ZYdBNNa4H03NLc/7raquuoP/U
Y1OHdXEHDI7psTVDzqN+XeO7QWljsB+esvm+JDSYDb+J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:01 2025 by rpki-client