Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/IxELN8jHfnY7_eiTW5UslFy_la0.roa
File: IxELN8jHfnY7_eiTW5UslFy_la0.roa (raw, json)
Hash identifier: Qh86ypADCFlBbPVeQddLUBZgEuil75oDZ6j+LOdZDY4=
Subject key identifier: 23:11:0B:37:C8:C7:7E:76:3B:FD:E8:93:5B:95:2C:94:5C:BF:95:AD
Certificate issuer: /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial: 01856C65B4DBDA9E682E365634C961FD8541
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/IxELN8jHfnY7_eiTW5UslFy_la0.roa
Signing time: Sun 01 Jan 2023 08:14:42 +0000
ROA not before: Sun 01 Jan 2023 08:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62232
IP address blocks: 91.250.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:b4:db:da:9e:68:2e:36:56:34:c9:61:fd:85:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Validity
Not Before: Jan 1 08:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23110b37c8c77e763bfde8935b952c945cbf95ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:5f:30:fd:65:c3:37:54:9f:09:48:41:92:
bf:fd:88:cd:39:a5:65:27:68:ee:97:8c:92:e0:49:
57:69:c3:ae:a9:0c:54:67:25:2b:47:18:99:f1:e5:
3f:0b:43:c2:32:70:34:76:ad:d3:f4:89:7c:91:d1:
17:ae:23:4a:0e:bd:ea:8e:0b:fb:55:31:15:58:32:
c8:c8:33:c5:71:9d:7c:a7:98:0a:d1:1a:6e:db:a5:
73:9a:1e:00:8d:a6:4d:77:10:ea:cb:27:80:55:e0:
b6:68:17:a3:c7:66:6d:1c:3e:fc:7f:92:80:eb:bb:
47:4d:40:44:3a:4e:60:95:f0:fd:47:17:d8:9f:38:
e7:e6:46:7f:01:88:fc:40:9b:7e:b2:4f:a2:c4:09:
f4:17:4a:a2:d6:47:09:cd:6b:34:e3:f9:74:85:34:
e6:55:3b:bc:58:be:96:58:15:0c:d5:d9:64:97:0a:
32:7d:47:74:8c:ff:14:fb:79:40:9d:92:f7:3c:e3:
cf:c7:51:24:0c:64:70:ee:93:02:87:dc:76:74:45:
a2:72:45:66:c2:69:26:19:a3:dc:bd:08:96:d1:a2:
d5:e9:49:03:e1:42:08:af:f8:99:f5:27:d7:86:98:
e1:80:51:42:11:b1:25:40:60:b5:ad:ed:39:d0:2c:
71:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:11:0B:37:C8:C7:7E:76:3B:FD:E8:93:5B:95:2C:94:5C:BF:95:AD
X509v3 Authority Key Identifier:
keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/IxELN8jHfnY7_eiTW5UslFy_la0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.250.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:29:7c:42:1d:85:30:79:b8:7f:b9:94:e1:ea:98:b6:44:31:
4d:ab:f4:8f:a9:c0:36:a2:1c:3c:ac:5b:e5:9f:10:ef:13:70:
da:dc:c5:e4:90:87:6f:64:9f:ef:67:a7:28:b9:dd:d0:1c:c2:
ac:0b:f6:70:81:ab:93:6d:db:e9:e5:0b:be:8e:58:3c:86:20:
67:07:9d:00:d9:13:19:31:62:d9:91:ad:c4:cc:57:27:21:22:
fc:d6:52:f8:a9:a8:61:0c:ea:32:30:64:fe:7a:54:1a:af:e4:
9a:9c:25:ff:39:c6:0e:00:99:4e:56:24:95:e7:b7:d6:7c:4e:
f4:e3:2f:fa:44:9e:71:5c:da:c7:21:c3:67:ae:f2:72:fc:95:
c3:d2:2a:fc:07:86:7e:93:9e:79:f1:2f:e7:e5:74:a6:87:2d:
06:dc:a1:25:2b:25:fd:90:8b:b3:69:88:08:ba:74:66:82:33:
7d:68:7c:8f:01:8a:04:50:3e:df:3e:77:83:ee:e8:c6:db:28:
d8:33:1f:5b:8d:c8:48:ac:cc:ac:06:7e:27:0e:d0:e5:87:3c:
dd:bc:cc:68:7e:7c:5a:8a:f6:4b:b7:af:c7:bf:7a:06:d7:98:
a2:dd:52:e1:b9:18:ce:26:68:ba:8a:ee:a3:50:90:ba:23:45:
41:b0:51:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZbTb2p5oLjZWNMlh/YVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwM2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQw
ZDc3ODcwHhcNMjMwMTAxMDgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzExMGIzN2M4Yzc3ZTc2M2JmZGU4OTM1Yjk1MmM5NDVjYmY5NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh1fMP1lwzdUnwlIQZK//YjNOaVl
J2jul4yS4ElXacOuqQxUZyUrRxiZ8eU/C0PCMnA0dq3T9Il8kdEXriNKDr3qjgv7
VTEVWDLIyDPFcZ18p5gK0Rpu26Vzmh4AjaZNdxDqyyeAVeC2aBejx2ZtHD78f5KA
67tHTUBEOk5glfD9RxfYnzjn5kZ/AYj8QJt+sk+ixAn0F0qi1kcJzWs04/l0hTTm
VTu8WL6WWBUM1dlklwoyfUd0jP8U+3lAnZL3POPPx1EkDGRw7pMCh9x2dEWickVm
wmkmGaPcvQiW0aLV6UkD4UIIr/iZ9SfXhpjhgFFCEbElQGC1re050CxxywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMRCzfIx352O/3ok1uVLJRcv5WtMB8GA1UdIwQY
MBaAFLA8MCwvUid+PQq2hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2Et
NmY3MDI0YzNhYWQ3LzEvSXhFTE44akhmblk3X2VpVFc1VXNsRnlfbGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3
LzEvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/r1MA0G
CSqGSIb3DQEBCwUAA4IBAQCMKXxCHYUwebh/uZTh6pi2RDFNq/SPqcA2ohw8rFvl
nxDvE3Da3MXkkIdvZJ/vZ6coud3QHMKsC/ZwgauTbdvp5Qu+jlg8hiBnB50A2RMZ
MWLZka3EzFcnISL81lL4qahhDOoyMGT+elQar+SanCX/OcYOAJlOViSV57fWfE70
4y/6RJ5xXNrHIcNnrvJy/JXD0ir8B4Z+k5558S/n5XSmhy0G3KElKyX9kIuzaYgI
unRmgjN9aHyPAYoEUD7fPneD7ujG2yjYMx9bjchIrMysBn4nDtDlhzzdvMxofnxa
ivZLt6/Hv3oG15ii3VLhuRjOJmi6iu6jUJC6I0VBsFEZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:30 2025 by rpki-client