Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/h3oUFHLiIaDbPq9OU_MF9AtLXQw.roa
File: h3oUFHLiIaDbPq9OU_MF9AtLXQw.roa (raw, json)
Hash identifier: M6pG/HkyK+e6PAQwzGWOIYyq5zzVe0FWLWxDGH0s8qw=
Subject key identifier: 87:7A:14:14:72:E2:21:A0:DB:3E:AF:4E:53:F3:05:F4:0B:4B:5D:0C
Certificate issuer: /CN=175124a17b87215f79205cd1486f61839cf9e6f8
Certificate serial: 0185713095ECB31633CFCEF5EB24E551C4FD
Authority key identifier: 17:51:24:A1:7B:87:21:5F:79:20:5C:D1:48:6F:61:83:9C:F9:E6:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1EkoXuHIV95IFzRSG9hg5z55vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/h3oUFHLiIaDbPq9OU_MF9AtLXQw.roa
Signing time: Mon 02 Jan 2023 06:34:47 +0000
ROA not before: Mon 02 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51932
IP address blocks: 91.221.140.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:95:ec:b3:16:33:cf:ce:f5:eb:24:e5:51:c4:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175124a17b87215f79205cd1486f61839cf9e6f8
Validity
Not Before: Jan 2 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=877a141472e221a0db3eaf4e53f305f40b4b5d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7b:18:e7:7d:06:10:19:f0:b4:2c:78:b1:fc:
dc:c2:cc:f7:19:a5:24:2f:3c:b2:3c:30:a7:b6:17:
4e:7b:d0:3d:bc:be:e5:38:48:1d:d3:b2:1b:f8:f2:
41:aa:be:8c:df:1e:40:73:1b:62:25:77:79:4a:a3:
8c:bc:b7:76:91:f6:d4:6b:9a:6d:a9:4e:66:6e:27:
c2:6b:f9:25:e1:2e:50:1c:85:e7:25:16:24:67:e2:
2a:da:d3:7c:83:fe:bf:e5:77:e3:5d:88:90:87:94:
85:83:18:ad:d4:52:3f:6a:32:08:76:39:8d:da:1b:
d8:bf:1e:48:4d:f4:15:e0:e0:c8:9f:90:b0:c4:c5:
0b:28:5b:98:21:4d:71:76:37:32:3e:bc:b6:0b:81:
87:6d:92:21:89:11:ff:49:68:3b:17:e1:21:29:c0:
c8:26:23:da:3d:f0:29:35:b1:1d:92:85:3a:07:17:
8c:44:fe:01:e3:ee:5d:b8:90:be:ec:c8:99:8f:57:
a9:5e:ae:d8:32:d9:22:27:16:90:ee:33:c8:7c:1d:
01:03:ca:8a:95:6d:a5:ee:1f:8e:d0:c8:57:56:6e:
be:dc:67:e4:b0:5d:b7:d5:22:34:5c:b8:ab:2f:29:
df:39:49:be:90:07:8b:15:6e:4c:5d:58:a8:fb:d2:
e6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7A:14:14:72:E2:21:A0:DB:3E:AF:4E:53:F3:05:F4:0B:4B:5D:0C
X509v3 Authority Key Identifier:
keyid:17:51:24:A1:7B:87:21:5F:79:20:5C:D1:48:6F:61:83:9C:F9:E6:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1EkoXuHIV95IFzRSG9hg5z55vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/h3oUFHLiIaDbPq9OU_MF9AtLXQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/F1EkoXuHIV95IFzRSG9hg5z55vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.140.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:d3:62:f8:44:03:b5:09:5c:46:27:db:40:b0:05:28:55:ff:
49:9d:e0:1d:9a:23:dd:d4:1f:4e:dc:ac:de:12:d4:29:14:f1:
3b:66:ec:15:ad:fd:f8:8a:a1:43:10:6f:09:8e:eb:3f:43:fd:
28:52:c1:d0:71:0d:95:53:22:d4:f9:45:c8:da:82:8e:0d:f3:
e6:6c:54:c1:f1:0f:8b:44:b5:7b:74:e1:32:f9:3f:98:58:b8:
2a:46:20:20:e5:5b:d8:a4:dd:87:aa:86:b7:58:e7:b8:ee:cf:
fe:d7:95:75:40:bf:b2:3e:77:a6:f2:6f:43:2c:94:08:a8:c5:
e9:be:99:1c:dd:f4:28:6e:5e:62:33:c4:eb:a9:06:74:0a:44:
ca:09:6f:d3:cf:3f:cd:ad:b1:96:91:76:bf:56:8b:e9:09:e8:
44:15:f7:09:95:92:42:41:4c:e5:f1:b0:55:ea:69:ab:b5:c1:
2d:2a:61:2b:dc:28:64:58:45:99:00:fd:44:17:01:d2:cd:ab:
39:f2:88:67:05:bc:62:ad:d1:db:c5:94:f9:ca:5e:21:80:8f:
28:72:be:3b:7f:05:ec:4f:9a:1c:26:76:88:90:3c:52:38:8c:
4d:bb:49:e2:8f:2b:4f:e8:64:e7:27:8b:c0:15:ae:1f:21:45:
fc:82:a3:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMJXssxYzz8716yTlUcT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTEyNGExN2I4NzIxNWY3OTIwNWNkMTQ4NmY2MTgzOWNm
OWU2ZjgwHhcNMjMwMTAyMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdhMTQxNDcyZTIyMWEwZGIzZWFmNGU1M2YzMDVmNDBiNGI1ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3sY530GEBnwtCx4sfzcwsz3GaUk
LzyyPDCnthdOe9A9vL7lOEgd07Ib+PJBqr6M3x5AcxtiJXd5SqOMvLd2kfbUa5pt
qU5mbifCa/kl4S5QHIXnJRYkZ+Iq2tN8g/6/5XfjXYiQh5SFgxit1FI/ajIIdjmN
2hvYvx5ITfQV4ODIn5CwxMULKFuYIU1xdjcyPry2C4GHbZIhiRH/SWg7F+EhKcDI
JiPaPfApNbEdkoU6BxeMRP4B4+5duJC+7MiZj1epXq7YMtkiJxaQ7jPIfB0BA8qK
lW2l7h+O0MhXVm6+3GfksF231SI0XLirLynfOUm+kAeLFW5MXVio+9LmUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFId6FBRy4iGg2z6vTlPzBfQLS10MMB8GA1UdIwQY
MBaAFBdRJKF7hyFfeSBc0UhvYYOc+eb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFFa29YdUhJVjk1SUZ6UlNHOWhnNXo1NXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wZDRhZmYtNDJkYi00MjdkLWFkNWUt
YzYzN2IwZGNkYzhlLzEvaDNvVUZITGlJYURiUHE5T1VfTUY5QXRMWFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wZDRhZmYtNDJkYi00MjdkLWFkNWUtYzYzN2IwZGNkYzhl
LzEvRjFFa29YdUhJVjk1SUZ6UlNHOWhnNXo1NXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW92MMA0G
CSqGSIb3DQEBCwUAA4IBAQCu02L4RAO1CVxGJ9tAsAUoVf9JneAdmiPd1B9O3Kze
EtQpFPE7ZuwVrf34iqFDEG8Jjus/Q/0oUsHQcQ2VUyLU+UXI2oKODfPmbFTB8Q+L
RLV7dOEy+T+YWLgqRiAg5VvYpN2Hqoa3WOe47s/+15V1QL+yPnem8m9DLJQIqMXp
vpkc3fQobl5iM8TrqQZ0CkTKCW/Tzz/NrbGWkXa/VovpCehEFfcJlZJCQUzl8bBV
6mmrtcEtKmEr3ChkWEWZAP1EFwHSzas58ohnBbxirdHbxZT5yl4hgI8ocr47fwXs
T5ocJnaIkDxSOIxNu0nijytP6GTnJ4vAFa4fIUX8gqMk
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:28:08 2025 by rpki-client