Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/kDZwOAsmCfmejighJR2EBQg_G7Y.roa
File: kDZwOAsmCfmejighJR2EBQg_G7Y.roa (raw, json)
Hash identifier: 0nlwmhKPR07O2KmQF7obgp8cDHwZn62UpfRCiI+Nv2Q=
Subject key identifier: 90:36:70:38:0B:26:09:F9:9E:8E:28:21:25:1D:84:05:08:3F:1B:B6
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 01879DDDA5D4CE63D86D7CABE1DC89B5EA58
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/kDZwOAsmCfmejighJR2EBQg_G7Y.roa
Signing time: Thu 20 Apr 2023 08:52:41 +0000
ROA not before: Thu 20 Apr 2023 08:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211090
IP address blocks: 185.253.78.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
2a10:f1c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:dd:a5:d4:ce:63:d8:6d:7c:ab:e1:dc:89:b5:ea:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Apr 20 08:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=903670380b2609f99e8e2821251d8405083f1bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:09:46:15:67:ed:ef:f8:d7:22:50:8b:02:e1:
b5:d9:4e:f6:59:59:4a:03:61:26:81:9a:da:c4:98:
0d:3d:54:5a:18:2c:74:bd:4d:c3:d9:8d:23:b8:5f:
30:35:c6:8a:f1:33:43:70:84:0d:7e:cd:52:fc:1e:
03:d9:7d:ec:8b:ba:40:a8:e8:b6:69:e2:5e:55:49:
d9:78:03:68:88:1d:42:4d:47:b1:e4:12:1a:52:9c:
27:e5:6b:67:33:95:2a:93:f1:c6:35:55:25:c6:26:
69:59:29:ad:ff:c8:32:a7:13:65:9d:8d:cc:71:c9:
bb:a0:a2:74:2b:39:5c:90:46:36:52:b7:a9:a4:23:
8a:2a:81:97:86:4b:55:c3:43:e8:5d:06:37:21:37:
86:a9:ab:b7:fa:3f:a9:4d:96:aa:1b:b6:4f:13:1a:
37:d9:50:33:c0:fc:4d:70:9a:4c:91:07:3e:e9:4a:
75:47:90:10:47:30:89:4f:d6:58:9d:61:ef:18:7d:
be:b2:a1:e3:20:a0:b5:91:9f:ea:67:f6:d7:82:bb:
6a:cf:c7:5e:2e:fb:38:a0:1e:cd:8b:c6:ec:ed:7b:
ec:ec:53:d9:6e:f8:27:af:4c:b1:be:bc:e7:20:49:
d6:c3:f4:36:ac:be:0e:48:3d:84:dd:e1:5f:48:e3:
c2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:36:70:38:0B:26:09:F9:9E:8E:28:21:25:1D:84:05:08:3F:1B:B6
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/kDZwOAsmCfmejighJR2EBQg_G7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.119.0/24
185.253.78.0/24
IPv6:
2a10:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
41:9d:12:2c:5c:b5:94:84:39:df:77:de:73:81:ea:2d:5c:96:
bc:2e:27:98:ff:7a:76:66:43:cf:d6:0c:ce:c3:c5:1d:74:bb:
4e:48:f7:fb:6d:64:20:f1:1d:60:be:d0:4b:42:b1:2b:10:9a:
48:19:a8:90:d1:e8:a4:f3:73:bb:cb:ed:0c:cc:a6:d6:73:80:
f2:60:01:92:56:80:ce:ad:49:20:7f:15:e4:2d:c7:be:6d:de:
17:b8:50:ac:60:1f:c9:25:06:05:8b:df:b8:cc:c2:e7:2f:13:
10:c2:96:33:51:28:96:52:16:f1:1d:f3:cb:87:ed:2d:92:99:
21:8a:eb:f7:54:28:17:49:59:2d:ee:91:6d:ec:26:21:86:7c:
ce:f6:b6:5a:e1:ee:99:0f:6f:18:6a:88:44:58:75:db:6c:0b:
88:39:12:23:e6:bd:44:65:ba:e7:4e:ab:5b:d5:a7:4e:26:ef:
12:8f:b9:81:34:78:dd:f5:aa:85:c8:bd:63:51:5b:eb:67:76:
f8:e7:62:e2:fe:46:11:9e:82:00:52:1c:cb:d1:ba:b6:e3:80:
79:c4:22:e7:44:a4:90:01:c1:2a:9f:b7:3c:06:78:f4:2e:76:
16:b5:38:cd:a6:8c:59:e3:1e:bf:57:95:fd:4c:b7:52:2d:06:
84:5f:cb:65
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYed3aXUzmPYbXyr4dyJtepYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjMwNDIwMDg1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM2NzAzODBiMjYwOWY5OWU4ZTI4MjEyNTFkODQwNTA4M2YxYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAlGFWft7/jXIlCLAuG12U72WVlK
A2EmgZraxJgNPVRaGCx0vU3D2Y0juF8wNcaK8TNDcIQNfs1S/B4D2X3si7pAqOi2
aeJeVUnZeANoiB1CTUex5BIaUpwn5WtnM5Uqk/HGNVUlxiZpWSmt/8gypxNlnY3M
ccm7oKJ0KzlckEY2UreppCOKKoGXhktVw0PoXQY3ITeGqau3+j+pTZaqG7ZPExo3
2VAzwPxNcJpMkQc+6Up1R5AQRzCJT9ZYnWHvGH2+sqHjIKC1kZ/qZ/bXgrtqz8de
Lvs4oB7Ni8bs7Xvs7FPZbvgnr0yxvrznIEnWw/Q2rL4OSD2E3eFfSOPCjwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJA2cDgLJgn5no4oISUdhAUIPxu2MB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEva0Rad09Bc21DZm1lamlnaEpSMkVCUWdfRzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW+93AwQA
uf1OMA8EAgACMAkDBwAqEPHAAAAwDQYJKoZIhvcNAQELBQADggEBAEGdEixctZSE
Od933nOB6i1clrwuJ5j/enZmQ8/WDM7DxR10u05I9/ttZCDxHWC+0EtCsSsQmkgZ
qJDR6KTzc7vL7QzMptZzgPJgAZJWgM6tSSB/FeQtx75t3he4UKxgH8klBgWL37jM
wucvExDCljNRKJZSFvEd88uH7S2SmSGK6/dUKBdJWS3ukW3sJiGGfM72tlrh7pkP
bxhqiERYddtsC4g5EiPmvURluudOq1vVp04m7xKPuYE0eN31qoXIvWNRW+tndvjn
YuL+RhGeggBSHMvRurbjgHnEIudEpJABwSqftzwGePQudha1OM2mjFnjHr9Xlf1M
t1ItBoRfy2U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:10 2025 by rpki-client