Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/zJGXyMF51MCMfZ7vYyqd4Ke3wT4.roa
File: zJGXyMF51MCMfZ7vYyqd4Ke3wT4.roa (raw, json)
Hash identifier: F15RksCyGdoBQwwKtFcNA4rIgFW7788AfkPlA7qWp+g=
Subject key identifier: CC:91:97:C8:C1:79:D4:C0:8C:7D:9E:EF:63:2A:9D:E0:A7:B7:C1:3E
Certificate issuer: /CN=28bebd4658618473ed4c83767c51de8e233c3292
Certificate serial: 01856D5D0D0E8BD1408EB93A18CF6878A659
Authority key identifier: 28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/zJGXyMF51MCMfZ7vYyqd4Ke3wT4.roa
Signing time: Sun 01 Jan 2023 12:44:52 +0000
ROA not before: Sun 01 Jan 2023 12:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199577
IP address blocks: 91.217.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:0d:0e:8b:d1:40:8e:b9:3a:18:cf:68:78:a6:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bebd4658618473ed4c83767c51de8e233c3292
Validity
Not Before: Jan 1 12:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc9197c8c179d4c08c7d9eef632a9de0a7b7c13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e6:da:cb:76:19:bd:74:b6:4c:a4:27:f6:4c:
39:f0:79:99:a7:19:97:de:22:9f:7c:1a:29:e2:e0:
bf:fc:f1:6c:d0:8b:63:10:a4:b1:9e:5b:6c:78:ec:
3a:04:b3:19:a1:3b:63:e5:1c:67:a2:6c:3c:45:02:
5c:a5:cd:d2:22:8e:74:a9:40:c0:dd:cc:74:53:33:
a2:38:1a:08:e4:d2:76:3a:b2:f0:10:21:6b:6f:0d:
0b:02:92:f8:ea:57:4b:ae:f7:fb:35:ed:e3:c5:12:
48:36:3b:c9:62:ff:54:96:0b:4b:3d:68:51:a4:b3:
50:4a:d7:0f:8a:6d:79:23:78:2b:ec:6e:53:cd:88:
9a:8b:ce:3c:7a:21:e9:1e:26:3e:01:3c:ff:d1:a8:
29:ea:f8:5c:b0:3a:a0:82:c7:91:e9:da:f3:c8:c4:
9a:2b:97:93:b9:77:19:06:29:f2:2e:5f:c8:35:7f:
cb:91:c0:b1:e1:90:59:d1:8b:3e:47:22:42:ba:21:
b8:23:77:6e:54:4a:f1:0b:fc:d6:ae:15:f3:00:8c:
69:99:b4:e5:81:71:88:21:33:56:81:ff:b1:2b:d2:
66:85:e4:a0:64:ec:0c:6c:99:c4:48:c3:5c:54:dc:
76:a8:4a:88:16:a8:82:0a:11:e1:db:b1:51:55:2b:
11:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:91:97:C8:C1:79:D4:C0:8C:7D:9E:EF:63:2A:9D:E0:A7:B7:C1:3E
X509v3 Authority Key Identifier:
keyid:28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/zJGXyMF51MCMfZ7vYyqd4Ke3wT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:fb:d9:a3:c9:72:4d:1b:f5:6a:34:8d:aa:d8:7c:95:91:d3:
6d:17:85:09:c8:e8:62:bd:ed:17:f8:61:f3:ec:15:36:68:74:
f3:d1:20:78:80:f1:cf:bc:d7:34:34:94:8b:e5:cc:2a:8d:ab:
b9:ed:89:63:e2:07:5d:0c:91:6f:c4:97:b7:47:1b:09:d1:86:
04:4d:ca:37:c1:01:61:91:5e:7a:d8:d4:3a:c3:8d:50:3f:5d:
04:f6:10:3f:9e:6b:33:50:02:c5:21:18:d7:4f:50:1e:93:c9:
f3:10:4c:9b:d9:ed:d1:7a:cf:a8:65:0d:a7:ff:93:b2:c4:74:
93:62:cf:fe:69:af:ab:bf:e5:cf:b2:f1:1e:fc:7d:ba:ba:aa:
f8:66:6d:3d:94:dc:aa:3a:1d:32:2f:3f:9e:12:c0:ad:52:e9:
42:47:36:c8:fa:31:ca:b6:c5:fb:eb:f2:95:1f:ef:6f:f1:4d:
7d:04:c1:12:18:78:12:a7:8d:fa:f9:07:b9:a8:e6:fa:4e:63:
9c:4a:a8:32:48:c2:16:f1:e3:d6:20:f1:e9:78:51:43:32:b8:
c9:ad:af:61:00:42:84:fe:7b:43:fb:75:b0:c3:2b:83:25:ea:
55:2d:c8:11:68:07:6d:4f:37:f4:74:c9:ab:70:c1:f2:87:a1:
0e:d1:9f:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXQ0Oi9FAjrk6GM9oeKZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmViZDQ2NTg2MTg0NzNlZDRjODM3NjdjNTFkZThlMjMz
YzMyOTIwHhcNMjMwMTAxMTI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzkxOTdjOGMxNzlkNGMwOGM3ZDllZWY2MzJhOWRlMGE3YjdjMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhObay3YZvXS2TKQn9kw58HmZpxmX
3iKffBop4uC//PFs0ItjEKSxnltseOw6BLMZoTtj5Rxnomw8RQJcpc3SIo50qUDA
3cx0UzOiOBoI5NJ2OrLwECFrbw0LApL46ldLrvf7Ne3jxRJINjvJYv9UlgtLPWhR
pLNQStcPim15I3gr7G5TzYiai848eiHpHiY+ATz/0agp6vhcsDqggseR6drzyMSa
K5eTuXcZBinyLl/INX/LkcCx4ZBZ0Ys+RyJCuiG4I3duVErxC/zWrhXzAIxpmbTl
gXGIITNWgf+xK9JmheSgZOwMbJnESMNcVNx2qEqIFqiCChHh27FRVSsR7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMyRl8jBedTAjH2e72MqneCnt8E+MB8GA1UdIwQY
MBaAFCi+vUZYYYRz7UyDdnxR3o4jPDKSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hYTk3NWMtYjliNS00NjUxLWJjNWIt
YmE3OTU2YjBmMmRkLzEvekpHWHlNRjUxTUNNZlo3dll5cWQ0S2Uzd1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9hYTk3NWMtYjliNS00NjUxLWJjNWItYmE3OTU2YjBmMmRk
LzEvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mZMA0G
CSqGSIb3DQEBCwUAA4IBAQBt+9mjyXJNG/VqNI2q2HyVkdNtF4UJyOhive0X+GHz
7BU2aHTz0SB4gPHPvNc0NJSL5cwqjau57Ylj4gddDJFvxJe3RxsJ0YYETco3wQFh
kV562NQ6w41QP10E9hA/nmszUALFIRjXT1Aek8nzEEyb2e3Res+oZQ2n/5OyxHST
Ys/+aa+rv+XPsvEe/H26uqr4Zm09lNyqOh0yLz+eEsCtUulCRzbI+jHKtsX76/KV
H+9v8U19BMESGHgSp436+Qe5qOb6TmOcSqgySMIW8ePWIPHpeFFDMrjJra9hAEKE
/ntD+3WwwyuDJepVLcgRaAdtTzf0dMmrcMHyh6EO0Z8M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:33 2025 by rpki-client