Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/rF3cZYW3SXux8putyDpJXexrVCg.roa
File: rF3cZYW3SXux8putyDpJXexrVCg.roa (raw, json)
Hash identifier: Yc7yszzEeTjGJSeR3jNKPpp8qB5kKDTrc1QZdB1mCkk=
Subject key identifier: AC:5D:DC:65:85:B7:49:7B:B1:F2:9B:AD:C8:3A:49:5D:EC:6B:54:28
Certificate issuer: /CN=335d831afcc9d74ccf3ee40a0eb68f99085b98dd
Certificate serial: 018A6A6711CBA179BC2020A947E7C3064BEB
Authority key identifier: 33:5D:83:1A:FC:C9:D7:4C:CF:3E:E4:0A:0E:B6:8F:99:08:5B:98:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M12DGvzJ10zPPuQKDraPmQhbmN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/rF3cZYW3SXux8putyDpJXexrVCg.roa
Signing time: Wed 06 Sep 2023 12:10:54 +0000
ROA not before: Wed 06 Sep 2023 12:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212665
IP address blocks: 91.196.6.0/24 maxlen: 24
2a12:64c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:67:11:cb:a1:79:bc:20:20:a9:47:e7:c3:06:4b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335d831afcc9d74ccf3ee40a0eb68f99085b98dd
Validity
Not Before: Sep 6 12:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac5ddc6585b7497bb1f29badc83a495dec6b5428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fc:aa:8a:cd:b8:95:7c:11:58:e2:40:62:fc:
cf:17:ab:4f:06:34:93:d4:fc:2f:ff:16:f9:e3:6f:
93:16:02:48:57:3c:de:e1:05:cc:ac:28:25:bb:8d:
13:04:25:95:b1:7e:57:2b:0e:63:e8:0c:84:1c:91:
36:eb:6f:d6:64:6e:6e:64:c3:51:9d:c6:bf:18:ee:
0c:9c:6f:dc:68:de:93:1f:54:f9:c1:f4:ee:5a:b0:
49:6c:45:f9:f9:a2:53:a3:cb:1f:64:a6:cb:25:45:
7e:44:62:a7:29:7b:d3:b7:af:f7:c9:63:80:53:04:
f1:a0:ea:30:f2:c8:91:9d:74:09:cd:da:11:7d:13:
1f:f5:a7:d7:9c:16:70:a2:44:a5:a2:69:91:15:05:
0b:ca:86:61:ed:46:bb:0e:34:94:a1:5c:9e:37:64:
16:bf:25:48:34:dd:87:b1:27:9a:07:ff:9e:36:82:
f6:12:61:50:35:f6:1f:83:d2:5d:5c:1e:ec:cb:2b:
e0:e9:bb:f4:d2:ac:85:79:9f:1b:80:d8:e4:7b:be:
34:c4:ef:73:ec:b3:9e:ef:a8:b9:7e:27:55:ae:33:
d2:9d:b2:1b:00:2b:23:34:5d:43:b1:19:c0:0b:3f:
c0:5e:58:b7:ea:2b:8e:24:b1:c7:99:21:e5:37:37:
b2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5D:DC:65:85:B7:49:7B:B1:F2:9B:AD:C8:3A:49:5D:EC:6B:54:28
X509v3 Authority Key Identifier:
keyid:33:5D:83:1A:FC:C9:D7:4C:CF:3E:E4:0A:0E:B6:8F:99:08:5B:98:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M12DGvzJ10zPPuQKDraPmQhbmN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/rF3cZYW3SXux8putyDpJXexrVCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/M12DGvzJ10zPPuQKDraPmQhbmN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.6.0/24
IPv6:
2a12:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:93:69:ea:a7:6d:b0:61:58:7e:a0:8d:e0:1f:00:2c:12:64:
7c:d3:9d:ae:28:8b:5f:a6:5f:99:2a:01:e1:1e:e8:7d:e9:42:
1a:12:fe:95:82:70:aa:29:90:c2:e3:ef:81:21:82:d2:25:43:
80:c4:bd:ef:a2:f2:04:7b:d6:08:7a:3b:7e:73:c4:c2:ea:51:
f0:cc:61:ec:68:cf:6a:84:6a:03:a0:a5:92:50:ad:5a:76:c1:
55:f1:34:14:66:97:e0:dc:de:78:80:68:e0:59:77:8c:b1:10:
97:52:ba:85:58:d3:9f:c2:5d:a7:e0:88:b3:78:93:4d:35:c9:
68:9d:7a:6f:99:70:22:74:e6:70:db:af:ff:48:5c:a0:58:ca:
31:bf:c8:50:ab:ff:05:9e:e1:d2:6f:43:35:de:53:04:d8:72:
ff:a1:98:eb:89:24:33:9d:f1:c9:97:05:73:a6:1a:8b:a6:1d:
09:6f:36:c3:09:ee:67:0f:9e:f0:c7:53:cf:f5:9b:00:e5:08:
63:19:d0:47:4f:fb:11:1a:5e:d6:d4:c9:54:0e:cc:f6:a2:34:
24:45:c6:5d:8d:9f:9d:c8:e3:6e:fa:79:25:61:2d:9d:1e:41:
23:f1:6e:a1:9e:fe:e3:f2:75:c8:29:53:37:a5:a2:18:93:96:
16:e6:93:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpqZxHLoXm8ICCpR+fDBkvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWQ4MzFhZmNjOWQ3NGNjZjNlZTQwYTBlYjY4Zjk5MDg1
Yjk4ZGQwHhcNMjMwOTA2MTIxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzVkZGM2NTg1Yjc0OTdiYjFmMjliYWRjODNhNDk1ZGVjNmI1NDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifyqis24lXwRWOJAYvzPF6tPBjST
1Pwv/xb542+TFgJIVzze4QXMrCglu40TBCWVsX5XKw5j6AyEHJE262/WZG5uZMNR
nca/GO4MnG/caN6TH1T5wfTuWrBJbEX5+aJTo8sfZKbLJUV+RGKnKXvTt6/3yWOA
UwTxoOow8siRnXQJzdoRfRMf9afXnBZwokSlommRFQULyoZh7Ua7DjSUoVyeN2QW
vyVINN2HsSeaB/+eNoL2EmFQNfYfg9JdXB7syyvg6bv00qyFeZ8bgNjke740xO9z
7LOe76i5fidVrjPSnbIbACsjNF1DsRnACz/AXli36iuOJLHHmSHlNzeyJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKxd3GWFt0l7sfKbrcg6SV3sa1QoMB8GA1UdIwQY
MBaAFDNdgxr8yddMzz7kCg62j5kIW5jdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTEyREd2ekoxMHpQUHVRS0RyYVBtUWhibU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81OWQ5ODctZmE1ZC00MDZmLTljNmEt
MWQ2MDc2ZTBlMjkwLzEvckYzY1pZVzNTWHV4OHB1dHlEcEpYZXhyVkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81OWQ5ODctZmE1ZC00MDZmLTljNmEtMWQ2MDc2ZTBlMjkw
LzEvTTEyREd2ekoxMHpQUHVRS0RyYVBtUWhibU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8QGMA0E
AgACMAcDBQMqEmTAMA0GCSqGSIb3DQEBCwUAA4IBAQCKk2nqp22wYVh+oI3gHwAs
EmR8052uKItfpl+ZKgHhHuh96UIaEv6VgnCqKZDC4++BIYLSJUOAxL3vovIEe9YI
ejt+c8TC6lHwzGHsaM9qhGoDoKWSUK1adsFV8TQUZpfg3N54gGjgWXeMsRCXUrqF
WNOfwl2n4IizeJNNNclonXpvmXAidOZw26//SFygWMoxv8hQq/8FnuHSb0M13lME
2HL/oZjriSQznfHJlwVzphqLph0JbzbDCe5nD57wx1PP9ZsA5QhjGdBHT/sRGl7W
1MlUDsz2ojQkRcZdjZ+dyONu+nklYS2dHkEj8W6hnv7j8nXIKVM3paIYk5YW5pMU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:19 2025 by rpki-client