Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa
File: Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa (raw, json)
Hash identifier: NetSjJXkxfrSnG7ovy5BrL7sidno00/wF/Foai/O490=
Subject key identifier: 63:46:8B:2F:DA:8B:13:D4:47:B8:47:DF:2C:C4:E3:EB:F0:5C:3E:06
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 018225AF8C70C5DC7507313FDE618C0E148F
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa
Signing time: Fri 22 Jul 2022 11:33:57 +0000
ROA not before: Fri 22 Jul 2022 11:33:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47856
IP address blocks: 91.206.144.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:af:8c:70:c5:dc:75:07:31:3f:de:61:8c:0e:14:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jul 22 11:33:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63468b2fda8b13d447b847df2cc4e3ebf05c3e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3b:b4:45:f1:12:31:42:95:3d:55:c4:ef:1b:
ff:9d:ee:a8:54:36:7b:95:05:5f:78:97:b8:a3:17:
2f:f4:4e:84:48:e7:ab:b0:6e:45:6d:fa:53:54:d8:
0a:10:b0:6e:74:d0:aa:e0:7e:5d:77:a6:ad:9b:43:
6a:10:1e:ea:31:e7:9c:13:43:8d:12:6f:76:98:f7:
5c:2d:81:7c:74:2d:cc:3b:86:ce:3f:6e:17:d0:b0:
c4:ec:24:6f:17:31:42:51:7e:5f:fd:52:57:2b:a7:
74:71:96:40:b7:e8:64:ee:30:c2:42:bc:f4:b9:f6:
19:2d:fe:0e:2d:30:dc:f1:0b:6f:cc:19:83:c8:a9:
78:1e:69:fa:f8:e0:fe:8c:ef:47:85:ff:bf:d3:8e:
e9:d6:97:50:78:41:58:61:c1:d0:34:a8:2f:67:e1:
46:ab:ee:7b:3b:0d:ac:cf:97:0c:a3:84:7a:ec:71:
01:3b:85:60:60:a6:36:b1:2b:e0:5d:22:96:64:31:
d0:7e:ad:76:22:9e:9f:17:57:9a:33:fc:0a:e7:89:
30:c6:15:d3:64:2d:a6:24:c9:9e:af:33:18:ca:07:
51:b6:97:8f:0b:40:89:84:1c:ff:71:8b:aa:b7:14:
aa:3c:8c:20:41:41:a9:59:ff:5a:e7:86:7e:0d:ed:
c7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:46:8B:2F:DA:8B:13:D4:47:B8:47:DF:2C:C4:E3:EB:F0:5C:3E:06
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.144.0/23
Signature Algorithm: sha256WithRSAEncryption
09:ad:34:cf:56:db:e4:1b:01:63:82:78:4c:42:b1:c7:f4:a8:
a7:9c:2a:ba:d6:d6:90:50:67:23:9e:04:bb:91:96:d6:d6:fd:
40:b1:9a:ef:54:73:90:36:28:46:eb:74:90:93:73:5e:e3:1a:
79:84:8f:3c:32:66:6f:a7:f0:a5:92:27:41:53:58:08:be:6f:
b8:80:68:65:de:f9:7d:2d:e9:5e:7d:69:ad:71:0b:e7:33:98:
d3:f8:2a:ee:4a:31:a4:ef:2e:5b:20:c1:c5:63:99:e9:bc:e7:
36:5e:fe:79:8b:c5:44:38:7e:64:1a:78:a0:dd:b0:7f:f5:72:
b4:27:92:5a:89:87:8b:e0:b5:5e:37:e4:95:59:1a:8f:36:92:
18:bc:f6:a7:c6:0f:82:60:38:7d:da:38:be:43:44:92:0a:80:
c0:15:90:46:a6:d8:29:f5:56:a9:4a:2f:e0:ab:1a:fc:76:6b:
da:2c:c4:e1:53:2c:a1:f1:a1:7e:79:37:24:40:0e:6b:53:bd:
3f:08:7c:52:a1:4a:27:c4:1c:9d:21:94:5a:b9:01:a2:f1:37:
c8:44:3b:b8:6a:b6:b5:be:07:33:31:90:5a:08:bf:cb:71:36:
9a:09:e4:d5:4d:ef:c2:0c:6e:7f:37:98:e8:1c:24:aa:50:14:
35:27:74:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlr4xwxdx1BzE/3mGMDhSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjIwNzIyMTEzMzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ2OGIyZmRhOGIxM2Q0NDdiODQ3ZGYyY2M0ZTNlYmYwNWMzZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzu0RfESMUKVPVXE7xv/ne6oVDZ7
lQVfeJe4oxcv9E6ESOersG5FbfpTVNgKELBudNCq4H5dd6atm0NqEB7qMeecE0ON
Em92mPdcLYF8dC3MO4bOP24X0LDE7CRvFzFCUX5f/VJXK6d0cZZAt+hk7jDCQrz0
ufYZLf4OLTDc8QtvzBmDyKl4Hmn6+OD+jO9Hhf+/047p1pdQeEFYYcHQNKgvZ+FG
q+57Ow2sz5cMo4R67HEBO4VgYKY2sSvgXSKWZDHQfq12Ip6fF1eaM/wK54kwxhXT
ZC2mJMmerzMYygdRtpePC0CJhBz/cYuqtxSqPIwgQUGpWf9a54Z+De3HSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNGiy/aixPUR7hH3yzE4+vwXD4GMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvWTBhTEw5cUxFOVJIdUVmZkxNVGo2X0JjUGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86QMA0G
CSqGSIb3DQEBCwUAA4IBAQAJrTTPVtvkGwFjgnhMQrHH9KinnCq61taQUGcjngS7
kZbW1v1AsZrvVHOQNihG63SQk3Ne4xp5hI88MmZvp/ClkidBU1gIvm+4gGhl3vl9
LelefWmtcQvnM5jT+CruSjGk7y5bIMHFY5npvOc2Xv55i8VEOH5kGnig3bB/9XK0
J5JaiYeL4LVeN+SVWRqPNpIYvPanxg+CYDh92ji+Q0SSCoDAFZBGptgp9VapSi/g
qxr8dmvaLMThUyyh8aF+eTckQA5rU70/CHxSoUonxBydIZRauQGi8TfIRDu4ara1
vgczMZBaCL/LcTaaCeTVTe/CDG5/N5joHCSqUBQ1J3R6
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:35 2025 by rpki-client