Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/1G5zc2y2qwsDJEVmiuHNOIslu_0.roa
File: 1G5zc2y2qwsDJEVmiuHNOIslu_0.roa (raw, json)
Hash identifier: pQpPQfy5LlC/hYR015vtd0ksDFPs84Kp+D/CpZVKx2Y=
Subject key identifier: D4:6E:73:73:6C:B6:AB:0B:03:24:45:66:8A:E1:CD:38:8B:25:BB:FD
Certificate issuer: /CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Certificate serial: 018571BA0EB83F47C1456E18FC82CDAF54A5
Authority key identifier: CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/1G5zc2y2qwsDJEVmiuHNOIslu_0.roa
Signing time: Mon 02 Jan 2023 09:04:56 +0000
ROA not before: Mon 02 Jan 2023 09:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.102.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:0e:b8:3f:47:c1:45:6e:18:fc:82:cd:af:54:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Validity
Not Before: Jan 2 09:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d46e73736cb6ab0b032445668ae1cd388b25bbfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:99:03:86:a5:7a:de:77:0b:b2:7e:cc:40:
62:4d:a3:a8:36:3f:45:ad:6a:fe:fc:fc:98:4c:ce:
20:9f:fb:ce:cf:26:73:f8:37:95:3a:dc:4a:e0:1b:
d3:9b:34:8a:58:56:07:94:3e:f0:00:a8:fc:f5:b5:
04:ec:4b:f9:d3:d9:be:6b:f1:d2:a3:b2:7b:bc:4e:
38:e3:60:c9:6c:26:d0:20:f1:e6:23:4f:da:a8:3b:
f1:c4:bf:f5:8b:2f:a6:cb:eb:e9:a8:a4:77:21:f3:
6c:b7:03:99:8a:45:df:68:cb:6d:98:bf:33:6a:ef:
f2:72:4d:cb:19:42:2c:86:4a:6e:ce:e6:af:83:30:
66:ee:af:83:e3:8c:b8:a3:6e:94:ee:d0:a4:30:df:
2e:ea:a4:1f:4e:aa:5b:eb:c1:52:4a:0e:e6:83:1d:
cf:54:cf:57:2c:96:31:42:b4:2b:01:66:41:07:b8:
7f:8c:85:72:e0:a6:bc:0b:cb:8b:1c:05:6e:f1:a3:
b8:59:ca:69:ab:21:35:af:d2:92:47:d1:eb:80:75:
27:71:d1:de:8f:01:e5:a2:29:ca:97:3a:fa:4c:f8:
f3:84:1d:9f:74:65:5c:69:08:e4:ea:e3:b5:6b:b6:
1d:ca:3a:ac:ce:95:5e:5c:da:59:56:97:04:21:0e:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6E:73:73:6C:B6:AB:0B:03:24:45:66:8A:E1:CD:38:8B:25:BB:FD
X509v3 Authority Key Identifier:
keyid:CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/1G5zc2y2qwsDJEVmiuHNOIslu_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/zsOzR6IWvEN7C9TPC8jNpl6MLTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.186.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f1:0f:65:d9:c4:0a:ce:bb:de:e6:6c:46:4b:04:34:87:49:
86:fe:d0:e6:a4:13:f4:b9:d1:0c:21:b2:9b:b1:44:5d:ba:6a:
39:0f:b4:fa:f7:0e:19:aa:23:25:64:de:0f:08:37:98:ee:55:
a2:ee:11:ef:28:2c:4b:18:0a:30:2b:0f:64:14:f6:4a:5d:83:
93:78:71:2f:b4:bd:08:fb:27:20:d9:11:db:81:b6:2c:a4:47:
04:84:50:54:c1:52:5d:9e:b0:e0:6d:9e:4a:22:36:a7:12:12:
4d:4e:95:fc:b0:d6:a7:82:96:5c:96:28:a1:fb:66:97:6a:51:
6e:28:9f:7f:b5:89:b3:1e:97:84:aa:88:84:dc:42:f5:91:12:
0b:07:5d:57:16:36:f1:ed:d7:2a:91:2b:1d:1f:31:63:dd:12:
dc:6c:14:1f:df:fe:44:e5:32:76:48:11:b7:9e:09:bf:50:39:
95:84:8d:41:64:dc:8f:20:ed:82:59:53:62:8a:05:71:e9:ad:
d6:f8:d8:39:40:6d:4a:35:a7:de:21:2c:97:07:54:e8:4d:66:
a6:01:53:91:ae:10:f0:c2:d3:d7:d9:6e:c0:7e:37:8b:37:45:
9b:2c:19:da:84:80:d8:5d:92:5c:d8:2e:02:a5:f8:e2:3a:c5:
e6:39:21:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxug64P0fBRW4Y/ILNr1SlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzNiMzQ3YTIxNmJjNDM3YjBiZDRjZjBiYzhjZGE2NWU4
YzJkM2IwHhcNMjMwMTAyMDkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZlNzM3MzZjYjZhYjBiMDMyNDQ1NjY4YWUxY2QzODhiMjViYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuqZA4alet53C7J+zEBiTaOoNj9F
rWr+/PyYTM4gn/vOzyZz+DeVOtxK4BvTmzSKWFYHlD7wAKj89bUE7Ev509m+a/HS
o7J7vE4442DJbCbQIPHmI0/aqDvxxL/1iy+my+vpqKR3IfNstwOZikXfaMttmL8z
au/yck3LGUIshkpuzuavgzBm7q+D44y4o26U7tCkMN8u6qQfTqpb68FSSg7mgx3P
VM9XLJYxQrQrAWZBB7h/jIVy4Ka8C8uLHAVu8aO4WcppqyE1r9KSR9HrgHUncdHe
jwHloinKlzr6TPjzhB2fdGVcaQjk6uO1a7YdyjqszpVeXNpZVpcEIQ6SQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRuc3NstqsLAyRFZorhzTiLJbv9MB8GA1UdIwQY
MBaAFM7Ds0eiFrxDewvUzwvIzaZejC07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYt
MTU1ZmIzZmUyODdlLzEvMUc1emMyeTJxd3NESkVWbWl1SE5PSXNsdV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYtMTU1ZmIzZmUyODdl
LzEvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2a6MA0G
CSqGSIb3DQEBCwUAA4IBAQA38Q9l2cQKzrve5mxGSwQ0h0mG/tDmpBP0udEMIbKb
sURdumo5D7T69w4ZqiMlZN4PCDeY7lWi7hHvKCxLGAowKw9kFPZKXYOTeHEvtL0I
+ycg2RHbgbYspEcEhFBUwVJdnrDgbZ5KIjanEhJNTpX8sNangpZcliih+2aXalFu
KJ9/tYmzHpeEqoiE3EL1kRILB11XFjbx7dcqkSsdHzFj3RLcbBQf3/5E5TJ2SBG3
ngm/UDmVhI1BZNyPIO2CWVNiigVx6a3W+Ng5QG1KNafeISyXB1ToTWamAVORrhDw
wtPX2W7AfjeLN0WbLBnahIDYXZJc2C4CpfjiOsXmOSHJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:33 2025 by rpki-client