Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/0rZjvlt2re9pWS2RDA10qR1yhIU.roa
File: 0rZjvlt2re9pWS2RDA10qR1yhIU.roa (raw, json)
Hash identifier: aSsDRhM5Y7BixFyHQ7dWzMXHZNdoq8OTKnku3I6YhkM=
Subject key identifier: D2:B6:63:BE:5B:76:AD:EF:69:59:2D:91:0C:0D:74:A9:1D:72:84:85
Certificate issuer: /CN=ce7180c4bad3cf425a50672e1cb7a9d2ac78e20c
Certificate serial: 03497F25
Authority key identifier: CE:71:80:C4:BA:D3:CF:42:5A:50:67:2E:1C:B7:A9:D2:AC:78:E2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znGAxLrTz0JaUGcuHLep0qx44gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/0rZjvlt2re9pWS2RDA10qR1yhIU.roa
Signing time: Sat 01 Jan 2022 14:06:14 +0000
ROA not before: Sat 01 Jan 2022 14:06:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12670
IP address blocks: 91.234.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55148325 (0x3497f25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce7180c4bad3cf425a50672e1cb7a9d2ac78e20c
Validity
Not Before: Jan 1 14:06:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2b663be5b76adef69592d910c0d74a91d728485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4a:16:76:41:f2:e8:8b:06:0b:95:96:75:2a:
60:5f:7d:12:9c:28:31:c0:c8:c8:d1:df:1d:ea:6c:
15:61:da:70:fa:0b:da:99:9c:2a:b7:f8:c8:a9:99:
14:3a:8d:c2:b1:ea:49:3f:42:6c:65:f4:13:45:72:
c7:5b:f5:fb:31:af:3c:0e:92:8f:86:07:a5:7f:54:
60:8a:3b:7f:29:10:e1:a1:ef:99:50:84:b0:39:27:
8f:bc:2c:a5:d7:43:b1:a4:a0:df:ae:59:e3:84:0d:
3f:eb:75:ed:2a:b9:28:5b:53:d2:d5:1e:9f:71:09:
e6:16:10:ff:4a:ba:e0:b3:ee:88:dc:48:1e:60:61:
b3:e1:45:d5:33:14:fe:16:b5:26:c6:a5:f3:3b:0f:
92:c1:d9:a5:dc:74:1d:e6:c1:b0:d3:17:eb:60:89:
89:86:60:61:06:ce:f3:97:59:8d:91:d8:ee:22:2a:
dc:fc:2c:d2:5f:dc:48:fc:08:fa:50:d2:50:ee:f6:
61:8b:38:ff:e2:6e:34:12:ae:5a:1e:a7:49:11:04:
72:12:87:37:e9:7b:ff:4f:16:ff:9a:3b:94:6e:c4:
c0:24:5c:01:2d:da:48:7d:e2:0e:1b:16:14:55:42:
82:d4:05:79:d6:cb:74:8d:5a:d3:06:50:12:08:2a:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B6:63:BE:5B:76:AD:EF:69:59:2D:91:0C:0D:74:A9:1D:72:84:85
X509v3 Authority Key Identifier:
keyid:CE:71:80:C4:BA:D3:CF:42:5A:50:67:2E:1C:B7:A9:D2:AC:78:E2:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znGAxLrTz0JaUGcuHLep0qx44gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/0rZjvlt2re9pWS2RDA10qR1yhIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/znGAxLrTz0JaUGcuHLep0qx44gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.9.0/24
Signature Algorithm: sha256WithRSAEncryption
34:87:af:45:a0:e5:08:14:f4:ef:1a:13:87:ff:55:ed:60:7d:
41:ef:59:6d:d4:9c:4a:0e:ad:1a:23:06:dd:5f:bb:78:46:1f:
64:63:3b:31:4e:7f:60:cb:a6:65:32:b9:23:75:35:4f:04:0d:
7d:8d:52:06:68:98:1a:49:0c:99:7d:d6:d0:5f:b5:96:e5:24:
37:78:f2:d5:80:cd:e3:78:98:b9:f1:64:f2:3d:8c:7f:1a:04:
cb:a3:5c:ae:5b:1e:e5:b5:47:a6:17:14:7a:e4:9a:f0:1a:10:
94:b2:3e:3a:a0:33:14:e1:18:4e:bd:ad:8d:22:c3:d1:81:22:
6b:93:03:66:1c:d9:d8:36:8d:b9:97:c1:a2:91:3a:98:b9:dd:
87:30:a2:ff:ba:30:be:be:4c:39:14:19:c3:e9:d3:84:63:4f:
9b:fc:69:58:0f:8d:29:ee:48:7e:7d:2c:56:48:7a:74:1b:e0:
a5:1b:95:11:ce:7e:c0:fb:79:98:3e:93:2f:b8:c9:92:8a:9a:
d7:11:d8:15:fc:41:18:54:b3:67:83:3d:74:8c:0b:4b:c1:ff:
ee:24:f6:a5:1d:ea:b9:e0:aa:72:1c:a1:0e:cf:b8:e2:48:e1:
51:05:e8:f8:6d:b7:e6:84:eb:a8:5b:0c:87:89:b4:38:7d:98:
22:2b:7f:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0l/JTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTcxODBjNGJhZDNjZjQyNWE1MDY3MmUxY2I3YTlkMmFjNzhlMjBjMB4XDTIyMDEw
MTE0MDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJiNjYzYmU1Yjc2
YWRlZjY5NTkyZDkxMGMwZDc0YTkxZDcyODQ4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNKFnZB8uiLBguVlnUqYF99EpwoMcDIyNHfHepsFWHacPoL
2pmcKrf4yKmZFDqNwrHqST9CbGX0E0Vyx1v1+zGvPA6Sj4YHpX9UYIo7fykQ4aHv
mVCEsDknj7wspddDsaSg365Z44QNP+t17Sq5KFtT0tUen3EJ5hYQ/0q64LPuiNxI
HmBhs+FF1TMU/ha1Jsal8zsPksHZpdx0HebBsNMX62CJiYZgYQbO85dZjZHY7iIq
3Pws0l/cSPwI+lDSUO72YYs4/+JuNBKuWh6nSREEchKHN+l7/08W/5o7lG7EwCRc
AS3aSH3iDhsWFFVCgtQFedbLdI1a0wZQEggq/MUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTStmO+W3at72lZLZEMDXSpHXKEhTAfBgNVHSMEGDAWgBTOcYDEutPPQlpQ
Zy4ct6nSrHjiDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3puR0F4THJUejBKYVVHY3VITGVwMHF4NDRndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvZDdkNWNkLTc5YTktNGM4Mi04ZmM0LTA0NmQyZTJhZGNkNS8x
LzByWmp2bHQycmU5cFdTMlJEQTEwcVIxeWhJVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
ZDdkNWNkLTc5YTktNGM4Mi04ZmM0LTA0NmQyZTJhZGNkNS8xL3puR0F4THJUejBK
YVVHY3VITGVwMHF4NDRndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvqCTANBgkqhkiG9w0BAQsFAAOC
AQEANIevRaDlCBT07xoTh/9V7WB9Qe9ZbdScSg6tGiMG3V+7eEYfZGM7MU5/YMum
ZTK5I3U1TwQNfY1SBmiYGkkMmX3W0F+1luUkN3jy1YDN43iYufFk8j2MfxoEy6Nc
rlse5bVHphcUeuSa8BoQlLI+OqAzFOEYTr2tjSLD0YEia5MDZhzZ2DaNuZfBopE6
mLndhzCi/7owvr5MORQZw+nThGNPm/xpWA+NKe5Ifn0sVkh6dBvgpRuVEc5+wPt5
mD6TL7jJkoqa1xHYFfxBGFSzZ4M9dIwLS8H/7iT2pR3queCqchyhDs+44kjhUQXo
+G235oTrqFsMh4m0OH2YIit/9A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:54 2025 by rpki-client