Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/mNU4Oh_cfl9raAGwOGtscr_aQKI.roa
File: mNU4Oh_cfl9raAGwOGtscr_aQKI.roa (raw, json)
Hash identifier: 1GWQdWNgD4H5CMskaRL+pMJ7Rr4XW/ZObSX9523QDKE=
Subject key identifier: 98:D5:38:3A:1F:DC:7E:5F:6B:68:01:B0:38:6B:6C:72:BF:DA:40:A2
Certificate issuer: /CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e
Certificate serial: 01845BFB4068F3ACF07DE8399CF0F1E78C50
Authority key identifier: 78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/mNU4Oh_cfl9raAGwOGtscr_aQKI.roa
Signing time: Wed 09 Nov 2022 10:41:43 +0000
ROA not before: Wed 09 Nov 2022 10:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47193
IP address blocks: 91.203.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:fb:40:68:f3:ac:f0:7d:e8:39:9c:f0:f1:e7:8c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e
Validity
Not Before: Nov 9 10:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98d5383a1fdc7e5f6b6801b0386b6c72bfda40a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8f:fa:42:1a:dd:06:da:2a:d4:61:7d:23:ce:
e6:d8:3e:47:bc:08:a9:b2:4f:a5:46:9c:18:62:96:
bf:31:df:f2:8f:ec:70:96:3e:7c:03:01:73:fe:6d:
88:93:a5:6a:10:2c:4f:13:39:4f:2f:40:0d:5d:4b:
97:44:3c:62:e5:87:f0:75:91:7f:0e:3a:13:f2:8c:
e0:31:fd:57:5e:13:f9:f7:c5:ce:84:06:c6:43:a8:
6e:0c:61:72:41:9a:cc:17:ca:ac:54:28:35:61:a3:
e6:9c:b4:d3:8a:bc:53:c1:16:64:d3:c1:23:82:20:
f8:26:91:81:83:86:f2:14:50:eb:de:a6:01:02:b0:
40:69:06:5a:5b:e1:fc:8a:a0:59:8f:8c:96:72:e4:
80:2f:77:d8:0f:ec:77:f6:7b:fa:89:69:86:dd:96:
d9:c4:63:5b:b2:65:0b:dd:38:d9:60:0d:93:77:64:
73:01:8d:39:18:7a:ab:fc:ce:66:65:30:1a:71:5b:
29:3f:19:13:8b:5e:a1:57:ce:a3:de:29:d1:15:2f:
3a:54:bb:26:ee:b3:75:46:01:4d:e9:f8:ca:39:1b:
43:83:96:3a:93:45:f0:20:c0:58:9e:f0:b0:57:8d:
88:a5:93:e6:9c:75:36:60:af:bc:66:58:33:c6:8e:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D5:38:3A:1F:DC:7E:5F:6B:68:01:B0:38:6B:6C:72:BF:DA:40:A2
X509v3 Authority Key Identifier:
keyid:78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/mNU4Oh_cfl9raAGwOGtscr_aQKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:99:84:b1:c1:d0:61:da:ed:b9:b8:92:a1:2a:31:ef:f5:a6:
1b:bb:93:08:20:99:a0:9c:6f:ab:70:2d:73:10:e9:b1:26:13:
64:b4:51:24:b9:ef:e6:3a:70:e2:cb:de:ef:cd:a8:47:87:b1:
8f:7d:fd:44:0b:82:47:10:c5:c8:ad:15:51:2a:03:36:8b:8a:
32:3e:a8:7a:1a:e8:e8:1f:b6:2f:6f:44:89:21:b6:4b:88:32:
34:07:9b:c4:a7:d1:7e:60:3e:c2:6c:59:42:fb:5c:fb:64:6e:
84:03:af:93:f6:92:f1:ba:77:f2:3f:61:dc:8a:75:cd:c8:40:
f1:ed:3b:ce:c4:cd:cc:fa:aa:b7:e8:08:8b:68:ab:35:87:3e:
62:18:5c:63:12:a8:02:37:14:64:bb:73:a6:7b:5f:d4:27:29:
c5:d6:7f:c1:12:4d:41:5e:de:63:62:20:d3:e6:49:ce:d9:12:
b4:11:a5:b8:87:67:29:a8:71:d3:9d:12:96:a1:e1:04:8b:45:
b1:17:ad:b1:ae:be:2a:c7:8f:50:47:0d:ac:ae:02:7c:53:d3:
0b:e2:43:30:fc:e6:de:e6:74:7e:70:55:fc:82:5f:ec:76:a7:
b2:85:a4:aa:98:c8:7d:9e:39:d3:aa:61:1c:60:b5:5c:14:82:
a8:0e:a7:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRb+0Bo86zwfeg5nPDx54xQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGI3ZTRjMDQ1Y2RhZTc4YjViZjQzZjJjNTNmMWE5NGQ5
ZTE1OWUwHhcNMjIxMTA5MTA0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ1MzgzYTFmZGM3ZTVmNmI2ODAxYjAzODZiNmM3MmJmZGE0MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Y/6QhrdBtoq1GF9I87m2D5HvAip
sk+lRpwYYpa/Md/yj+xwlj58AwFz/m2Ik6VqECxPEzlPL0ANXUuXRDxi5YfwdZF/
DjoT8ozgMf1XXhP598XOhAbGQ6huDGFyQZrMF8qsVCg1YaPmnLTTirxTwRZk08Ej
giD4JpGBg4byFFDr3qYBArBAaQZaW+H8iqBZj4yWcuSAL3fYD+x39nv6iWmG3ZbZ
xGNbsmUL3TjZYA2Td2RzAY05GHqr/M5mZTAacVspPxkTi16hV86j3inRFS86VLsm
7rN1RgFN6fjKORtDg5Y6k0XwIMBYnvCwV42IpZPmnHU2YK+8Zlgzxo4zCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjVODof3H5fa2gBsDhrbHK/2kCiMB8GA1UdIwQY
MBaAFHiLfkwEXNrni1v0PyxT8alNnhWeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgt
MGEyNmU2ZTU3ZjIwLzEvbU5VNE9oX2NmbDlyYUFHd09HdHNjcl9hUUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgtMGEyNmU2ZTU3ZjIw
LzEvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8vQMA0G
CSqGSIb3DQEBCwUAA4IBAQCfmYSxwdBh2u25uJKhKjHv9aYbu5MIIJmgnG+rcC1z
EOmxJhNktFEkue/mOnDiy97vzahHh7GPff1EC4JHEMXIrRVRKgM2i4oyPqh6Gujo
H7Yvb0SJIbZLiDI0B5vEp9F+YD7CbFlC+1z7ZG6EA6+T9pLxunfyP2HcinXNyEDx
7TvOxM3M+qq36AiLaKs1hz5iGFxjEqgCNxRku3Ome1/UJynF1n/BEk1BXt5jYiDT
5knO2RK0EaW4h2cpqHHTnRKWoeEEi0WxF62xrr4qx49QRw2srgJ8U9ML4kMw/Obe
5nR+cFX8gl/sdqeyhaSqmMh9njnTqmEcYLVcFIKoDqe0
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:38 2025 by rpki-client