Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5b18b5-da02-4e97-b013-4597e147c140/1/SpfMifTlKM91ez6qtYYck8J1Y8o.roa
File: SpfMifTlKM91ez6qtYYck8J1Y8o.roa (raw, json)
Hash identifier: MCTODk/4lO47pWbP8NVg4bvfCVcShHLnXK4vyo5KEd4=
Subject key identifier: 4A:97:CC:89:F4:E5:28:CF:75:7B:3E:AA:B5:86:1C:93:C2:75:63:CA
Certificate issuer: /CN=b2e102484f73972786ccc2df1c47c2682b8b85ca
Certificate serial: 018756D573FE231658DA7632C40009091C32
Authority key identifier: B2:E1:02:48:4F:73:97:27:86:CC:C2:DF:1C:47:C2:68:2B:8B:85:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suECSE9zlyeGzMLfHEfCaCuLhco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5b18b5-da02-4e97-b013-4597e147c140/1/SpfMifTlKM91ez6qtYYck8J1Y8o.roa
Signing time: Thu 06 Apr 2023 13:50:42 +0000
ROA not before: Thu 06 Apr 2023 13:50:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41652
IP address blocks: 91.223.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:d5:73:fe:23:16:58:da:76:32:c4:00:09:09:1c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e102484f73972786ccc2df1c47c2682b8b85ca
Validity
Not Before: Apr 6 13:50:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a97cc89f4e528cf757b3eaab5861c93c27563ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ad:2f:2c:bf:21:ba:a7:21:42:e9:57:61:86:
e6:5f:0d:9a:2c:99:78:5f:83:8b:77:27:06:2d:c1:
12:8e:53:2c:07:ba:7c:74:9e:c8:c1:69:6b:f3:a0:
ce:2d:72:18:54:48:44:f8:28:88:c9:d8:52:4c:26:
41:7e:16:0c:02:02:f5:af:fb:f2:51:65:df:92:39:
ea:69:2a:86:d5:82:3a:79:f5:d9:39:1f:23:b5:4e:
16:12:d6:08:5d:5d:bb:d6:a9:a8:7c:8d:56:6c:0c:
10:0d:76:8a:25:65:f9:89:23:8d:28:9c:2f:61:1c:
87:9f:bd:16:5a:37:f9:93:05:77:18:67:11:5a:67:
89:db:fa:8f:c1:e3:a5:29:b6:0c:23:a4:df:0a:f5:
28:3f:98:c3:a0:47:a7:32:6c:2a:02:c8:83:4e:d0:
6f:96:0a:a1:00:b2:ac:5f:19:70:27:cb:20:aa:e3:
e3:ee:d4:5d:55:6d:e9:70:6d:e9:58:68:e6:df:9d:
b2:51:04:15:93:55:c0:06:19:75:b8:f7:5f:e7:d2:
92:c4:3a:55:82:9f:b3:ea:de:b6:b4:75:e5:f6:96:
e0:3a:a8:fb:75:c1:5f:14:a4:29:4a:75:91:d5:3c:
67:53:76:d7:61:f1:7c:d8:4e:29:86:fe:58:8f:94:
ea:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:97:CC:89:F4:E5:28:CF:75:7B:3E:AA:B5:86:1C:93:C2:75:63:CA
X509v3 Authority Key Identifier:
keyid:B2:E1:02:48:4F:73:97:27:86:CC:C2:DF:1C:47:C2:68:2B:8B:85:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suECSE9zlyeGzMLfHEfCaCuLhco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5b18b5-da02-4e97-b013-4597e147c140/1/SpfMifTlKM91ez6qtYYck8J1Y8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5b18b5-da02-4e97-b013-4597e147c140/1/suECSE9zlyeGzMLfHEfCaCuLhco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.131.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:00:96:46:23:cb:4f:91:b7:b6:f0:c2:75:9e:1c:0c:4d:71:
b5:af:eb:4c:4c:8b:75:ce:72:be:da:a4:44:08:db:25:7b:3b:
3f:a8:d2:0e:44:aa:96:11:68:9b:02:6d:2c:7f:73:93:80:4b:
71:9e:7e:b4:c8:a3:ee:82:05:84:c1:27:f0:d5:10:6b:04:8f:
77:10:99:be:79:57:d7:f2:75:69:62:b2:ed:81:3f:25:0e:85:
a1:65:75:fb:b7:dc:58:c3:41:57:0c:ed:ba:98:fb:d1:7b:c1:
47:cb:a1:9e:ed:33:b1:b5:ce:d7:3c:1e:83:8c:79:43:ad:df:
38:13:a2:ff:4e:c2:5e:5b:5a:a5:77:44:48:c8:43:15:32:6b:
51:3e:1e:61:29:97:70:bf:3b:18:98:1c:c4:2d:e0:0e:99:b4:
6a:6b:a8:c8:69:ea:2a:3a:0e:90:b9:29:e9:38:69:d9:99:6d:
f9:1a:b5:ab:45:9b:59:60:0c:87:3d:8e:b3:48:74:ef:d1:6a:
e2:f1:cf:d6:6e:94:7c:65:e8:50:84:d3:c2:0f:e7:ff:3e:76:
5e:0a:ed:26:db:3c:4a:85:de:4b:8c:64:11:68:df:e6:b4:d6:
da:90:c2:63:ec:9f:3f:4c:52:7d:c5:42:b9:3c:2a:b6:c2:8a:
51:24:40:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdW1XP+IxZY2nYyxAAJCRwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTEwMjQ4NGY3Mzk3Mjc4NmNjYzJkZjFjNDdjMjY4MmI4
Yjg1Y2EwHhcNMjMwNDA2MTM1MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk3Y2M4OWY0ZTUyOGNmNzU3YjNlYWFiNTg2MWM5M2MyNzU2M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh60vLL8huqchQulXYYbmXw2aLJl4
X4OLdycGLcESjlMsB7p8dJ7IwWlr86DOLXIYVEhE+CiIydhSTCZBfhYMAgL1r/vy
UWXfkjnqaSqG1YI6efXZOR8jtU4WEtYIXV271qmofI1WbAwQDXaKJWX5iSONKJwv
YRyHn70WWjf5kwV3GGcRWmeJ2/qPweOlKbYMI6TfCvUoP5jDoEenMmwqAsiDTtBv
lgqhALKsXxlwJ8sgquPj7tRdVW3pcG3pWGjm352yUQQVk1XABhl1uPdf59KSxDpV
gp+z6t62tHXl9pbgOqj7dcFfFKQpSnWR1TxnU3bXYfF82E4phv5Yj5TqvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqXzIn05SjPdXs+qrWGHJPCdWPKMB8GA1UdIwQY
MBaAFLLhAkhPc5cnhszC3xxHwmgri4XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VFQ1NFOXpseWVHek1MZkhFZkNhQ3VMaGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YjE4YjUtZGEwMi00ZTk3LWIwMTMt
NDU5N2UxNDdjMTQwLzEvU3BmTWlmVGxLTTkxZXo2cXRZWWNrOEoxWThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YjE4YjUtZGEwMi00ZTk3LWIwMTMtNDU5N2UxNDdjMTQw
LzEvc3VFQ1NFOXpseWVHek1MZkhFZkNhQ3VMaGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+DMA0G
CSqGSIb3DQEBCwUAA4IBAQAMAJZGI8tPkbe28MJ1nhwMTXG1r+tMTIt1znK+2qRE
CNslezs/qNIORKqWEWibAm0sf3OTgEtxnn60yKPuggWEwSfw1RBrBI93EJm+eVfX
8nVpYrLtgT8lDoWhZXX7t9xYw0FXDO26mPvRe8FHy6Ge7TOxtc7XPB6DjHlDrd84
E6L/TsJeW1qld0RIyEMVMmtRPh5hKZdwvzsYmBzELeAOmbRqa6jIaeoqOg6QuSnp
OGnZmW35GrWrRZtZYAyHPY6zSHTv0Wri8c/WbpR8ZehQhNPCD+f/PnZeCu0m2zxK
hd5LjGQRaN/mtNbakMJj7J8/TFJ9xUK5PCq2wopRJECj
-----END CERTIFICATE-----
Generated at Wed Apr 9 08:43:24 2025 by rpki-client