Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/0fMgLKhhncvr3B4x1zhTjLdElns.roa
File: 0fMgLKhhncvr3B4x1zhTjLdElns.roa (raw, json)
Hash identifier: OL3FnWOxhPKdl2P6Rhkr8Z7cjS3Icx2Q+xz9JBZf1jU=
Subject key identifier: D1:F3:20:2C:A8:61:9D:CB:EB:DC:1E:31:D7:38:53:8C:B7:44:96:7B
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 0181D3D1C41128225D17022A2680EDDB5C94
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/0fMgLKhhncvr3B4x1zhTjLdElns.roa
Signing time: Wed 06 Jul 2022 14:02:28 +0000
ROA not before: Wed 06 Jul 2022 14:02:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.50.0/24 maxlen: 24
194.5.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:d1:c4:11:28:22:5d:17:02:2a:26:80:ed:db:5c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jul 6 14:02:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1f3202ca8619dcbebdc1e31d738538cb744967b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:c4:2e:81:4c:15:77:37:31:2b:1b:a9:b0:
8c:ec:c2:6a:b7:37:00:e3:b9:7f:96:b8:56:9e:31:
fe:af:04:e2:df:8b:d2:9b:50:75:fb:79:fa:00:c2:
15:5b:f9:d5:f1:02:19:06:fd:21:77:47:01:4e:61:
96:6c:a7:ec:16:45:d4:e3:0d:7d:f6:94:62:17:77:
0b:7f:74:6c:f7:da:e9:ed:24:62:83:bd:ed:4b:10:
1c:75:52:58:b0:b7:69:79:6b:f9:93:25:90:2d:91:
ca:8a:00:30:2b:c4:ae:ac:c6:67:7a:b8:43:ad:f8:
aa:b9:d5:79:00:55:2d:30:ee:f5:ee:57:3e:9d:d1:
86:f5:3f:fe:16:32:bc:cb:b9:2b:40:87:15:31:ba:
fb:dc:1c:5b:49:18:1a:f6:c6:a9:48:37:7c:9b:66:
f2:46:f5:5c:07:3d:c6:e3:a3:6c:98:2c:6e:dc:d1:
f6:34:b6:c1:37:dc:46:0d:da:13:71:58:e4:e6:87:
48:77:8b:6e:96:80:a6:bd:96:1d:f6:50:f6:4f:c5:
c5:23:0a:e8:9f:c0:93:a6:8b:f6:3f:32:da:94:1f:
42:af:07:89:89:12:43:f9:05:d7:91:64:64:0f:24:
01:a8:f6:cd:1d:3a:04:f3:54:e9:c3:19:d7:fd:f3:
a6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F3:20:2C:A8:61:9D:CB:EB:DC:1E:31:D7:38:53:8C:B7:44:96:7B
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/0fMgLKhhncvr3B4x1zhTjLdElns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.50.0/24
194.5.237.0/24
Signature Algorithm: sha256WithRSAEncryption
94:36:1c:60:b7:8a:56:31:f8:7e:b4:8e:d5:a2:45:1f:28:19:
8f:89:45:50:de:94:c2:f8:3e:61:55:7e:b4:85:bb:4e:3e:03:
b7:cd:d4:59:9b:5d:2e:f4:d9:de:a4:fa:06:15:69:2d:be:21:
c0:dd:96:e7:10:8c:0b:10:6a:72:4d:c0:8f:31:af:b7:52:cb:
04:08:ff:f2:fa:38:d5:18:40:d9:85:4b:e0:b0:9f:39:7d:73:
0d:d1:73:71:f9:8f:53:73:1a:7b:ca:6a:d3:e7:e4:99:54:3d:
39:d8:67:1a:f7:b7:8a:87:7d:65:e7:44:73:1e:9c:d1:eb:9c:
d4:eb:cd:b5:43:fb:bc:78:ef:22:1b:11:be:6f:43:f9:fa:db:
13:f9:75:bd:41:ab:b2:e8:12:73:95:3e:0f:f4:66:b8:06:73:
9b:78:2f:8f:a2:5a:1e:fc:d9:de:b1:ca:30:dc:92:5e:ba:88:
c6:82:cd:d9:a6:5d:cf:48:3c:1e:8a:48:57:81:17:35:50:54:
1f:ac:8b:f1:94:e5:9d:ad:39:75:28:e2:38:37:68:7a:a6:d5:
f1:77:9d:ed:cc:d9:72:bb:67:44:ab:dc:fc:2a:34:0a:9a:23:
56:8e:3d:bf:e8:13:af:cf:bb:fc:56:4f:d5:ec:5b:a5:a9:c4:
f7:97:37:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHT0cQRKCJdFwIqJoDt21yUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjIwNzA2MTQwMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWYzMjAyY2E4NjE5ZGNiZWJkYzFlMzFkNzM4NTM4Y2I3NDQ5NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yjELoFMFXc3MSsbqbCM7MJqtzcA
47l/lrhWnjH+rwTi34vSm1B1+3n6AMIVW/nV8QIZBv0hd0cBTmGWbKfsFkXU4w19
9pRiF3cLf3Rs99rp7SRig73tSxAcdVJYsLdpeWv5kyWQLZHKigAwK8SurMZnerhD
rfiqudV5AFUtMO717lc+ndGG9T/+FjK8y7krQIcVMbr73BxbSRga9sapSDd8m2by
RvVcBz3G46NsmCxu3NH2NLbBN9xGDdoTcVjk5odId4tuloCmvZYd9lD2T8XFIwro
n8CTpov2PzLalB9CrweJiRJD+QXXkWRkDyQBqPbNHToE81TpwxnX/fOmQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNHzICyoYZ3L69weMdc4U4y3RJZ7MB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvMGZNZ0xLaGhuY3ZyM0I0eDF6aFRqTGRFbG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/EyAwQA
wgXtMA0GCSqGSIb3DQEBCwUAA4IBAQCUNhxgt4pWMfh+tI7VokUfKBmPiUVQ3pTC
+D5hVX60hbtOPgO3zdRZm10u9NnepPoGFWktviHA3ZbnEIwLEGpyTcCPMa+3UssE
CP/y+jjVGEDZhUvgsJ85fXMN0XNx+Y9Tcxp7ymrT5+SZVD052Gca97eKh31l50Rz
HpzR65zU6821Q/u8eO8iGxG+b0P5+tsT+XW9Qauy6BJzlT4P9Ga4BnObeC+Poloe
/Nnescow3JJeuojGgs3Zpl3PSDweikhXgRc1UFQfrIvxlOWdrTl1KOI4N2h6ptXx
d53tzNlyu2dEq9z8KjQKmiNWjj2/6BOvz7v8Vk/V7FulqcT3lzca
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:35 2025 by rpki-client