Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/bT-hQlZWTfuAyvw5KE0nFRQBIy0.roa
File: bT-hQlZWTfuAyvw5KE0nFRQBIy0.roa (raw, json)
Hash identifier: Bq8z4riHhFMDEA8DbhmOKJgs3m9q75FKu48dGOpi/8M=
Subject key identifier: 6D:3F:A1:42:56:56:4D:FB:80:CA:FC:39:28:4D:27:15:14:01:23:2D
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 018571B0C5203F2C82D3C0D59C39AE074B3A
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/bT-hQlZWTfuAyvw5KE0nFRQBIy0.roa
Signing time: Mon 02 Jan 2023 08:54:48 +0000
ROA not before: Mon 02 Jan 2023 08:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.50.0/24 maxlen: 24
91.241.49.0/24 maxlen: 24
194.5.236.0/24 maxlen: 24
194.5.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c5:20:3f:2c:82:d3:c0:d5:9c:39:ae:07:4b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jan 2 08:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d3fa14256564dfb80cafc39284d27151401232d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6d:52:69:38:78:4d:6b:4c:08:68:b4:07:34:
97:bb:6e:28:1b:73:38:ee:51:07:9d:d3:85:b8:a0:
ac:92:b0:97:15:a1:c5:2f:6b:c8:8e:60:1a:1f:2a:
0a:d5:e0:aa:e0:eb:3e:b2:2e:a1:4c:c8:75:de:74:
e7:10:13:2e:98:2c:cf:63:46:06:ce:9f:f1:c2:85:
22:a7:c0:80:16:e1:ee:27:55:6b:52:b3:d7:7a:c8:
36:40:13:e3:57:60:07:ac:c4:63:8b:b5:fa:14:85:
6c:13:58:2e:86:49:5b:6d:d6:48:8e:45:81:8d:87:
00:9e:a4:47:63:a9:35:87:d3:3f:b9:28:f5:79:4c:
fe:96:74:59:27:7c:c2:c3:c8:1e:84:d8:27:f7:ce:
02:02:ee:e0:05:a8:43:e0:a8:5a:39:2d:93:05:0d:
55:ba:c0:a9:b7:54:53:67:fc:8e:14:21:dd:e0:fb:
73:67:ad:d0:88:35:66:fe:8f:26:34:f4:20:d5:45:
cf:d6:c9:37:5d:1b:70:0d:26:24:e1:75:17:0e:21:
4c:e4:76:67:f0:51:aa:6a:3f:10:73:0c:8b:ff:c8:
cd:45:9a:f7:75:76:b3:61:4e:93:94:46:b1:6e:c6:
72:3d:ef:c8:11:51:6b:c4:62:5c:a1:58:12:57:91:
47:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:3F:A1:42:56:56:4D:FB:80:CA:FC:39:28:4D:27:15:14:01:23:2D
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/bT-hQlZWTfuAyvw5KE0nFRQBIy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.49.0-91.241.50.255
194.5.236.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:46:39:90:83:fa:ad:73:cf:60:ee:19:93:67:15:f5:14:15:
3a:a3:03:8e:5b:0d:b5:34:7a:78:b4:6b:c6:28:0e:a5:56:db:
92:d4:44:96:9d:07:77:d2:ff:26:c3:7f:6b:14:67:03:70:ce:
39:28:df:f5:38:9c:81:b5:99:29:fa:dd:ad:92:3e:b6:86:5a:
8d:da:48:39:fa:1f:c5:9b:63:fa:28:95:af:f8:18:0b:6b:2e:
3b:f0:8a:86:e3:dd:c9:cc:97:5a:09:47:ba:bc:f9:44:17:e7:
e1:c6:6d:cb:85:72:7a:db:79:c0:82:63:85:6a:79:63:85:02:
58:27:67:ea:e8:57:0f:9c:01:fc:de:09:2f:9d:ba:02:48:50:
e9:d8:eb:e4:f6:3a:5d:2b:a6:f8:25:87:81:bd:f3:67:27:70:
87:8b:69:60:bd:b2:9d:46:d4:89:54:ca:4a:1d:a9:58:1a:0e:
03:34:0d:91:10:e0:34:2f:a1:b7:53:30:2c:d2:33:e4:9d:2c:
4d:08:56:e5:27:36:01:8f:73:51:f0:12:a9:64:fb:66:74:dd:
bd:18:d4:f3:0b:82:a9:f0:f9:4a:e7:aa:b7:5a:4d:0a:de:8d:
f6:90:b3:37:fc:f9:53:9c:a1:18:c3:98:0d:14:9d:67:db:a3:
0e:23:be:c8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVxsMUgPyyC08DVnDmuB0s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjMwMTAyMDg1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDNmYTE0MjU2NTY0ZGZiODBjYWZjMzkyODRkMjcxNTE0MDEyMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW1SaTh4TWtMCGi0BzSXu24oG3M4
7lEHndOFuKCskrCXFaHFL2vIjmAaHyoK1eCq4Os+si6hTMh13nTnEBMumCzPY0YG
zp/xwoUip8CAFuHuJ1VrUrPXesg2QBPjV2AHrMRji7X6FIVsE1guhklbbdZIjkWB
jYcAnqRHY6k1h9M/uSj1eUz+lnRZJ3zCw8gehNgn984CAu7gBahD4KhaOS2TBQ1V
usCpt1RTZ/yOFCHd4PtzZ63QiDVm/o8mNPQg1UXP1sk3XRtwDSYk4XUXDiFM5HZn
8FGqaj8QcwyL/8jNRZr3dXazYU6TlEaxbsZyPe/IEVFrxGJcoVgSV5FHqQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG0/oUJWVk37gMr8OShNJxUUASMtMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvYlQtaFFsWldUZnVBeXZ3NUtFMG5GUlFCSXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABb8TED
BABb8TIDBAHCBewwDQYJKoZIhvcNAQELBQADggEBAC1GOZCD+q1zz2DuGZNnFfUU
FTqjA45bDbU0eni0a8YoDqVW25LURJadB3fS/ybDf2sUZwNwzjko3/U4nIG1mSn6
3a2SPraGWo3aSDn6H8WbY/oola/4GAtrLjvwiobj3cnMl1oJR7q8+UQX5+HGbcuF
cnrbecCCY4VqeWOFAlgnZ+roVw+cAfzeCS+dugJIUOnY6+T2Ol0rpvglh4G982cn
cIeLaWC9sp1G1IlUykodqVgaDgM0DZEQ4DQvobdTMCzSM+SdLE0IVuUnNgGPc1Hw
Eqlk+2Z03b0Y1PMLgqnw+UrnqrdaTQrejfaQszf8+VOcoRjDmA0UnWfbow4jvsg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:54 2025 by rpki-client