Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/9-ymGwPfogmlh6h0SlBS6x4n60s.roa
File: 9-ymGwPfogmlh6h0SlBS6x4n60s.roa (raw, json)
Hash identifier: Ez5FgKPM748OmkVsPK0GWy7N27otmgVTh2C3/FGaSsc=
Subject key identifier: F7:EC:A6:1B:03:DF:A2:09:A5:87:A8:74:4A:50:52:EB:1E:27:EB:4B
Certificate issuer: /CN=7001e422227fa44cc5cb95d2a9dcce0fa5b89c07
Certificate serial: 018570398F30EE36F99EBD45ECE9518B1D90
Authority key identifier: 70:01:E4:22:22:7F:A4:4C:C5:CB:95:D2:A9:DC:CE:0F:A5:B8:9C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/9-ymGwPfogmlh6h0SlBS6x4n60s.roa
Signing time: Mon 02 Jan 2023 02:04:58 +0000
ROA not before: Mon 02 Jan 2023 02:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136744
IP address blocks: 91.227.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:8f:30:ee:36:f9:9e:bd:45:ec:e9:51:8b:1d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7001e422227fa44cc5cb95d2a9dcce0fa5b89c07
Validity
Not Before: Jan 2 02:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7eca61b03dfa209a587a8744a5052eb1e27eb4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:22:56:58:48:27:f6:f6:73:69:00:5e:77:1c:
f5:a1:ac:b3:af:50:b3:14:06:c4:ae:2c:b9:28:33:
16:ea:37:b6:3c:4d:19:c0:35:6d:ba:02:ea:b0:05:
00:76:54:9a:1f:be:a4:a6:d4:84:55:fa:f5:f3:47:
5b:23:4f:18:35:49:ca:2a:0c:d4:38:a0:a7:9b:c8:
f5:8d:5b:cc:60:02:06:45:96:ed:d4:e4:c0:c1:66:
cf:74:8a:35:74:a5:21:fe:7b:87:39:ee:84:ab:d5:
bd:ca:66:4f:70:b8:c0:df:1e:a7:55:dc:28:c3:a0:
be:12:f7:ed:dd:af:fe:67:2d:7f:62:49:f9:ba:60:
30:00:29:f5:f5:7f:29:5f:86:1c:66:dc:8c:b8:ed:
6d:37:00:b7:7e:19:2d:a0:9c:c8:aa:60:80:fc:f7:
bd:cd:b5:ec:04:fa:29:42:28:fe:09:20:c0:32:0c:
12:8c:1d:c2:1e:b6:9e:fd:66:d5:50:81:65:d7:74:
83:37:68:e0:c9:1e:35:42:10:d6:7b:ec:fb:f9:25:
0c:87:0f:93:39:21:cd:33:d1:35:cc:e1:47:51:96:
43:54:0e:6e:51:4e:cd:2c:d9:87:db:c1:4b:ea:2e:
68:f6:46:f2:d2:d0:ca:ff:23:1c:dd:4f:2b:c0:a5:
a3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:EC:A6:1B:03:DF:A2:09:A5:87:A8:74:4A:50:52:EB:1E:27:EB:4B
X509v3 Authority Key Identifier:
keyid:70:01:E4:22:22:7F:A4:4C:C5:CB:95:D2:A9:DC:CE:0F:A5:B8:9C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/9-ymGwPfogmlh6h0SlBS6x4n60s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.137.0/24
Signature Algorithm: sha256WithRSAEncryption
65:62:35:7a:70:b2:b7:5e:b6:dd:e1:b8:ec:55:b9:e2:e4:53:
e6:a3:28:21:16:95:cf:fe:fa:a4:65:9e:6a:a5:dd:d2:05:12:
fa:68:4c:12:66:0f:37:98:87:9c:9d:d4:37:15:db:b3:48:de:
c4:6e:3a:72:4d:51:77:07:9a:f7:e5:90:de:72:54:59:c7:85:
11:44:b3:03:a3:b0:56:dd:a6:a0:74:9f:5f:2c:4a:e9:87:49:
7c:32:63:aa:bf:12:74:a2:9c:c5:78:83:88:df:92:13:ba:3c:
4d:2a:83:3e:2f:35:00:e8:10:fa:89:0e:40:f4:a5:5b:e1:7b:
0f:08:6d:21:3a:e5:a2:63:6a:48:de:e0:5a:27:7f:93:97:b6:
3b:b0:1f:67:91:f9:69:42:83:d6:de:1b:89:f3:10:7c:86:d9:
9c:20:73:4f:d3:9f:2c:c6:b6:73:be:32:b4:e5:91:bd:26:47:
5e:25:e7:3c:a5:b4:54:f9:47:d1:ea:34:c7:48:d7:d4:29:38:
2f:ba:58:70:17:71:fb:d0:51:f5:c9:fe:20:6c:40:e7:84:38:
71:13:0e:68:56:6d:35:2c:04:81:23:63:31:64:70:21:f1:0e:
c6:d6:4d:9f:5e:90:0b:df:07:8f:90:20:11:74:1d:b2:f5:be:
44:71:55:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOY8w7jb5nr1F7OlRix2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMDFlNDIyMjI3ZmE0NGNjNWNiOTVkMmE5ZGNjZTBmYTVi
ODljMDcwHhcNMjMwMTAyMDIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2VjYTYxYjAzZGZhMjA5YTU4N2E4NzQ0YTUwNTJlYjFlMjdlYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiJWWEgn9vZzaQBedxz1oayzr1Cz
FAbEriy5KDMW6je2PE0ZwDVtugLqsAUAdlSaH76kptSEVfr180dbI08YNUnKKgzU
OKCnm8j1jVvMYAIGRZbt1OTAwWbPdIo1dKUh/nuHOe6Eq9W9ymZPcLjA3x6nVdwo
w6C+Evft3a/+Zy1/Ykn5umAwACn19X8pX4YcZtyMuO1tNwC3fhktoJzIqmCA/Pe9
zbXsBPopQij+CSDAMgwSjB3CHrae/WbVUIFl13SDN2jgyR41QhDWe+z7+SUMhw+T
OSHNM9E1zOFHUZZDVA5uUU7NLNmH28FL6i5o9kby0tDK/yMc3U8rwKWjiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfsphsD36IJpYeodEpQUuseJ+tLMB8GA1UdIwQY
MBaAFHAB5CIif6RMxcuV0qnczg+luJwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FIa0lpSl9wRXpGeTVYU3Fkek9ENlc0bkFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85OTJkMDMtODgzYi00MDRkLTg4N2Ut
ZjI0MzVkNWNmMzdiLzEvOS15bUd3UGZvZ21saDZoMFNsQlM2eDRuNjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85OTJkMDMtODgzYi00MDRkLTg4N2UtZjI0MzVkNWNmMzdi
LzEvY0FIa0lpSl9wRXpGeTVYU3Fkek9ENlc0bkFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+OJMA0G
CSqGSIb3DQEBCwUAA4IBAQBlYjV6cLK3Xrbd4bjsVbni5FPmoyghFpXP/vqkZZ5q
pd3SBRL6aEwSZg83mIecndQ3FduzSN7EbjpyTVF3B5r35ZDeclRZx4URRLMDo7BW
3aagdJ9fLErph0l8MmOqvxJ0opzFeIOI35ITujxNKoM+LzUA6BD6iQ5A9KVb4XsP
CG0hOuWiY2pI3uBaJ3+Tl7Y7sB9nkflpQoPW3huJ8xB8htmcIHNP058sxrZzvjK0
5ZG9JkdeJec8pbRU+UfR6jTHSNfUKTgvulhwF3H70FH1yf4gbEDnhDhxEw5oVm01
LASBI2MxZHAh8Q7G1k2fXpAL3wePkCARdB2y9b5EcVX1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:12 2025 by rpki-client