Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/h3jPt9GN0I7BekJrm9RZil81pow.roa
File: h3jPt9GN0I7BekJrm9RZil81pow.roa (raw, json)
Hash identifier: wGZ3UgZAH0clBASOcUEvrv7cO0gjcYidUvL6HyxFp48=
Subject key identifier: 87:78:CF:B7:D1:8D:D0:8E:C1:7A:42:6B:9B:D4:59:8A:5F:35:A6:8C
Certificate issuer: /CN=f31d1c05abd714c67c3291e010d21c70a35dd57e
Certificate serial: 018B428A134993D443DFFBB24E5F3AF3E143
Authority key identifier: F3:1D:1C:05:AB:D7:14:C6:7C:32:91:E0:10:D2:1C:70:A3:5D:D5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x0cBavXFMZ8MpHgENIccKNd1X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/h3jPt9GN0I7BekJrm9RZil81pow.roa
Signing time: Wed 18 Oct 2023 11:27:06 +0000
ROA not before: Wed 18 Oct 2023 11:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 91.103.241.0/24 maxlen: 24
91.103.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:8a:13:49:93:d4:43:df:fb:b2:4e:5f:3a:f3:e1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f31d1c05abd714c67c3291e010d21c70a35dd57e
Validity
Not Before: Oct 18 11:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8778cfb7d18dd08ec17a426b9bd4598a5f35a68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:dd:38:2e:a6:ac:be:45:09:0b:0a:a4:b0:ef:
1b:00:cd:36:38:c2:18:d6:d0:d0:7a:2b:75:7c:e8:
73:48:06:a0:17:c1:47:75:2c:bd:fd:7c:75:d6:b5:
53:12:66:f3:1c:fb:53:93:75:fd:1f:e7:7a:7d:89:
39:95:41:84:04:d9:cd:48:9f:dc:38:de:09:2b:04:
41:46:23:00:2d:3d:5f:37:00:97:8c:08:6c:c4:cd:
4a:24:55:f3:c5:66:e0:ef:5b:57:3a:1d:28:c9:e0:
ed:72:a9:c4:d1:be:d9:d4:71:01:b3:5e:c4:c1:85:
2b:aa:bf:b7:61:e9:e9:2a:e2:e1:3b:e5:12:38:90:
87:42:38:e7:0f:3e:89:08:6d:b1:f2:b3:5b:e8:73:
f8:c4:29:1f:a8:cd:09:95:7c:ba:1c:17:f9:74:92:
b3:2a:6d:c1:77:bf:8a:a4:de:29:30:c9:6c:40:42:
7b:50:d9:91:a7:c3:ac:7f:cf:5c:9f:70:b9:b9:af:
3d:05:86:2c:ec:81:6c:a5:a7:b0:54:12:63:9c:b9:
f4:f3:bc:3f:f0:ba:43:9a:2d:91:b3:d9:a2:6f:36:
8b:8f:ac:b8:38:88:14:46:c0:55:e1:42:37:dc:37:
59:22:d4:4c:74:43:52:31:dd:92:2b:52:d5:04:2f:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:78:CF:B7:D1:8D:D0:8E:C1:7A:42:6B:9B:D4:59:8A:5F:35:A6:8C
X509v3 Authority Key Identifier:
keyid:F3:1D:1C:05:AB:D7:14:C6:7C:32:91:E0:10:D2:1C:70:A3:5D:D5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x0cBavXFMZ8MpHgENIccKNd1X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/h3jPt9GN0I7BekJrm9RZil81pow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/8x0cBavXFMZ8MpHgENIccKNd1X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.241.0-91.103.242.255
Signature Algorithm: sha256WithRSAEncryption
42:5d:b5:2b:4e:f9:a4:f3:0a:7d:15:3f:04:5a:ff:89:20:5a:
6a:6d:5d:14:1a:fc:39:b7:45:45:1e:04:43:38:f6:e2:31:78:
89:d2:98:98:41:e5:4a:e4:7d:8a:ad:ef:f7:c9:69:f7:ef:7d:
5f:08:8b:e5:c1:df:03:00:ab:d0:52:65:e6:18:95:0f:17:48:
1f:a5:ac:08:89:2c:11:39:29:f4:1e:08:39:f7:2c:9e:bf:51:
5f:dc:f4:df:96:9a:3b:4b:9d:3d:f4:1e:9d:c4:63:33:da:b6:
42:79:1a:fa:1c:66:c6:40:0f:df:8c:36:00:dc:73:95:fa:93:
ca:f2:49:88:ff:ac:31:0b:65:7e:e8:40:d5:99:44:38:60:b8:
ef:10:95:43:6b:d3:ea:f5:0b:16:ca:62:db:7b:ef:62:f5:be:
02:85:77:9f:cb:6d:ab:40:f2:e3:56:71:c5:61:4b:3d:0b:cb:
25:2c:3c:9b:db:cb:52:aa:05:b8:10:8e:0e:20:32:26:df:cb:
96:81:0f:aa:70:ae:51:a2:c5:4d:bd:34:d9:17:84:41:9a:d7:
c3:51:30:9e:a4:5c:df:0c:de:08:65:b8:62:22:45:49:9c:60:
28:ca:f5:0f:d1:30:a3:92:6e:67:33:60:90:28:9b:2a:b7:92:
62:11:93:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtCihNJk9RD3/uyTl868+FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMWQxYzA1YWJkNzE0YzY3YzMyOTFlMDEwZDIxYzcwYTM1
ZGQ1N2UwHhcNMjMxMDE4MTEyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzc4Y2ZiN2QxOGRkMDhlYzE3YTQyNmI5YmQ0NTk4YTVmMzVhNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt04LqasvkUJCwqksO8bAM02OMIY
1tDQeit1fOhzSAagF8FHdSy9/Xx11rVTEmbzHPtTk3X9H+d6fYk5lUGEBNnNSJ/c
ON4JKwRBRiMALT1fNwCXjAhsxM1KJFXzxWbg71tXOh0oyeDtcqnE0b7Z1HEBs17E
wYUrqr+3YenpKuLhO+USOJCHQjjnDz6JCG2x8rNb6HP4xCkfqM0JlXy6HBf5dJKz
Km3Bd7+KpN4pMMlsQEJ7UNmRp8Osf89cn3C5ua89BYYs7IFspaewVBJjnLn087w/
8LpDmi2Rs9mibzaLj6y4OIgURsBV4UI33DdZItRMdENSMd2SK1LVBC+7zwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFId4z7fRjdCOwXpCa5vUWYpfNaaMMB8GA1UdIwQY
MBaAFPMdHAWr1xTGfDKR4BDSHHCjXdV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHgwY0JhdlhGTVo4TXBIZ0VOSWNjS05kMVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ODY2YmItMmViNy00Mjg4LWE4MmMt
NTU1OWFjNDEwYWNlLzEvaDNqUHQ5R04wSTdCZWtKcm05UlppbDgxcG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ODY2YmItMmViNy00Mjg4LWE4MmMtNTU1OWFjNDEwYWNl
LzEvOHgwY0JhdlhGTVo4TXBIZ0VOSWNjS05kMVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABbZ/ED
BABbZ/IwDQYJKoZIhvcNAQELBQADggEBAEJdtStO+aTzCn0VPwRa/4kgWmptXRQa
/Dm3RUUeBEM49uIxeInSmJhB5UrkfYqt7/fJaffvfV8Ii+XB3wMAq9BSZeYYlQ8X
SB+lrAiJLBE5KfQeCDn3LJ6/UV/c9N+WmjtLnT30Hp3EYzPatkJ5GvocZsZAD9+M
NgDcc5X6k8rySYj/rDELZX7oQNWZRDhguO8QlUNr0+r1CxbKYtt772L1vgKFd5/L
batA8uNWccVhSz0LyyUsPJvby1KqBbgQjg4gMibfy5aBD6pwrlGixU29NNkXhEGa
18NRMJ6kXN8M3ghluGIiRUmcYCjK9Q/RMKOSbmczYJAomyq3kmIRk4k=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:19:14 2025 by rpki-client