Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/sa70NlqMNh4ir6nEGNZvxyWQpqA.roa
File: sa70NlqMNh4ir6nEGNZvxyWQpqA.roa (raw, json)
Hash identifier: YOPcAhGjZe4yT1d6q1bE1/U65ewBDodMPc7PFweuwmY=
Subject key identifier: B1:AE:F4:36:5A:8C:36:1E:22:AF:A9:C4:18:D6:6F:C7:25:90:A6:A0
Certificate issuer: /CN=f31d1c05abd714c67c3291e010d21c70a35dd57e
Certificate serial: 018B428A12CA5E9C2FEBBCCBF30D31F47F42
Authority key identifier: F3:1D:1C:05:AB:D7:14:C6:7C:32:91:E0:10:D2:1C:70:A3:5D:D5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x0cBavXFMZ8MpHgENIccKNd1X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/sa70NlqMNh4ir6nEGNZvxyWQpqA.roa
Signing time: Wed 18 Oct 2023 11:27:06 +0000
ROA not before: Wed 18 Oct 2023 11:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 91.103.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:8a:12:ca:5e:9c:2f:eb:bc:cb:f3:0d:31:f4:7f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f31d1c05abd714c67c3291e010d21c70a35dd57e
Validity
Not Before: Oct 18 11:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1aef4365a8c361e22afa9c418d66fc72590a6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9d:67:b8:7d:b1:4f:55:34:24:95:7e:fb:e2:
d3:40:5b:7b:5f:28:b8:4d:73:f6:ba:27:e8:16:c4:
f0:14:69:d7:af:fc:76:b3:c2:bc:e9:de:ff:70:fd:
b4:c3:48:11:7c:84:8a:67:0d:9c:dd:72:f2:d3:11:
30:53:02:a3:01:bf:20:be:0a:8f:67:c1:df:92:d7:
3a:14:d9:98:66:c7:1d:c8:74:c1:db:dd:71:25:04:
a0:37:ed:91:81:18:87:62:54:6c:aa:34:73:c0:d7:
94:f9:df:2a:ef:2b:b9:42:97:b7:7d:85:19:1c:2b:
3c:70:94:be:9a:43:4a:9e:ac:e6:ca:10:22:26:20:
a6:1c:60:e6:d7:9d:d3:9d:15:c1:09:78:0e:95:a9:
39:b6:28:e8:f1:f6:cc:18:48:09:11:a5:45:1e:95:
5d:a5:b6:f2:53:60:4a:a9:b9:e8:0f:a1:53:58:d1:
fc:d8:16:ae:07:f7:b1:14:92:6e:76:05:c0:e6:ba:
41:c0:da:61:76:d8:12:f8:28:26:69:38:0d:85:2c:
72:d6:69:c8:49:35:23:50:a5:52:e0:55:94:ec:7b:
46:2d:b0:88:57:5d:51:f7:dc:a1:75:da:84:3f:3b:
ba:49:ca:26:65:62:75:6d:cd:53:cb:d6:5f:41:28:
8a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AE:F4:36:5A:8C:36:1E:22:AF:A9:C4:18:D6:6F:C7:25:90:A6:A0
X509v3 Authority Key Identifier:
keyid:F3:1D:1C:05:AB:D7:14:C6:7C:32:91:E0:10:D2:1C:70:A3:5D:D5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x0cBavXFMZ8MpHgENIccKNd1X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/sa70NlqMNh4ir6nEGNZvxyWQpqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8866bb-2eb7-4288-a82c-5559ac410ace/1/8x0cBavXFMZ8MpHgENIccKNd1X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.240.0/21
Signature Algorithm: sha256WithRSAEncryption
20:1b:24:a2:81:9a:98:c1:dd:24:24:46:89:ce:76:73:d7:e9:
27:f8:46:84:e5:a3:61:20:0f:40:bb:9a:d1:78:8e:35:1d:43:
33:2b:ac:80:6b:d7:da:54:6b:ba:12:35:d3:b6:47:58:e5:17:
b3:83:b2:37:02:59:5a:13:e9:c0:60:69:76:d2:22:f2:75:68:
72:ec:28:25:91:6d:e3:41:43:dd:33:6c:57:44:b9:98:02:fb:
4f:c7:9f:64:14:46:63:ca:ad:94:57:38:be:a2:a1:d2:c7:7f:
49:74:f2:46:2a:3f:74:63:74:a3:1f:8c:f9:f5:bc:84:02:2e:
39:8b:65:20:15:2b:a5:c8:46:d2:d5:06:02:af:ca:48:77:af:
8d:3b:7d:95:d3:3b:54:44:10:71:22:3d:35:97:9a:84:72:be:
ee:1c:0e:94:83:7f:ca:14:07:27:14:08:6d:28:a2:62:7e:33:
35:b7:06:d3:07:df:74:0b:37:78:b7:ab:e5:c6:7c:ce:47:07:
b5:42:72:62:1c:0d:a0:c5:29:a0:b5:e6:d7:42:29:af:80:f7:
a8:ed:cb:fb:8a:cd:ed:d9:b2:7b:ac:d4:43:d6:cd:2d:01:ef:
da:b2:9b:a1:7f:42:00:b0:59:cf:c3:81:5c:36:2a:0f:d7:c4:
51:e2:d2:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCihLKXpwv67zL8w0x9H9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMWQxYzA1YWJkNzE0YzY3YzMyOTFlMDEwZDIxYzcwYTM1
ZGQ1N2UwHhcNMjMxMDE4MTEyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFlZjQzNjVhOGMzNjFlMjJhZmE5YzQxOGQ2NmZjNzI1OTBhNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ1nuH2xT1U0JJV+++LTQFt7Xyi4
TXP2uifoFsTwFGnXr/x2s8K86d7/cP20w0gRfISKZw2c3XLy0xEwUwKjAb8gvgqP
Z8Hfktc6FNmYZscdyHTB291xJQSgN+2RgRiHYlRsqjRzwNeU+d8q7yu5Qpe3fYUZ
HCs8cJS+mkNKnqzmyhAiJiCmHGDm153TnRXBCXgOlak5tijo8fbMGEgJEaVFHpVd
pbbyU2BKqbnoD6FTWNH82BauB/exFJJudgXA5rpBwNphdtgS+CgmaTgNhSxy1mnI
STUjUKVS4FWU7HtGLbCIV11R99yhddqEPzu6ScomZWJ1bc1Ty9ZfQSiK4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGu9DZajDYeIq+pxBjWb8clkKagMB8GA1UdIwQY
MBaAFPMdHAWr1xTGfDKR4BDSHHCjXdV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHgwY0JhdlhGTVo4TXBIZ0VOSWNjS05kMVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ODY2YmItMmViNy00Mjg4LWE4MmMt
NTU1OWFjNDEwYWNlLzEvc2E3ME5scU1OaDRpcjZuRUdOWnZ4eVdRcHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ODY2YmItMmViNy00Mjg4LWE4MmMtNTU1OWFjNDEwYWNl
LzEvOHgwY0JhdlhGTVo4TXBIZ0VOSWNjS05kMVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2fwMA0G
CSqGSIb3DQEBCwUAA4IBAQAgGySigZqYwd0kJEaJznZz1+kn+EaE5aNhIA9Au5rR
eI41HUMzK6yAa9faVGu6EjXTtkdY5Rezg7I3AllaE+nAYGl20iLydWhy7CglkW3j
QUPdM2xXRLmYAvtPx59kFEZjyq2UVzi+oqHSx39JdPJGKj90Y3SjH4z59byEAi45
i2UgFSulyEbS1QYCr8pId6+NO32V0ztURBBxIj01l5qEcr7uHA6Ug3/KFAcnFAht
KKJifjM1twbTB990Czd4t6vlxnzORwe1QnJiHA2gxSmgtebXQimvgPeo7cv7is3t
2bJ7rNRD1s0tAe/aspuhf0IAsFnPw4FcNioP18RR4tKp
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:20:09 2025 by rpki-client