Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/b9IlAfk8zKSvMiZy_5JmfYvCvV8.roa
File: b9IlAfk8zKSvMiZy_5JmfYvCvV8.roa (raw, json)
Hash identifier: 5ksJRxH5wqxFlS3BP3MMKd+n990FEj9/kAjX9GMh+64=
Subject key identifier: 6F:D2:25:01:F9:3C:CC:A4:AF:32:26:72:FF:92:66:7D:8B:C2:BD:5F
Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Certificate serial: 0187AACB47C3481E261FC68001B4A08CA08A
Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/b9IlAfk8zKSvMiZy_5JmfYvCvV8.roa
Signing time: Sat 22 Apr 2023 21:07:41 +0000
ROA not before: Sat 22 Apr 2023 21:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205774
IP address blocks: 91.208.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:aa:cb:47:c3:48:1e:26:1f:c6:80:01:b4:a0:8c:a0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da
Validity
Not Before: Apr 22 21:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd22501f93ccca4af322672ff92667d8bc2bd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:52:d3:65:60:1a:d9:0f:9e:3c:e7:51:88:
ef:0a:94:ca:7b:df:2b:43:c5:c3:44:ca:81:4a:96:
c0:06:b2:ba:97:76:76:e2:f0:c6:ce:8b:44:a6:53:
76:6d:98:79:f7:f2:90:fd:58:cc:88:ab:a4:c2:8b:
74:c9:76:c9:3e:6e:e8:92:be:75:22:ad:4c:e3:15:
e4:52:63:c1:1d:ab:b2:dd:a1:0b:74:00:0e:c7:da:
ed:54:0a:e1:20:60:74:63:3c:e4:b3:b6:c5:eb:48:
1c:3c:b9:4d:29:fb:d6:24:8b:a7:0c:13:a0:e4:a8:
d3:58:26:49:08:60:49:3a:fb:e3:da:d4:71:e4:ab:
eb:47:8c:84:e8:e0:10:e1:3e:0c:00:81:a8:08:dc:
2d:9e:f6:88:56:42:32:3b:f0:f2:7e:e3:66:33:3c:
5b:4d:a4:db:e2:5e:86:cc:f3:79:0a:59:03:bf:e4:
6b:63:5e:03:56:d9:53:ce:62:97:74:72:59:6c:71:
c9:59:8e:ac:fd:67:40:65:d8:ec:86:cc:a3:14:09:
d2:6e:ba:42:ea:38:8e:3b:c3:d3:6b:a1:9d:75:6e:
f3:3c:c5:5a:9d:e7:28:38:3d:cf:86:cc:d4:67:2f:
a6:f5:3c:c8:f9:dc:15:ff:51:ac:e5:ae:5b:d4:36:
98:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D2:25:01:F9:3C:CC:A4:AF:32:26:72:FF:92:66:7D:8B:C2:BD:5F
X509v3 Authority Key Identifier:
keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/b9IlAfk8zKSvMiZy_5JmfYvCvV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.100.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:7f:3e:75:43:f3:d1:93:5b:a4:93:e7:f3:6e:0a:c3:a8:3e:
3f:f2:1f:cd:53:ce:69:31:15:b8:f3:43:41:5a:1f:c4:b9:a9:
6c:5d:59:fc:94:88:de:6f:b9:63:f8:86:51:74:f1:0f:c8:79:
d9:42:c1:5b:c4:4e:79:f6:97:3d:65:bd:79:f9:91:13:a4:e4:
75:c8:c7:e3:21:3f:7b:cc:b5:da:d0:8a:b7:8b:9b:9e:80:5b:
b2:4d:ab:cd:01:5c:2c:5d:7a:67:1d:f9:5f:22:c2:77:fd:c2:
fc:a8:56:81:e9:e6:66:ae:0b:77:d1:e8:da:c0:59:33:77:6d:
fb:12:87:60:cf:49:8d:4c:c4:27:59:d9:89:87:1f:b9:7e:bb:
3c:3f:09:31:48:07:a3:05:a2:db:fe:0b:a6:8d:78:39:e4:ac:
80:b8:28:11:ef:0d:42:04:6f:6c:15:6b:41:2c:fa:97:c9:a8:
d7:8b:4b:4b:ea:17:b0:9e:c3:b9:92:a6:8b:b7:bb:6b:6d:82:
2c:11:fe:f5:29:68:2b:34:62:a8:e5:25:51:38:54:ca:f5:34:
01:76:0a:30:eb:07:ac:f5:f2:aa:9a:9b:1c:ec:b7:f0:5d:9e:
bd:c5:e1:2d:c8:c1:08:47:b9:72:89:55:c6:fe:ac:ce:21:a7:
e2:e3:65:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeqy0fDSB4mH8aAAbSgjKCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj
M2Q1ZGEwHhcNMjMwNDIyMjEwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQyMjUwMWY5M2NjY2E0YWYzMjI2NzJmZjkyNjY3ZDhiYzJiZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjZS02VgGtkPnjznUYjvCpTKe98r
Q8XDRMqBSpbABrK6l3Z24vDGzotEplN2bZh59/KQ/VjMiKukwot0yXbJPm7okr51
Iq1M4xXkUmPBHauy3aELdAAOx9rtVArhIGB0Yzzks7bF60gcPLlNKfvWJIunDBOg
5KjTWCZJCGBJOvvj2tRx5KvrR4yE6OAQ4T4MAIGoCNwtnvaIVkIyO/DyfuNmMzxb
TaTb4l6GzPN5ClkDv+RrY14DVtlTzmKXdHJZbHHJWY6s/WdAZdjshsyjFAnSbrpC
6jiOO8PTa6GddW7zPMVanecoOD3PhszUZy+m9TzI+dwV/1Gs5a5b1DaYqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/SJQH5PMykrzImcv+SZn2Lwr1fMB8GA1UdIwQY
MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct
ODMyMGRlNDRkZjhiLzEvYjlJbEFmazh6S1N2TWlaeV81Sm1mWXZDdlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi
LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BkMA0G
CSqGSIb3DQEBCwUAA4IBAQCqfz51Q/PRk1ukk+fzbgrDqD4/8h/NU85pMRW480NB
Wh/EualsXVn8lIjeb7lj+IZRdPEPyHnZQsFbxE559pc9Zb15+ZETpOR1yMfjIT97
zLXa0Iq3i5uegFuyTavNAVwsXXpnHflfIsJ3/cL8qFaB6eZmrgt30ejawFkzd237
Eodgz0mNTMQnWdmJhx+5frs8PwkxSAejBaLb/gumjXg55KyAuCgR7w1CBG9sFWtB
LPqXyajXi0tL6hewnsO5kqaLt7trbYIsEf71KWgrNGKo5SVROFTK9TQBdgow6wes
9fKqmpsc7LfwXZ69xeEtyMEIR7lyiVXG/qzOIafi42Wg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:42 2025 by rpki-client