Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/oncDuC3VWzEYrC3TTE9vSionznk.roa
File: oncDuC3VWzEYrC3TTE9vSionznk.roa (raw, json)
Hash identifier: /pEg4Nnsd5YSBP1qcWGgj2d689QhtgjJCZsKhRbPFao=
Subject key identifier: A2:77:03:B8:2D:D5:5B:31:18:AC:2D:D3:4C:4F:6F:4A:2A:27:CE:79
Certificate issuer: /CN=31aadcca96f44a457392d8907c6b964be0fcf921
Certificate serial: 01856F4B89D24402FEE7F4166E02F9463619
Authority key identifier: 31:AA:DC:CA:96:F4:4A:45:73:92:D8:90:7C:6B:96:4B:E0:FC:F9:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Marcypb0SkVzktiQfGuWS-D8-SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/oncDuC3VWzEYrC3TTE9vSionznk.roa
Signing time: Sun 01 Jan 2023 21:44:59 +0000
ROA not before: Sun 01 Jan 2023 21:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47412
IP address blocks: 91.206.44.0/24 maxlen: 24
91.206.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:89:d2:44:02:fe:e7:f4:16:6e:02:f9:46:36:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31aadcca96f44a457392d8907c6b964be0fcf921
Validity
Not Before: Jan 1 21:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27703b82dd55b3118ac2dd34c4f6f4a2a27ce79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a1:f9:97:85:95:5d:d6:1e:15:46:8d:62:e2:
3d:76:34:61:fc:db:9d:db:5d:7f:ed:fd:d4:18:b3:
b1:c3:3f:00:c3:e1:38:36:11:ac:44:15:37:ba:ba:
13:2d:7b:82:f3:ae:f5:3a:6c:35:8d:f7:ef:d7:8b:
f4:04:ee:66:e3:95:b3:21:fe:ec:25:5e:1d:e3:83:
17:a0:14:ef:94:34:1b:88:f8:0f:a3:da:82:50:43:
e6:d6:55:4e:8f:d4:ed:89:ed:e2:c5:dd:ec:33:c1:
d6:f9:63:5c:1b:bf:b2:0b:76:e3:0b:e3:bb:fb:47:
d8:47:ff:de:46:c6:b0:61:37:c0:17:a6:67:c1:03:
ed:f9:c0:c6:31:90:99:9d:e5:3f:a2:f4:96:fd:05:
87:67:09:3a:36:0d:2e:8f:94:30:3a:1a:73:81:fe:
08:ec:58:9b:03:c7:78:0c:21:72:f2:47:5b:af:70:
70:a5:33:15:88:69:7d:79:1d:5d:9e:15:69:37:11:
11:fe:1b:5c:26:39:8a:cf:02:78:38:1c:6c:40:88:
c7:49:cc:78:a6:bc:b0:e2:52:74:2b:9d:b3:b0:98:
0d:45:d7:6b:d9:62:dc:60:67:df:e1:21:70:b6:d6:
bc:aa:58:ac:a4:c2:c2:d2:78:d8:55:41:18:89:43:
6c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:77:03:B8:2D:D5:5B:31:18:AC:2D:D3:4C:4F:6F:4A:2A:27:CE:79
X509v3 Authority Key Identifier:
keyid:31:AA:DC:CA:96:F4:4A:45:73:92:D8:90:7C:6B:96:4B:E0:FC:F9:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Marcypb0SkVzktiQfGuWS-D8-SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/oncDuC3VWzEYrC3TTE9vSionznk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/Marcypb0SkVzktiQfGuWS-D8-SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.44.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:7e:99:50:60:b5:54:26:14:5b:18:ea:5b:93:db:56:1c:a9:
0b:a1:eb:21:5f:99:84:b4:b7:11:b0:e2:36:b7:d8:7b:c2:8b:
8f:88:96:5d:f8:4d:bb:fc:cc:6f:1f:9d:f8:16:6d:9d:df:f8:
b8:eb:42:2f:8e:d4:e2:4c:9e:9c:17:57:64:1e:4a:5d:15:5d:
15:05:20:d2:3f:b7:ec:26:a2:12:6e:ba:f3:c7:8e:06:55:1f:
1b:e9:84:00:50:fe:70:f0:4d:86:dd:96:fa:b0:9b:ff:f6:0d:
77:a8:f9:0f:3d:11:00:df:c6:06:3c:d8:ae:2b:65:30:66:42:
58:d5:91:e8:4f:80:73:db:f3:2d:55:28:91:61:9f:6a:af:0d:
5d:77:3a:7e:b7:23:c4:52:2d:1a:87:0e:98:fe:76:37:17:45:
ba:49:ee:89:9b:0c:e3:1b:ee:83:f8:f2:5b:67:a3:63:1e:e8:
2a:ad:69:9a:f7:a9:7a:69:ec:89:09:02:60:9e:a7:90:1c:e6:
c2:62:78:ab:df:6b:68:44:03:37:cb:b5:8e:07:c5:3e:cd:c8:
76:0d:df:7c:20:a3:13:5f:38:72:85:f9:b5:39:5b:65:c5:86:
18:5b:a8:f5:5b:6a:e6:d9:65:23:d6:4b:ba:2a:e8:3d:6e:b8:
a2:8c:b0:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4nSRAL+5/QWbgL5RjYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWFkY2NhOTZmNDRhNDU3MzkyZDg5MDdjNmI5NjRiZTBm
Y2Y5MjEwHhcNMjMwMTAxMjE0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc3MDNiODJkZDU1YjMxMThhYzJkZDM0YzRmNmY0YTJhMjdjZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaH5l4WVXdYeFUaNYuI9djRh/Nud
211/7f3UGLOxwz8Aw+E4NhGsRBU3uroTLXuC8671Omw1jffv14v0BO5m45WzIf7s
JV4d44MXoBTvlDQbiPgPo9qCUEPm1lVOj9Ttie3ixd3sM8HW+WNcG7+yC3bjC+O7
+0fYR//eRsawYTfAF6ZnwQPt+cDGMZCZneU/ovSW/QWHZwk6Ng0uj5QwOhpzgf4I
7FibA8d4DCFy8kdbr3BwpTMViGl9eR1dnhVpNxER/htcJjmKzwJ4OBxsQIjHScx4
pryw4lJ0K52zsJgNRddr2WLcYGff4SFwtta8qlispMLC0njYVUEYiUNsqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ3A7gt1VsxGKwt00xPb0oqJ855MB8GA1UdIwQY
MBaAFDGq3MqW9EpFc5LYkHxrlkvg/PkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFyY3lwYjBTa1Z6a3RpUWZHdVdTLUQ4LVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni82NjY3ODYtNTYxYy00YmQwLWE3YjAt
OGY3ZmQzZGMxNWZlLzEvb25jRHVDM1ZXekVZckMzVFRFOXZTaW9uem5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni82NjY3ODYtNTYxYy00YmQwLWE3YjAtOGY3ZmQzZGMxNWZl
LzEvTWFyY3lwYjBTa1Z6a3RpUWZHdVdTLUQ4LVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW84sMA0G
CSqGSIb3DQEBCwUAA4IBAQAtfplQYLVUJhRbGOpbk9tWHKkLoeshX5mEtLcRsOI2
t9h7wouPiJZd+E27/MxvH534Fm2d3/i460IvjtTiTJ6cF1dkHkpdFV0VBSDSP7fs
JqISbrrzx44GVR8b6YQAUP5w8E2G3Zb6sJv/9g13qPkPPREA38YGPNiuK2UwZkJY
1ZHoT4Bz2/MtVSiRYZ9qrw1ddzp+tyPEUi0ahw6Y/nY3F0W6Se6JmwzjG+6D+PJb
Z6NjHugqrWma96l6aeyJCQJgnqeQHObCYnir32toRAM3y7WOB8U+zch2Dd98IKMT
Xzhyhfm1OVtlxYYYW6j1W2rm2WUj1ku6Kug9briijLDo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:53 2025 by rpki-client