Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/K9wxfnIHxqZIglIEI676AxdRf4o.roa
File: K9wxfnIHxqZIglIEI676AxdRf4o.roa (raw, json)
Hash identifier: gO1hLhaYpNE8IzAyTN3d2ZyBf2l8v/tFUeoc02EBpHs=
Subject key identifier: 2B:DC:31:7E:72:07:C6:A6:48:82:52:04:23:AE:FA:03:17:51:7F:8A
Certificate issuer: /CN=94b1cbff4bd970fa27fdefd4bf68b02d68d2b9dd
Certificate serial: 01856D81D28DE591BABDFBC50ED1A10F4DED
Authority key identifier: 94:B1:CB:FF:4B:D9:70:FA:27:FD:EF:D4:BF:68:B0:2D:68:D2:B9:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lLHL_0vZcPon_e_Uv2iwLWjSud0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/K9wxfnIHxqZIglIEI676AxdRf4o.roa
Signing time: Sun 01 Jan 2023 13:25:02 +0000
ROA not before: Sun 01 Jan 2023 13:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20892
IP address blocks: 91.194.242.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:d2:8d:e5:91:ba:bd:fb:c5:0e:d1:a1:0f:4d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94b1cbff4bd970fa27fdefd4bf68b02d68d2b9dd
Validity
Not Before: Jan 1 13:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bdc317e7207c6a64882520423aefa0317517f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b7:b2:e3:c2:d2:b8:c3:8b:05:fe:a4:d5:81:
d0:1d:24:b4:24:19:1c:de:d4:a1:fb:b4:7c:e8:ca:
cd:6f:46:f6:4b:34:83:51:c3:cc:14:fc:5b:6f:f5:
ec:76:46:2c:2d:a0:42:32:bd:28:94:be:d4:73:8b:
93:a5:e2:b5:82:5c:e6:1f:76:e0:a0:0b:d8:05:15:
bf:28:6d:db:4d:bf:d5:83:c9:35:10:4c:7c:e2:22:
0a:3f:c3:86:2e:cd:76:76:52:c2:ba:ea:f7:81:c4:
5c:15:46:8c:94:43:ac:77:35:fd:53:07:a5:06:1a:
f8:6b:4f:9c:18:56:05:ff:e4:24:ba:bc:bf:a6:dc:
c0:4f:42:e7:47:11:b0:cf:22:46:36:4f:9d:de:6f:
87:39:2d:fc:d4:60:2a:7d:42:6d:b1:bf:c5:f7:7f:
f8:da:a4:66:26:07:73:cd:01:64:31:3a:9d:5b:a9:
9a:dd:75:96:7a:9a:13:38:9c:44:aa:47:49:90:f6:
0c:60:c1:28:7a:40:f2:ae:d3:dd:56:06:80:ac:9f:
14:8d:87:bc:b9:88:74:2e:96:3d:73:ba:32:4f:5a:
c0:7b:10:ff:05:71:c3:0b:97:0d:97:1e:17:d6:9e:
6e:89:91:41:5d:a8:92:5a:14:9d:61:09:eb:1a:d9:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DC:31:7E:72:07:C6:A6:48:82:52:04:23:AE:FA:03:17:51:7F:8A
X509v3 Authority Key Identifier:
keyid:94:B1:CB:FF:4B:D9:70:FA:27:FD:EF:D4:BF:68:B0:2D:68:D2:B9:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lLHL_0vZcPon_e_Uv2iwLWjSud0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/K9wxfnIHxqZIglIEI676AxdRf4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/lLHL_0vZcPon_e_Uv2iwLWjSud0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.242.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:99:ab:04:c4:17:e7:db:a8:1b:5b:28:73:75:5b:02:45:d9:
e6:78:31:b6:de:76:db:57:7d:e3:c4:35:4e:e5:2b:70:cb:2f:
c3:22:af:e8:cf:72:71:42:8e:1a:2c:de:d1:1a:de:84:6b:51:
d1:aa:91:7d:aa:e4:26:8f:1b:d9:ea:74:97:45:c5:30:5e:d9:
6d:33:81:79:ae:22:eb:ac:2a:4c:fa:85:3f:d9:ba:20:ee:9f:
06:fd:d1:73:8f:89:c9:88:8b:f4:d2:af:54:a1:74:e6:fa:c8:
71:d9:64:30:aa:a0:be:8a:db:ba:b4:f5:9f:73:82:87:a1:e1:
bf:cc:f5:57:f0:2c:14:a7:1f:18:23:13:0b:24:8d:50:bc:24:
70:b1:8e:ac:df:41:2c:9d:e8:9a:03:f0:2b:05:39:ec:a8:89:
24:b2:37:be:52:a8:ad:80:1e:e6:8f:51:e8:bf:e5:ac:68:a0:
9e:79:ff:e7:78:fc:89:4c:c3:84:93:7a:32:50:80:3a:01:74:
42:62:44:5f:9a:7f:a9:b5:b7:c1:5d:a2:a6:fd:6a:5c:55:96:
4f:35:53:b8:4a:80:61:44:c7:a2:86:b7:8e:0a:92:51:a7:24:
fc:46:e8:be:6d:e8:b0:42:75:06:eb:29:7b:88:63:c1:7f:98:
12:4c:99:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgdKN5ZG6vfvFDtGhD03tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YjFjYmZmNGJkOTcwZmEyN2ZkZWZkNGJmNjhiMDJkNjhk
MmI5ZGQwHhcNMjMwMTAxMTMyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRjMzE3ZTcyMDdjNmE2NDg4MjUyMDQyM2FlZmEwMzE3NTE3ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrey48LSuMOLBf6k1YHQHSS0JBkc
3tSh+7R86MrNb0b2SzSDUcPMFPxbb/XsdkYsLaBCMr0olL7Uc4uTpeK1glzmH3bg
oAvYBRW/KG3bTb/Vg8k1EEx84iIKP8OGLs12dlLCuur3gcRcFUaMlEOsdzX9Uwel
Bhr4a0+cGFYF/+Qkury/ptzAT0LnRxGwzyJGNk+d3m+HOS381GAqfUJtsb/F93/4
2qRmJgdzzQFkMTqdW6ma3XWWepoTOJxEqkdJkPYMYMEoekDyrtPdVgaArJ8UjYe8
uYh0LpY9c7oyT1rAexD/BXHDC5cNlx4X1p5uiZFBXaiSWhSdYQnrGtkO7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvcMX5yB8amSIJSBCOu+gMXUX+KMB8GA1UdIwQY
MBaAFJSxy/9L2XD6J/3v1L9osC1o0rndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbExITF8wdlpjUG9uX2VfVXYyaXdMV2pTdWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wNjM2NTgtODI2Mi00OTY1LTk2NjEt
MDU0MjQyN2IwMmI5LzEvSzl3eGZuSUh4cVpJZ2xJRUk2NzZBeGRSZjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wNjM2NTgtODI2Mi00OTY1LTk2NjEtMDU0MjQyN2IwMmI5
LzEvbExITF8wdlpjUG9uX2VfVXYyaXdMV2pTdWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8LyMA0G
CSqGSIb3DQEBCwUAA4IBAQAbmasExBfn26gbWyhzdVsCRdnmeDG23nbbV33jxDVO
5Stwyy/DIq/oz3JxQo4aLN7RGt6Ea1HRqpF9quQmjxvZ6nSXRcUwXtltM4F5riLr
rCpM+oU/2bog7p8G/dFzj4nJiIv00q9UoXTm+shx2WQwqqC+itu6tPWfc4KHoeG/
zPVX8CwUpx8YIxMLJI1QvCRwsY6s30EsneiaA/ArBTnsqIkksje+UqitgB7mj1Ho
v+WsaKCeef/nePyJTMOEk3oyUIA6AXRCYkRfmn+ptbfBXaKm/WpcVZZPNVO4SoBh
RMeihreOCpJRpyT8Rui+beiwQnUG6yl7iGPBf5gSTJnj
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:03 2025 by rpki-client