Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/06AW9r59djzGfVBiR7TeIAMS5zE.roa
File: 06AW9r59djzGfVBiR7TeIAMS5zE.roa (raw, json)
Hash identifier: q7mC16cDeDZv4LVns5XX+m591tMUnNIolB5EH+3Y+Rs=
Subject key identifier: D3:A0:16:F6:BE:7D:76:3C:C6:7D:50:62:47:B4:DE:20:03:12:E7:31
Certificate issuer: /CN=44728fb31c4ebdfb9bf129745b91bd2e2ee8ef31
Certificate serial: 01856D788BBDA7E13E68C4BB7E1D9624B6EC
Authority key identifier: 44:72:8F:B3:1C:4E:BD:FB:9B:F1:29:74:5B:91:BD:2E:2E:E8:EF:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHKPsxxOvfub8Sl0W5G9Li7o7zE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/06AW9r59djzGfVBiR7TeIAMS5zE.roa
Signing time: Sun 01 Jan 2023 13:14:54 +0000
ROA not before: Sun 01 Jan 2023 13:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55569
IP address blocks: 91.199.242.0/24 maxlen: 24
91.212.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:8b:bd:a7:e1:3e:68:c4:bb:7e:1d:96:24:b6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44728fb31c4ebdfb9bf129745b91bd2e2ee8ef31
Validity
Not Before: Jan 1 13:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3a016f6be7d763cc67d506247b4de200312e731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2d:4f:a0:11:2c:86:73:33:94:6a:b6:1d:f7:
d7:0c:31:cc:84:a0:38:4c:c5:79:34:9a:d4:06:4c:
44:80:30:18:90:96:e3:02:d2:88:79:8a:39:e5:05:
f2:87:bd:86:76:c9:84:57:a0:2d:20:35:09:f8:56:
e8:55:b8:fe:b7:44:ef:38:98:98:05:b2:8d:a7:76:
1b:53:ca:e3:bc:2c:61:8f:7f:39:98:69:73:8f:66:
7d:b8:c1:8a:55:4b:54:fc:36:ca:c6:4b:92:cc:d6:
9f:81:d9:cb:da:ff:b6:57:b7:cb:a5:c6:b0:56:fb:
84:b0:89:a1:da:86:34:cc:65:0c:92:7b:5f:e8:a1:
8e:ea:a2:c2:bc:40:0f:71:31:2e:cf:03:b1:1b:4c:
fc:ce:79:f1:00:a0:1a:04:49:2b:56:28:c9:3d:f7:
dd:ea:71:f3:dc:f1:6b:7a:c0:b5:59:48:ba:02:62:
55:74:e8:05:ee:ec:89:ce:ac:85:02:7a:55:26:4b:
1d:ca:30:49:78:c5:72:45:37:a0:ee:2a:4e:dd:7d:
35:07:fe:a5:70:a8:a4:2c:56:17:cf:5d:23:bd:2d:
e3:10:5c:43:06:5a:04:a5:12:8b:43:bd:e4:72:ea:
f2:c3:1a:a6:80:59:15:de:6a:8f:45:3f:f3:68:8f:
c2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A0:16:F6:BE:7D:76:3C:C6:7D:50:62:47:B4:DE:20:03:12:E7:31
X509v3 Authority Key Identifier:
keyid:44:72:8F:B3:1C:4E:BD:FB:9B:F1:29:74:5B:91:BD:2E:2E:E8:EF:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHKPsxxOvfub8Sl0W5G9Li7o7zE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/06AW9r59djzGfVBiR7TeIAMS5zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/RHKPsxxOvfub8Sl0W5G9Li7o7zE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.242.0/24
91.212.98.0/24
Signature Algorithm: sha256WithRSAEncryption
28:dc:20:d2:49:9a:22:03:a1:35:70:6f:38:88:34:ee:07:d4:
7b:48:de:31:51:65:28:3a:d5:ba:c7:1b:9c:08:f4:41:a1:70:
18:48:f0:88:98:91:5f:4a:5c:24:df:59:28:02:c1:e3:1f:44:
cb:53:14:c2:66:a2:f8:8e:ac:8a:6a:ae:73:62:f8:44:72:46:
90:1c:c3:7d:3d:b6:0c:8e:0f:22:37:c1:31:bf:76:9e:93:f4:
02:39:20:b0:c6:df:9f:b7:0f:a7:bb:8b:c1:e5:62:e1:76:81:
44:01:df:ed:8c:ab:16:f2:3c:1f:1d:25:19:6a:6e:11:b6:7b:
ac:ab:3f:12:5f:b3:be:77:83:45:08:2b:b0:56:67:61:86:9a:
cf:b7:0d:36:28:5d:5c:43:fb:78:6c:28:ab:a0:4d:e6:4e:97:
bb:bc:a7:84:72:e6:6e:d1:ff:b0:02:f9:5c:8d:46:f5:fb:12:
b7:30:ba:53:fb:15:09:05:8c:1d:12:a4:49:ab:2c:64:f0:30:
7f:c7:2f:b0:cf:ce:f1:fa:74:08:82:14:82:b0:a9:bb:c5:5c:
50:57:e9:7a:7b:07:6e:1a:b5:67:12:a7:7e:c6:41:88:bd:c0:
00:e3:88:18:ff:75:ef:f1:db:b8:31:aa:f5:99:2d:41:90:81:
48:f7:95:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVteIu9p+E+aMS7fh2WJLbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzI4ZmIzMWM0ZWJkZmI5YmYxMjk3NDViOTFiZDJlMmVl
OGVmMzEwHhcNMjMwMTAxMTMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2EwMTZmNmJlN2Q3NjNjYzY3ZDUwNjI0N2I0ZGUyMDAzMTJlNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi1PoBEshnMzlGq2HffXDDHMhKA4
TMV5NJrUBkxEgDAYkJbjAtKIeYo55QXyh72GdsmEV6AtIDUJ+FboVbj+t0TvOJiY
BbKNp3YbU8rjvCxhj385mGlzj2Z9uMGKVUtU/DbKxkuSzNafgdnL2v+2V7fLpcaw
VvuEsImh2oY0zGUMkntf6KGO6qLCvEAPcTEuzwOxG0z8znnxAKAaBEkrVijJPffd
6nHz3PFresC1WUi6AmJVdOgF7uyJzqyFAnpVJksdyjBJeMVyRTeg7ipO3X01B/6l
cKikLFYXz10jvS3jEFxDBloEpRKLQ73kcurywxqmgFkV3mqPRT/zaI/CjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNOgFva+fXY8xn1QYke03iADEucxMB8GA1UdIwQY
MBaAFERyj7McTr37m/EpdFuRvS4u6O8xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhLUHN4eE92ZnViOFNsMFc1RzlMaTdvN3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zYWM3NjEtOWFkOC00NTEzLThhMzIt
MWY1NWQ5OTk5ZWViLzEvMDZBVzlyNTlkanpHZlZCaVI3VGVJQU1TNXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zYWM3NjEtOWFkOC00NTEzLThhMzItMWY1NWQ5OTk5ZWVi
LzEvUkhLUHN4eE92ZnViOFNsMFc1RzlMaTdvN3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8fyAwQA
W9RiMA0GCSqGSIb3DQEBCwUAA4IBAQAo3CDSSZoiA6E1cG84iDTuB9R7SN4xUWUo
OtW6xxucCPRBoXAYSPCImJFfSlwk31koAsHjH0TLUxTCZqL4jqyKaq5zYvhEckaQ
HMN9PbYMjg8iN8Exv3aek/QCOSCwxt+ftw+nu4vB5WLhdoFEAd/tjKsW8jwfHSUZ
am4Rtnusqz8SX7O+d4NFCCuwVmdhhprPtw02KF1cQ/t4bCiroE3mTpe7vKeEcuZu
0f+wAvlcjUb1+xK3MLpT+xUJBYwdEqRJqyxk8DB/xy+wz87x+nQIghSCsKm7xVxQ
V+l6ewduGrVnEqd+xkGIvcAA44gY/3Xv8du4Mar1mS1BkIFI95Xe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:05 2025 by rpki-client