Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/Yid329JZpylW77E6vWBaOmUpBfs.roa
File: Yid329JZpylW77E6vWBaOmUpBfs.roa (raw, json)
Hash identifier: M/ckrHCKlVKHCF/zdvEUmLy2L1ly5lSWsHImfGZRfe0=
Subject key identifier: 62:27:77:DB:D2:59:A7:29:56:EF:B1:3A:BD:60:5A:3A:65:29:05:FB
Certificate issuer: /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial: 01856E01F8743C68EFDC5C6A5900438AA674
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/Yid329JZpylW77E6vWBaOmUpBfs.roa
Signing time: Sun 01 Jan 2023 15:45:00 +0000
ROA not before: Sun 01 Jan 2023 15:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211430
IP address blocks: 91.209.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:f8:74:3c:68:ef:dc:5c:6a:59:00:43:8a:a6:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
Validity
Not Before: Jan 1 15:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=622777dbd259a72956efb13abd605a3a652905fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:6a:38:cd:a6:97:51:cc:cf:20:b3:4f:1e:
4b:53:28:e8:3e:ee:01:63:61:61:e3:08:6e:31:3b:
65:68:96:f5:32:7c:5b:04:5b:07:90:02:fc:bf:5c:
8c:59:0f:84:5b:ff:46:87:70:4f:4e:d9:83:d0:3b:
18:2a:6b:74:fa:6a:6b:08:a3:53:a1:10:58:e4:66:
a1:55:06:1c:ab:cf:9f:03:f3:b0:7a:e8:6b:bb:18:
5f:6c:97:79:bc:e8:ef:13:88:7c:89:bd:2d:ec:f0:
52:da:7f:95:0b:0c:7d:a7:af:93:f8:00:54:0b:cb:
f6:89:8f:f4:b8:c2:51:70:4b:65:b4:a3:3b:24:34:
fb:f5:d1:85:85:58:08:a5:9e:86:2e:26:f6:78:5c:
43:98:ad:47:5f:69:bc:41:a1:d0:78:f9:7d:95:3c:
5c:78:5b:00:22:b9:81:4e:cd:25:ff:40:47:f6:ff:
69:3f:8e:fe:4b:9f:fc:9b:5c:30:0e:6d:0e:59:c6:
47:93:d5:2e:e0:06:9b:a0:0c:e6:bb:09:a3:fa:e1:
69:08:a9:c1:b7:fe:12:f8:77:45:44:35:14:cc:bf:
2d:80:16:68:71:da:06:60:73:3b:68:2b:67:9b:c8:
02:f5:fa:99:37:b2:11:24:18:96:3f:b5:1d:86:4d:
1c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:27:77:DB:D2:59:A7:29:56:EF:B1:3A:BD:60:5A:3A:65:29:05:FB
X509v3 Authority Key Identifier:
keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/Yid329JZpylW77E6vWBaOmUpBfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.105.0/24
Signature Algorithm: sha256WithRSAEncryption
75:79:07:ef:25:49:a5:fd:c1:5b:ed:8e:74:06:ec:5e:e7:ea:
05:b2:66:ee:ee:dc:09:64:68:72:ac:30:20:60:8e:e3:35:7d:
85:34:19:4a:ab:63:9c:36:22:68:d8:52:57:bf:2c:e9:10:31:
7b:62:3c:f0:53:0a:fc:d5:cf:6a:04:8c:7f:1b:ce:b8:ec:4e:
42:8a:c4:e2:07:51:64:72:c0:2a:0d:68:db:92:15:87:91:c5:
60:c4:89:80:d2:ca:06:89:33:0a:3e:26:fa:e3:bd:bf:bb:ee:
67:c6:24:55:f7:a5:46:f4:50:39:72:dd:73:4e:42:dd:f5:cd:
08:c5:70:37:ae:af:e3:75:d1:ff:0a:d5:95:f4:dd:e3:ce:7c:
97:c4:d4:80:25:fa:d7:ae:c4:ca:76:e1:49:f1:1d:6c:ef:54:
ae:3b:55:32:48:b5:45:b5:20:fc:cd:a7:7a:ac:9d:48:2b:80:
23:81:7c:bd:2c:23:57:76:76:08:c5:c2:29:2e:c5:56:54:29:
46:66:1b:13:00:06:7c:b6:5e:96:41:73:55:38:15:20:03:6b:
41:cf:be:c5:20:e3:5a:c6:f5:4b:48:24:76:2d:b5:bb:95:17:
b7:2a:e3:47:34:89:21:b3:b0:84:5b:ed:72:d0:87:8f:14:55:
72:b9:57:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAfh0PGjv3FxqWQBDiqZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYmNhZTJiMjkwYzgwMWQ1N2QwOWQwMjVhOTM0OGUxNjcw
NmYxODIwHhcNMjMwMTAxMTU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjI3NzdkYmQyNTlhNzI5NTZlZmIxM2FiZDYwNWEzYTY1MjkwNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPdqOM2ml1HMzyCzTx5LUyjoPu4B
Y2Fh4whuMTtlaJb1MnxbBFsHkAL8v1yMWQ+EW/9Gh3BPTtmD0DsYKmt0+mprCKNT
oRBY5GahVQYcq8+fA/OweuhruxhfbJd5vOjvE4h8ib0t7PBS2n+VCwx9p6+T+ABU
C8v2iY/0uMJRcEtltKM7JDT79dGFhVgIpZ6GLib2eFxDmK1HX2m8QaHQePl9lTxc
eFsAIrmBTs0l/0BH9v9pP47+S5/8m1wwDm0OWcZHk9Uu4AaboAzmuwmj+uFpCKnB
t/4S+HdFRDUUzL8tgBZocdoGYHM7aCtnm8gC9fqZN7IRJBiWP7Udhk0cMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGInd9vSWacpVu+xOr1gWjplKQX7MB8GA1UdIwQY
MBaAFP+8rispDIAdV9CdAlqTSOFnBvGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAt
MDk2YWY0NzhmMDRiLzEvWWlkMzI5SlpweWxXNzdFNnZXQmFPbVVwQmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAtMDk2YWY0NzhmMDRi
LzEvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FpMA0G
CSqGSIb3DQEBCwUAA4IBAQB1eQfvJUml/cFb7Y50Buxe5+oFsmbu7twJZGhyrDAg
YI7jNX2FNBlKq2OcNiJo2FJXvyzpEDF7YjzwUwr81c9qBIx/G8647E5CisTiB1Fk
csAqDWjbkhWHkcVgxImA0soGiTMKPib6472/u+5nxiRV96VG9FA5ct1zTkLd9c0I
xXA3rq/jddH/CtWV9N3jznyXxNSAJfrXrsTKduFJ8R1s71SuO1UySLVFtSD8zad6
rJ1IK4AjgXy9LCNXdnYIxcIpLsVWVClGZhsTAAZ8tl6WQXNVOBUgA2tBz77FIONa
xvVLSCR2LbW7lRe3KuNHNIkhs7CEW+1y0IePFFVyuVdf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:01 2025 by rpki-client