Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/PUea9na31GROw4EGQkBiAk4oXKI.roa
File: PUea9na31GROw4EGQkBiAk4oXKI.roa (raw, json)
Hash identifier: QQJe9ec+cAxT4BJe4JbIyMhgQQRS6sFL5F0HCfmok3k=
Subject key identifier: 3D:47:9A:F6:76:B7:D4:64:4E:C3:81:06:42:40:62:02:4E:28:5C:A2
Certificate issuer: /CN=36cfb3975bbd5ef87b29c3dc4a4b98ea5c25c444
Certificate serial: 018572DEE8369359034070B8E9D6C40462CE
Authority key identifier: 36:CF:B3:97:5B:BD:5E:F8:7B:29:C3:DC:4A:4B:98:EA:5C:25:C4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ns-zl1u9Xvh7KcPcSkuY6lwlxEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/PUea9na31GROw4EGQkBiAk4oXKI.roa
Signing time: Mon 02 Jan 2023 14:24:49 +0000
ROA not before: Mon 02 Jan 2023 14:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47991
IP address blocks: 91.208.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:e8:36:93:59:03:40:70:b8:e9:d6:c4:04:62:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36cfb3975bbd5ef87b29c3dc4a4b98ea5c25c444
Validity
Not Before: Jan 2 14:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d479af676b7d4644ec38106424062024e285ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e5:77:5d:d6:eb:ab:4b:bc:37:f0:7a:33:53:
e2:03:3d:76:1f:6a:d3:ea:ba:b0:09:1b:db:d1:02:
8f:08:d5:92:e1:aa:59:08:4f:16:4c:64:30:99:e9:
61:43:cd:27:d7:a0:6a:7b:f9:c5:93:ff:51:94:13:
78:5b:f9:bb:57:25:84:19:81:3b:d1:50:11:66:39:
5d:9d:99:4f:de:20:ac:8c:01:05:dd:2a:91:c7:ac:
5f:e5:8c:2f:4c:16:38:9b:f9:1f:f1:10:88:79:f4:
4f:d8:29:db:8e:da:ba:67:12:cf:56:94:91:03:4e:
be:7b:26:e1:5a:50:26:ef:de:68:89:ff:f4:90:b6:
64:ac:33:a8:b6:62:0f:b3:28:de:28:71:6d:5d:f2:
fa:e4:a3:68:c2:e4:57:2b:6d:72:1a:df:93:5c:83:
92:7b:9c:1e:c1:7a:97:44:c7:47:3c:d8:91:1f:18:
43:89:10:9f:b1:71:a9:6a:c7:2c:eb:22:47:ba:92:
c6:99:2d:00:41:be:a9:31:d3:1e:69:c9:dc:57:aa:
4e:7b:cc:7b:2d:2f:26:0f:9a:06:d7:ab:06:f6:a5:
02:41:b8:25:ea:90:16:cd:73:cf:18:a9:89:61:fb:
7d:51:fb:e8:fb:d4:38:79:d8:e2:b2:98:7f:d7:e8:
2b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:47:9A:F6:76:B7:D4:64:4E:C3:81:06:42:40:62:02:4E:28:5C:A2
X509v3 Authority Key Identifier:
keyid:36:CF:B3:97:5B:BD:5E:F8:7B:29:C3:DC:4A:4B:98:EA:5C:25:C4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ns-zl1u9Xvh7KcPcSkuY6lwlxEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/PUea9na31GROw4EGQkBiAk4oXKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/Ns-zl1u9Xvh7KcPcSkuY6lwlxEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.235.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b0:f9:41:13:6f:4e:98:d5:7b:df:d9:53:df:8b:cf:35:a5:
92:28:4d:0d:35:9b:d7:51:ac:26:09:7c:6d:ed:d2:cc:3c:cc:
22:2c:58:69:ae:a0:69:ae:d8:3a:13:b1:92:28:27:06:5a:6f:
c9:fa:d4:76:e0:dd:d9:03:f8:b2:be:76:cf:73:a1:54:35:2f:
13:9f:97:28:67:fd:f3:51:2d:ae:5d:27:83:5b:a5:c0:f8:1b:
41:25:8b:47:85:0d:27:03:3d:dc:37:ad:44:f9:58:10:49:ce:
0c:20:62:a1:bc:0a:ed:6b:8b:92:91:c5:98:c9:ca:09:c6:03:
fb:6e:d6:02:9d:18:9d:06:00:ea:f0:fa:91:00:93:69:3a:d3:
de:1c:8e:4d:c9:a6:a2:a1:b1:fd:6e:b6:5f:13:0f:42:4b:b6:
e6:4f:c3:24:60:c7:f4:53:16:5b:f7:62:91:f6:80:86:c8:fa:
a8:a8:6c:1b:89:db:e1:38:2e:6e:0c:dd:bb:20:09:69:d6:8b:
74:ba:08:04:05:e4:6e:f1:de:d3:8c:52:e4:7a:e3:fb:8d:8e:
d1:c6:ca:14:e7:50:e0:81:d0:d4:ba:d1:14:71:72:c6:4e:91:
f6:a8:7c:8a:14:64:d9:3c:66:0f:69:5d:88:c9:6d:d4:30:5a:
aa:77:36:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3ug2k1kDQHC46dbEBGLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Y2ZiMzk3NWJiZDVlZjg3YjI5YzNkYzRhNGI5OGVhNWMy
NWM0NDQwHhcNMjMwMTAyMTQyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ3OWFmNjc2YjdkNDY0NGVjMzgxMDY0MjQwNjIwMjRlMjg1Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOV3Xdbrq0u8N/B6M1PiAz12H2rT
6rqwCRvb0QKPCNWS4apZCE8WTGQwmelhQ80n16Bqe/nFk/9RlBN4W/m7VyWEGYE7
0VARZjldnZlP3iCsjAEF3SqRx6xf5YwvTBY4m/kf8RCIefRP2Cnbjtq6ZxLPVpSR
A06+eybhWlAm795oif/0kLZkrDOotmIPsyjeKHFtXfL65KNowuRXK21yGt+TXIOS
e5wewXqXRMdHPNiRHxhDiRCfsXGpascs6yJHupLGmS0AQb6pMdMeacncV6pOe8x7
LS8mD5oG16sG9qUCQbgl6pAWzXPPGKmJYft9Ufvo+9Q4edjisph/1+gr2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1HmvZ2t9RkTsOBBkJAYgJOKFyiMB8GA1UdIwQY
MBaAFDbPs5dbvV74eynD3EpLmOpcJcREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnMtemwxdTlYdmg3S2NQY1NrdVk2bHdseEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYzEwNjEtZGIyNS00NGJkLTgwNGMt
YTE0ZGNlZTU3ZTc0LzEvUFVlYTluYTMxR1JPdzRFR1FrQmlBazRvWEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYzEwNjEtZGIyNS00NGJkLTgwNGMtYTE0ZGNlZTU3ZTc0
LzEvTnMtemwxdTlYdmg3S2NQY1NrdVk2bHdseEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DrMA0G
CSqGSIb3DQEBCwUAA4IBAQBIsPlBE29OmNV739lT34vPNaWSKE0NNZvXUawmCXxt
7dLMPMwiLFhprqBprtg6E7GSKCcGWm/J+tR24N3ZA/iyvnbPc6FUNS8Tn5coZ/3z
US2uXSeDW6XA+BtBJYtHhQ0nAz3cN61E+VgQSc4MIGKhvArta4uSkcWYycoJxgP7
btYCnRidBgDq8PqRAJNpOtPeHI5NyaaiobH9brZfEw9CS7bmT8MkYMf0UxZb92KR
9oCGyPqoqGwbidvhOC5uDN27IAlp1ot0uggEBeRu8d7TjFLkeuP7jY7RxsoU51Dg
gdDUutEUcXLGTpH2qHyKFGTZPGYPaV2IyW3UMFqqdzYN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:07 2025 by rpki-client