Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/usN9XJMRX6LEs48Gxlb53TRYp6A.roa
File: usN9XJMRX6LEs48Gxlb53TRYp6A.roa (raw, json)
Hash identifier: O136p3UQXzAZyHHGB9CQtOKveV3FnapUhQ2kO3L0aCA=
Subject key identifier: BA:C3:7D:5C:93:11:5F:A2:C4:B3:8F:06:C6:56:F9:DD:34:58:A7:A0
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0184ADFF7667F9341B80C078F0223767B9F5
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/usN9XJMRX6LEs48Gxlb53TRYp6A.roa
Signing time: Fri 25 Nov 2022 08:55:11 +0000
ROA not before: Fri 25 Nov 2022 08:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47624
IP address blocks: 91.206.139.0/24 maxlen: 24
91.206.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:ff:76:67:f9:34:1b:80:c0:78:f0:22:37:67:b9:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Nov 25 08:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bac37d5c93115fa2c4b38f06c656f9dd3458a7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:ec:bf:73:12:42:ce:8f:95:35:06:43:16:
64:9e:74:c3:6b:70:ab:77:20:fc:66:c8:fd:11:80:
ae:d4:c7:bb:b7:ee:3c:1b:37:b6:48:82:4f:da:76:
48:92:47:0a:7d:d7:68:01:a2:fb:18:39:62:b5:ff:
4b:78:28:89:12:29:d9:97:1d:94:a7:64:19:2d:a6:
d7:dd:ff:87:8d:e1:90:c6:be:63:86:51:0c:07:1c:
02:0f:03:8d:0f:a0:b7:19:57:24:2d:67:53:91:2e:
6d:01:79:97:7a:d0:47:13:99:68:f8:b4:43:09:9f:
ad:38:e1:52:3f:fd:85:72:cb:18:c1:84:7e:8f:b8:
b9:20:48:c8:7e:da:ec:d4:fc:32:92:34:28:df:ce:
8a:66:1a:d3:2b:32:28:13:f7:d0:83:d1:d1:da:1d:
5a:fb:3a:6b:d3:2d:2c:c1:cc:45:e4:17:83:36:cd:
51:fa:8f:36:af:5c:61:33:e4:d2:c3:8c:08:c7:bd:
b4:80:9d:d2:0a:51:ca:f7:14:40:1e:45:86:41:14:
6b:3a:75:3a:3a:2f:0c:23:2a:03:53:61:67:bc:56:
53:a7:26:b7:4f:ca:26:d1:f3:42:71:6e:f2:74:6c:
6f:2f:05:f1:07:7e:b5:fe:18:9e:b8:2b:27:d3:29:
c3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C3:7D:5C:93:11:5F:A2:C4:B3:8F:06:C6:56:F9:DD:34:58:A7:A0
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/usN9XJMRX6LEs48Gxlb53TRYp6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.138.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:21:bc:e0:12:09:d7:26:86:0a:63:40:19:78:e7:77:91:e9:
49:48:28:f9:b3:18:60:7e:32:e3:73:35:65:52:2d:ae:57:ae:
6d:2d:2d:b4:76:0c:93:d2:9e:c9:64:fb:75:ac:25:bb:d9:76:
7d:e6:14:8c:eb:93:a8:3b:ce:a0:b4:49:54:60:d4:33:55:a0:
15:d1:13:d8:a8:ac:33:ef:23:fe:58:ae:af:6f:bd:be:cb:bf:
41:79:fb:31:40:89:f2:8c:e3:a1:c1:b2:5e:05:19:2c:bd:34:
f0:97:24:ed:05:10:38:29:fb:40:19:62:8f:9c:97:87:36:7a:
c8:d5:84:54:5d:41:b2:ac:21:18:ce:26:81:64:65:af:0e:b2:
f8:53:50:56:6a:23:4a:d0:8e:e8:1f:2b:f7:76:74:42:81:9b:
e4:f9:8a:24:23:7e:51:df:c4:bd:2c:c0:2d:1f:0b:5d:69:28:
fb:88:83:b8:d5:a9:11:8c:da:b5:12:4c:99:ff:bf:24:60:d1:
8d:eb:be:e1:bb:98:d0:95:be:9e:bb:79:bd:2a:03:2f:e5:34:
e8:3d:99:19:fc:79:b1:a4:23:20:88:f8:71:53:5e:2a:65:3c:
54:eb:51:a2:1c:dd:db:b7:b5:3d:bc:69:72:09:db:59:93:03:
83:de:9a:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSt/3Zn+TQbgMB48CI3Z7n1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjIxMTI1MDg1NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWMzN2Q1YzkzMTE1ZmEyYzRiMzhmMDZjNjU2ZjlkZDM0NThhN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl63sv3MSQs6PlTUGQxZknnTDa3Cr
dyD8Zsj9EYCu1Me7t+48Gze2SIJP2nZIkkcKfddoAaL7GDlitf9LeCiJEinZlx2U
p2QZLabX3f+HjeGQxr5jhlEMBxwCDwOND6C3GVckLWdTkS5tAXmXetBHE5lo+LRD
CZ+tOOFSP/2FcssYwYR+j7i5IEjIftrs1PwykjQo386KZhrTKzIoE/fQg9HR2h1a
+zpr0y0swcxF5BeDNs1R+o82r1xhM+TSw4wIx720gJ3SClHK9xRAHkWGQRRrOnU6
Oi8MIyoDU2FnvFZTpya3T8om0fNCcW7ydGxvLwXxB361/hieuCsn0ynDXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrDfVyTEV+ixLOPBsZW+d00WKegMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvdXNOOVhKTVJYNkxFczQ4R3hsYjUzVFJZcDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86KMA0G
CSqGSIb3DQEBCwUAA4IBAQAtIbzgEgnXJoYKY0AZeOd3kelJSCj5sxhgfjLjczVl
Ui2uV65tLS20dgyT0p7JZPt1rCW72XZ95hSM65OoO86gtElUYNQzVaAV0RPYqKwz
7yP+WK6vb72+y79BefsxQInyjOOhwbJeBRksvTTwlyTtBRA4KftAGWKPnJeHNnrI
1YRUXUGyrCEYziaBZGWvDrL4U1BWaiNK0I7oHyv3dnRCgZvk+YokI35R38S9LMAt
HwtdaSj7iIO41akRjNq1EkyZ/78kYNGN677hu5jQlb6eu3m9KgMv5TToPZkZ/Hmx
pCMgiPhxU14qZTxU61GiHN3bt7U9vGlyCdtZkwOD3pqA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:23 2025 by rpki-client