Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/DzeSRWoADhUoY8JRmj-PPqwpCIY.roa
File: DzeSRWoADhUoY8JRmj-PPqwpCIY.roa (raw, json)
Hash identifier: QZmHw6ieAfODm0OTEh5vid62+d7iw+99vqBT8wjMMiY=
Subject key identifier: 0F:37:92:45:6A:00:0E:15:28:63:C2:51:9A:3F:8F:3E:AC:29:08:86
Certificate issuer: /CN=f38b7ca41f40082290ca8aefdec4bd297d3aec0c
Certificate serial: 09370E22
Authority key identifier: F3:8B:7C:A4:1F:40:08:22:90:CA:8A:EF:DE:C4:BD:29:7D:3A:EC:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/DzeSRWoADhUoY8JRmj-PPqwpCIY.roa
Signing time: Sat 01 Jan 2022 02:59:56 +0000
ROA not before: Sat 01 Jan 2022 02:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198611
IP address blocks: 91.240.131.0/24 maxlen: 24
2a0c:44c0:2::/48 maxlen: 48
2a0c:44c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154603042 (0x9370e22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f38b7ca41f40082290ca8aefdec4bd297d3aec0c
Validity
Not Before: Jan 1 02:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f3792456a000e152863c2519a3f8f3eac290886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b1:50:84:44:ba:bc:95:63:2b:41:c0:c8:71:
d6:49:dc:e9:35:6e:b0:96:7b:69:08:d9:8d:07:e1:
22:19:a0:4e:9f:8c:9f:da:e7:98:c9:03:2c:9a:99:
91:40:f1:8a:60:c7:3d:93:ba:a1:b3:c6:36:25:3d:
5e:cf:ed:3e:c5:83:ad:1e:54:29:fc:d3:c9:02:57:
6b:3e:4e:cb:28:0b:2c:99:12:0d:b3:bd:eb:54:37:
19:fa:2d:91:53:4a:da:a6:96:6b:1d:7c:29:87:09:
6a:0a:b5:43:d6:32:e1:10:0f:3e:6f:07:d8:17:92:
5f:0a:10:95:1c:1a:fd:15:7e:19:e4:71:75:f5:bf:
b4:64:e8:0c:be:3e:98:b2:92:fd:96:df:5b:88:12:
bd:3e:93:3c:ef:e0:82:68:bd:10:1e:1f:d6:35:a5:
bd:7a:60:71:30:f4:46:10:dd:9c:54:60:f7:73:32:
fa:10:95:15:64:38:07:84:d6:5e:60:38:f5:98:ea:
6a:23:56:18:84:5e:d9:d7:13:4b:ef:e6:71:58:d8:
ee:5d:a8:48:ba:a4:69:54:dc:02:45:67:11:88:8e:
07:13:b4:ba:b7:9e:19:a9:33:e4:e5:f1:94:d6:94:
30:ad:6c:99:4b:31:3b:34:97:87:91:ca:b9:8d:10:
c1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:37:92:45:6A:00:0E:15:28:63:C2:51:9A:3F:8F:3E:AC:29:08:86
X509v3 Authority Key Identifier:
keyid:F3:8B:7C:A4:1F:40:08:22:90:CA:8A:EF:DE:C4:BD:29:7D:3A:EC:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/DzeSRWoADhUoY8JRmj-PPqwpCIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/84t8pB9ACCKQyorv3sS9KX067Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.131.0/24
IPv6:
2a0c:44c0:1::-2a0c:44c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:01:9b:6c:c0:fa:68:fe:c0:6d:f9:52:35:2e:41:22:ca:e5:
a9:30:b6:95:44:12:2d:9b:92:b7:59:13:d2:ba:4c:3e:3f:aa:
b8:25:50:93:1f:7d:86:cb:ab:7f:80:5e:1e:79:1c:3a:e6:c3:
28:25:e0:ff:5a:3c:79:71:eb:f9:f0:21:a1:a5:fb:ca:c1:b1:
9d:3a:07:a8:e2:e9:d2:6e:7b:8b:27:db:55:a4:32:13:83:0e:
21:a0:82:61:22:46:5b:40:29:ee:2c:66:05:41:b9:a8:3f:62:
51:63:4e:e1:49:db:31:d8:00:49:40:13:3f:2b:0a:f6:2a:c6:
aa:c6:5a:61:6a:46:25:ca:07:fc:02:74:87:2e:03:35:0e:98:
64:0b:22:29:15:07:c0:bd:b9:05:27:a2:ad:8c:35:54:a0:b1:
50:66:a9:fe:54:74:cf:7f:50:16:45:ba:2b:89:e7:2d:a6:50:
c2:8c:c9:3a:8b:6e:c6:e4:f0:dc:4e:87:ce:e1:0e:ff:45:f1:
79:0c:7e:24:77:1d:7c:9b:5e:30:be:1a:16:c8:47:66:2b:d3:
ff:60:05:4b:47:6a:d0:2e:17:52:e6:92:c8:3b:22:c8:f1:d7:
15:d2:11:92:e2:83:13:12:ef:e7:79:32:8f:74:55:8c:d0:5a:
47:de:d9:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECTcOIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MzhiN2NhNDFmNDAwODIyOTBjYThhZWZkZWM0YmQyOTdkM2FlYzBjMB4XDTIyMDEw
MTAyNTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYzNzkyNDU2YTAw
MGUxNTI4NjNjMjUxOWEzZjhmM2VhYzI5MDg4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPGxUIREuryVYytBwMhx1knc6TVusJZ7aQjZjQfhIhmgTp+M
n9rnmMkDLJqZkUDximDHPZO6obPGNiU9Xs/tPsWDrR5UKfzTyQJXaz5OyygLLJkS
DbO961Q3GfotkVNK2qaWax18KYcJagq1Q9Yy4RAPPm8H2BeSXwoQlRwa/RV+GeRx
dfW/tGToDL4+mLKS/ZbfW4gSvT6TPO/ggmi9EB4f1jWlvXpgcTD0RhDdnFRg93My
+hCVFWQ4B4TWXmA49ZjqaiNWGIRe2dcTS+/mcVjY7l2oSLqkaVTcAkVnEYiOBxO0
ureeGakz5OXxlNaUMK1smUsxOzSXh5HKuY0QwXECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQPN5JFagAOFShjwlGaP48+rCkIhjAfBgNVHSMEGDAWgBTzi3ykH0AIIpDK
iu/exL0pfTrsDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg0dDhwQjlBQ0NLUXlvcnYzc1M5S1gwNjdBdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvNjMwOTA0LTU2MTItNDlmNy04MGIzLWEzY2EyMTEyMjY4Yi8x
L0R6ZVNSV29BRGhVb1k4SlJtai1QUHF3cENJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
NjMwOTA0LTU2MTItNDlmNy04MGIzLWEzY2EyMTEyMjY4Yi8xLzg0dDhwQjlBQ0NL
UXlvcnYzc1M5S1gwNjdBdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAFvwgzAaBAIAAjAUMBIDBwAqDETA
AAEDBwAqDETAAAIwDQYJKoZIhvcNAQELBQADggEBAH4Bm2zA+mj+wG35UjUuQSLK
5akwtpVEEi2bkrdZE9K6TD4/qrglUJMffYbLq3+AXh55HDrmwygl4P9aPHlx6/nw
IaGl+8rBsZ06B6ji6dJue4sn21WkMhODDiGggmEiRltAKe4sZgVBuag/YlFjTuFJ
2zHYAElAEz8rCvYqxqrGWmFqRiXKB/wCdIcuAzUOmGQLIikVB8C9uQUnoq2MNVSg
sVBmqf5UdM9/UBZFuiuJ5y2mUMKMyTqLbsbk8NxOh87hDv9F8XkMfiR3HXybXjC+
GhbIR2Yr0/9gBUtHatAuF1Lmksg7Isjx1xXSEZLigxMS7+d5Mo90VYzQWkfe2UQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:15 2025 by rpki-client