Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9620ce-43f0-42bc-af59-435bda5bd048/1/vo4BKk67TNYIYwbOO2QXE8r3_08.roa
File: vo4BKk67TNYIYwbOO2QXE8r3_08.roa (raw, json)
Hash identifier: zBSlNnzonQVal6kymbtPvlMktKQD5cyY9O3r87ssnBs=
Subject key identifier: BE:8E:01:2A:4E:BB:4C:D6:08:63:06:CE:3B:64:17:13:CA:F7:FF:4F
Certificate issuer: /CN=731535a2eaebc68c1657aafcf5a788c8751d9b62
Certificate serial: 01856D662BB349948A7F5CBD92C34FCD6CEC
Authority key identifier: 73:15:35:A2:EA:EB:C6:8C:16:57:AA:FC:F5:A7:88:C8:75:1D:9B:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxU1ourrxowWV6r89aeIyHUdm2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9620ce-43f0-42bc-af59-435bda5bd048/1/vo4BKk67TNYIYwbOO2QXE8r3_08.roa
Signing time: Sun 01 Jan 2023 12:54:50 +0000
ROA not before: Sun 01 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 91.218.37.0/24 maxlen: 24
2a02:ef80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:2b:b3:49:94:8a:7f:5c:bd:92:c3:4f:cd:6c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=731535a2eaebc68c1657aafcf5a788c8751d9b62
Validity
Not Before: Jan 1 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be8e012a4ebb4cd6086306ce3b641713caf7ff4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:00:a5:79:22:d5:ca:be:0a:d2:f0:ed:43:92:
c8:76:5e:86:62:83:8f:34:22:1c:80:c6:36:8f:87:
b1:d8:7c:48:3a:73:36:22:04:36:1e:f0:b1:da:f2:
97:ef:5f:12:d4:7f:da:af:79:7d:e1:e0:b8:1a:01:
c1:a9:bf:16:a2:5e:28:8a:08:0d:a1:77:bb:1f:db:
59:b2:c3:ba:a2:13:a7:64:9b:95:62:a8:9c:15:66:
ce:4c:b8:78:fe:12:73:dd:2e:8a:ee:1e:df:4c:b2:
f4:f4:6f:1a:68:51:03:f7:6b:a7:16:a2:8d:05:df:
32:00:1a:a8:20:93:e3:ed:45:70:82:af:b0:3e:23:
39:bc:9c:39:5a:ea:86:29:39:e0:60:18:b4:a3:73:
02:28:4f:db:1c:7c:b0:6a:d5:a0:4a:30:e0:fb:1b:
34:11:6b:57:1c:39:97:e8:ba:61:a9:97:7c:06:a5:
58:97:32:27:e9:31:95:3a:54:e2:d6:cd:50:54:2a:
fc:f3:66:77:c9:6d:1e:44:af:7a:5c:d8:30:9f:81:
99:de:5c:00:f1:b0:2f:79:37:62:ce:e1:18:f0:1a:
38:09:8b:7d:7c:b6:5c:3a:8a:74:ea:8b:bb:0b:2e:
be:59:b2:d1:64:48:38:28:59:36:17:20:ea:05:58:
38:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8E:01:2A:4E:BB:4C:D6:08:63:06:CE:3B:64:17:13:CA:F7:FF:4F
X509v3 Authority Key Identifier:
keyid:73:15:35:A2:EA:EB:C6:8C:16:57:AA:FC:F5:A7:88:C8:75:1D:9B:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxU1ourrxowWV6r89aeIyHUdm2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9620ce-43f0-42bc-af59-435bda5bd048/1/vo4BKk67TNYIYwbOO2QXE8r3_08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9620ce-43f0-42bc-af59-435bda5bd048/1/cxU1ourrxowWV6r89aeIyHUdm2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.37.0/24
IPv6:
2a02:ef80::/48
Signature Algorithm: sha256WithRSAEncryption
70:15:93:b8:7c:80:9e:76:48:a1:db:71:c6:f4:d2:4a:69:35:
90:86:59:f3:f4:c4:69:12:1f:e3:66:03:bb:d1:53:71:f4:8a:
9a:d3:ad:b0:dd:87:2d:1b:01:ee:d9:56:ed:1f:92:fb:f3:68:
a0:33:b8:50:3b:bd:b6:73:11:f0:38:39:55:1b:39:35:4d:84:
74:0b:b7:35:25:45:85:26:83:e9:79:8d:4d:b7:9e:e1:da:33:
f4:69:1c:23:55:18:3e:06:ee:7d:97:c1:50:22:69:b1:4b:bc:
f2:de:1f:97:3c:57:4a:87:71:19:42:d5:63:7b:4d:cb:eb:24:
e2:6f:a1:d7:e4:f8:b0:34:54:c2:d6:23:66:5d:76:3f:ca:3c:
f3:9f:95:c5:6b:9e:0e:02:0f:cd:59:5b:26:ec:b4:11:a0:21:
47:b0:19:13:ac:9d:9c:f0:ce:26:4f:ae:0d:c3:bf:32:21:7a:
71:e3:17:4c:a3:ae:1f:7a:68:69:50:0d:8e:74:5c:e2:65:2d:
80:3e:fe:ff:7f:fb:36:55:35:b4:b0:a5:5e:c4:19:2e:05:34:
3b:8d:bc:64:f3:d6:3d:c3:5b:64:d3:85:41:68:62:6c:63:0b:
ec:68:93:5a:b2:26:05:7b:d5:15:b8:29:fd:50:c3:e8:02:10:
e5:b0:83:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtZiuzSZSKf1y9ksNPzWzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTUzNWEyZWFlYmM2OGMxNjU3YWFmY2Y1YTc4OGM4NzUx
ZDliNjIwHhcNMjMwMTAxMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZThlMDEyYTRlYmI0Y2Q2MDg2MzA2Y2UzYjY0MTcxM2NhZjdmZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwCleSLVyr4K0vDtQ5LIdl6GYoOP
NCIcgMY2j4ex2HxIOnM2IgQ2HvCx2vKX718S1H/ar3l94eC4GgHBqb8Wol4oiggN
oXe7H9tZssO6ohOnZJuVYqicFWbOTLh4/hJz3S6K7h7fTLL09G8aaFED92unFqKN
Bd8yABqoIJPj7UVwgq+wPiM5vJw5WuqGKTngYBi0o3MCKE/bHHywatWgSjDg+xs0
EWtXHDmX6LphqZd8BqVYlzIn6TGVOlTi1s1QVCr882Z3yW0eRK96XNgwn4GZ3lwA
8bAveTdizuEY8Bo4CYt9fLZcOop06ou7Cy6+WbLRZEg4KFk2FyDqBVg4gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL6OASpOu0zWCGMGzjtkFxPK9/9PMB8GA1UdIwQY
MBaAFHMVNaLq68aMFleq/PWniMh1HZtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hVMW91cnJ4b3dXVjZyODlhZUl5SFVkbTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85NjIwY2UtNDNmMC00MmJjLWFmNTkt
NDM1YmRhNWJkMDQ4LzEvdm80QktrNjdUTllJWXdiT08yUVhFOHIzXzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85NjIwY2UtNDNmMC00MmJjLWFmNTktNDM1YmRhNWJkMDQ4
LzEvY3hVMW91cnJ4b3dXVjZyODlhZUl5SFVkbTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9olMA8E
AgACMAkDBwAqAu+AAAAwDQYJKoZIhvcNAQELBQADggEBAHAVk7h8gJ52SKHbccb0
0kppNZCGWfP0xGkSH+NmA7vRU3H0iprTrbDdhy0bAe7ZVu0fkvvzaKAzuFA7vbZz
EfA4OVUbOTVNhHQLtzUlRYUmg+l5jU23nuHaM/RpHCNVGD4G7n2XwVAiabFLvPLe
H5c8V0qHcRlC1WN7TcvrJOJvodfk+LA0VMLWI2Zddj/KPPOflcVrng4CD81ZWybs
tBGgIUewGROsnZzwziZPrg3DvzIhenHjF0yjrh96aGlQDY50XOJlLYA+/v9/+zZV
NbSwpV7EGS4FNDuNvGTz1j3DW2TThUFoYmxjC+xok1qyJgV71RW4Kf1Qw+gCEOWw
g1k=
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:37:45 2025 by rpki-client