Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/ynAVhXuxR6FxiSTNqqLczejP3qA.roa
File: ynAVhXuxR6FxiSTNqqLczejP3qA.roa (raw, json)
Hash identifier: f4UOwu9bS0UQCHNm9YpP8MRDCsh02scjCYxs8MDonRE=
Subject key identifier: CA:70:15:85:7B:B1:47:A1:71:89:24:CD:AA:A2:DC:CD:E8:CF:DE:A0
Certificate issuer: /CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Certificate serial: 05680DE8
Authority key identifier: 0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/ynAVhXuxR6FxiSTNqqLczejP3qA.roa
Signing time: Sat 01 Jan 2022 16:05:13 +0000
ROA not before: Sat 01 Jan 2022 16:05:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209680
IP address blocks: 91.132.204.0/24 maxlen: 24
2a09:d881::/48 maxlen: 48
2a09:d880::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90705384 (0x5680de8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Validity
Not Before: Jan 1 16:05:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca7015857bb147a1718924cdaaa2dccde8cfdea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e6:81:b5:a6:36:99:34:6a:c4:7d:43:a8:7e:
c6:8f:39:38:8c:5e:ef:47:ad:22:34:7f:5c:5d:49:
f1:ca:9e:22:a4:80:88:ae:a5:43:f2:75:81:07:82:
52:7a:4f:38:6f:13:42:40:f2:52:66:2d:f8:8e:8c:
93:77:7e:ed:a5:05:bf:a5:c5:fe:af:c1:2f:21:86:
65:96:b6:fa:75:11:24:6e:f7:28:e7:ea:af:7b:ca:
8a:59:cd:40:3e:0e:9a:ed:82:3b:cc:61:68:c0:21:
87:a2:e5:36:f0:c3:8f:d9:69:7c:0d:26:08:48:b7:
11:52:2e:23:e1:bc:ab:9a:57:e9:66:e2:f2:0b:80:
8e:a8:59:21:88:2e:09:8c:b2:54:f1:35:1c:a0:66:
9a:7b:60:7b:9e:73:69:0f:a8:65:e9:cf:14:89:fd:
31:45:6c:41:e3:e4:02:14:36:a3:2d:82:65:fc:b5:
7e:fa:58:85:41:38:ca:47:5c:80:7c:9a:88:42:00:
8f:fb:97:68:a5:f3:74:7b:7b:c8:53:68:86:5a:85:
78:3d:38:6b:0b:0c:bc:01:87:57:12:f9:f7:33:8d:
34:43:e2:b0:c3:31:2d:21:52:6c:0b:58:8b:8c:8b:
b7:ea:8b:a0:d2:f4:d7:60:60:b2:9e:70:74:2a:64:
00:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:70:15:85:7B:B1:47:A1:71:89:24:CD:AA:A2:DC:CD:E8:CF:DE:A0
X509v3 Authority Key Identifier:
keyid:0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/ynAVhXuxR6FxiSTNqqLczejP3qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.204.0/24
IPv6:
2a09:d880::/48
2a09:d881::/48
Signature Algorithm: sha256WithRSAEncryption
8f:d9:98:e2:65:1e:dd:0c:0c:e8:c1:3f:6a:5a:51:ec:8a:10:
1f:bd:e2:79:d2:ba:d8:82:ed:93:07:97:aa:14:75:fa:cf:9e:
a0:bc:f8:c9:b1:64:3f:c1:b5:6b:68:b3:24:45:78:39:c1:03:
59:83:a1:c3:b3:8c:54:6a:4b:80:e5:6f:9d:cd:02:6d:01:f7:
c3:92:da:00:f2:b5:04:e4:16:d1:ea:4a:24:2c:23:db:b3:02:
69:e9:4e:fa:e1:42:ee:33:77:bd:d9:7d:a8:c0:45:c0:32:3d:
e4:79:af:02:c5:30:bd:97:d5:7a:d7:b6:48:f7:2b:fd:e4:9e:
17:7e:08:3e:71:15:ac:bc:2a:06:83:72:2c:f4:4d:c8:72:9c:
e7:ee:83:3d:0f:08:38:40:1c:0d:b2:80:77:83:7e:93:c4:66:
18:a7:3d:48:62:2d:fc:7a:c0:93:40:81:2d:3b:f2:cc:05:d8:
b0:10:da:18:0d:c0:95:81:e6:70:10:7e:93:82:de:c4:de:93:
32:8f:ea:32:62:d1:d5:66:4e:cc:43:d9:74:78:b7:89:e2:31:
5f:60:01:08:e4:53:bf:ff:93:7d:c1:a1:d4:c3:39:36:ea:eb:
f3:e6:cc:21:d7:e2:31:66:7a:da:95:9e:e6:29:e1:e4:da:42:
8a:b9:db:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBWgN6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWI4YmM0NGUzNmZhZTE2ZDM3MTAyZmQwZDUxOWYyODRkNjYzZDkwMB4XDTIyMDEw
MTE2MDUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E3MDE1ODU3YmIx
NDdhMTcxODkyNGNkYWFhMmRjY2RlOGNmZGVhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfmgbWmNpk0asR9Q6h+xo85OIxe70etIjR/XF1J8cqeIqSA
iK6lQ/J1gQeCUnpPOG8TQkDyUmYt+I6Mk3d+7aUFv6XF/q/BLyGGZZa2+nURJG73
KOfqr3vKilnNQD4Omu2CO8xhaMAhh6LlNvDDj9lpfA0mCEi3EVIuI+G8q5pX6Wbi
8guAjqhZIYguCYyyVPE1HKBmmntge55zaQ+oZenPFIn9MUVsQePkAhQ2oy2CZfy1
fvpYhUE4ykdcgHyaiEIAj/uXaKXzdHt7yFNohlqFeD04awsMvAGHVxL59zONNEPi
sMMxLSFSbAtYi4yLt+qLoNL012Bgsp5wdCpkAIcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTKcBWFe7FHoXGJJM2qotzN6M/eoDAfBgNVHSMEGDAWgBQOuLxE42+uFtNx
Av0NUZ8oTWY9kDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RyaThST052cmhiVGNRTDlEVkdmS0UxbVBaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvNjFkMWNlLWNkODAtNDI5ZC1iZmUxLTg5YjNhM2YxNWRmMC8x
L3luQVZoWHV4UjZGeGlTVE5xcUxjemVqUDNxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
NjFkMWNlLWNkODAtNDI5ZC1iZmUxLTg5YjNhM2YxNWRmMC8xL0RyaThST052cmhi
VGNRTDlEVkdmS0UxbVBaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAFuEzDAYBAIAAjASAwcAKgnYgAAA
AwcAKgnYgQAAMA0GCSqGSIb3DQEBCwUAA4IBAQCP2ZjiZR7dDAzowT9qWlHsihAf
veJ50rrYgu2TB5eqFHX6z56gvPjJsWQ/wbVraLMkRXg5wQNZg6HDs4xUakuA5W+d
zQJtAffDktoA8rUE5BbR6kokLCPbswJp6U764ULuM3e92X2owEXAMj3kea8CxTC9
l9V617ZI9yv95J4Xfgg+cRWsvCoGg3Is9E3Icpzn7oM9Dwg4QBwNsoB3g36TxGYY
pz1IYi38esCTQIEtO/LMBdiwENoYDcCVgeZwEH6Tgt7E3pMyj+oyYtHVZk7MQ9l0
eLeJ4jFfYAEI5FO//5N9waHUwzk26uvz5swh1+IxZnralZ7mKeHk2kKKudsP
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:21:11 2025 by rpki-client