Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/B9MpstQ8yw4ty-d6HInwV-UNhP0.roa
File: B9MpstQ8yw4ty-d6HInwV-UNhP0.roa (raw, json)
Hash identifier: w7gJXDmTVylLxmsN02IYHF5dT5oM19ofCcLF95ExO2Y=
Subject key identifier: 07:D3:29:B2:D4:3C:CB:0E:2D:CB:E7:7A:1C:89:F0:57:E5:0D:84:FD
Certificate issuer: /CN=a4f00aae577e7451f88ea604bf6a33734cd03009
Certificate serial: 01856DA640596D10BA0186CB0D82E7110F9B
Authority key identifier: A4:F0:0A:AE:57:7E:74:51:F8:8E:A6:04:BF:6A:33:73:4C:D0:30:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPAKrld-dFH4jqYEv2ozc0zQMAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/B9MpstQ8yw4ty-d6HInwV-UNhP0.roa
Signing time: Sun 01 Jan 2023 14:04:49 +0000
ROA not before: Sun 01 Jan 2023 14:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29479
IP address blocks: 91.237.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:40:59:6d:10:ba:01:86:cb:0d:82:e7:11:0f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f00aae577e7451f88ea604bf6a33734cd03009
Validity
Not Before: Jan 1 14:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07d329b2d43ccb0e2dcbe77a1c89f057e50d84fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c1:a1:98:f6:02:84:7a:32:c9:4c:71:51:26:
b1:78:72:6a:2e:01:cf:8a:1c:c3:1a:c9:ab:9c:4c:
a4:2b:78:ef:ad:a7:30:0c:fc:9a:c0:6a:1c:bf:12:
61:98:66:d6:df:ca:d8:e9:19:16:29:d9:19:7e:d8:
10:37:e0:b5:04:90:d7:de:14:5c:05:18:64:63:7c:
ac:79:67:ed:32:0d:a3:79:65:6d:52:60:2e:23:4a:
85:c7:4a:83:d7:ae:1a:5e:a6:23:50:95:4c:5d:11:
e8:4b:3a:49:e4:b0:53:a0:6d:e5:1f:a0:c2:26:fc:
7c:17:f4:4c:4e:8b:6d:d1:8d:77:27:1d:37:f9:76:
fc:52:dd:fe:5e:ca:5f:7d:5c:cb:64:6f:c4:66:2d:
20:80:0b:a1:0a:d5:f2:f9:f8:3e:b9:36:72:ce:3d:
de:f2:9f:d4:94:91:4d:2f:2e:24:6a:71:0d:f2:c8:
f9:c7:45:58:3d:14:08:96:1a:8b:b3:ac:d4:81:35:
0f:44:63:be:42:c4:9e:6b:d9:ad:71:c9:b0:ca:7e:
23:53:d2:74:96:ae:d0:dc:a1:a7:93:60:f6:27:4f:
88:56:bd:b0:03:a0:6c:49:a3:7f:25:4e:25:71:07:
04:4e:0b:f4:3e:a3:f6:a2:69:99:3e:a4:02:1e:55:
46:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D3:29:B2:D4:3C:CB:0E:2D:CB:E7:7A:1C:89:F0:57:E5:0D:84:FD
X509v3 Authority Key Identifier:
keyid:A4:F0:0A:AE:57:7E:74:51:F8:8E:A6:04:BF:6A:33:73:4C:D0:30:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPAKrld-dFH4jqYEv2ozc0zQMAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/B9MpstQ8yw4ty-d6HInwV-UNhP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.78.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:86:17:69:00:73:a6:b4:38:5e:af:40:f1:eb:e8:6d:8b:fb:
b9:91:f2:c8:b3:87:07:3a:fb:83:b2:7b:16:98:bb:7a:8d:f5:
15:fc:9a:d8:52:a0:6d:34:3e:7c:8c:05:1f:51:49:ab:16:58:
3a:b3:22:97:db:dc:f8:e8:e0:d6:ea:cb:27:4d:29:32:66:df:
e0:09:c3:27:e6:7b:ad:67:6f:3b:3c:3e:ec:73:78:c4:f0:4d:
48:98:94:17:99:36:ad:95:71:13:f9:34:5c:66:e0:d7:e6:b1:
44:49:ec:cf:35:1e:e7:83:21:bd:9b:af:d6:18:a2:c8:49:bc:
d7:20:8d:f9:e3:79:e8:b8:4c:05:41:b3:cd:62:e6:d1:f3:c4:
b5:06:de:40:db:fe:07:f3:ea:f5:16:e7:76:83:8b:43:3e:de:
4a:5c:8b:43:c8:57:1d:79:e0:6d:dc:68:60:77:31:ed:6a:e1:
2c:e5:80:80:5f:cb:93:67:cf:27:e9:56:38:8d:57:6e:15:1d:
c7:fa:a2:44:95:6e:2e:df:19:94:57:3e:5a:99:a1:d9:21:8e:
b3:de:d4:e2:cd:79:d9:93:6d:93:20:73:2a:ef:53:89:a3:40:
67:a9:a4:e6:8e:b6:3a:ed:49:aa:74:75:d6:d9:82:04:9c:df:
ea:e1:a7:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpkBZbRC6AYbLDYLnEQ+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjAwYWFlNTc3ZTc0NTFmODhlYTYwNGJmNmEzMzczNGNk
MDMwMDkwHhcNMjMwMTAxMTQwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QzMjliMmQ0M2NjYjBlMmRjYmU3N2ExYzg5ZjA1N2U1MGQ4NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcGhmPYChHoyyUxxUSaxeHJqLgHP
ihzDGsmrnEykK3jvracwDPyawGocvxJhmGbW38rY6RkWKdkZftgQN+C1BJDX3hRc
BRhkY3yseWftMg2jeWVtUmAuI0qFx0qD164aXqYjUJVMXRHoSzpJ5LBToG3lH6DC
Jvx8F/RMTott0Y13Jx03+Xb8Ut3+XspffVzLZG/EZi0ggAuhCtXy+fg+uTZyzj3e
8p/UlJFNLy4kanEN8sj5x0VYPRQIlhqLs6zUgTUPRGO+QsSea9mtccmwyn4jU9J0
lq7Q3KGnk2D2J0+IVr2wA6BsSaN/JU4lcQcETgv0PqP2ommZPqQCHlVGGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfTKbLUPMsOLcvnehyJ8FflDYT9MB8GA1UdIwQY
MBaAFKTwCq5XfnRR+I6mBL9qM3NM0DAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBBS3JsZC1kRkg0anFZRXYyb3pjMHpRTUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81OGE5NGEtOWUyOC00N2E1LTlmZDYt
OWM5MWIxYzUxNThhLzEvQjlNcHN0UTh5dzR0eS1kNkhJbndWLVVOaFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81OGE5NGEtOWUyOC00N2E1LTlmZDYtOWM5MWIxYzUxNThh
LzEvcFBBS3JsZC1kRkg0anFZRXYyb3pjMHpRTUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+1OMA0G
CSqGSIb3DQEBCwUAA4IBAQBchhdpAHOmtDher0Dx6+hti/u5kfLIs4cHOvuDsnsW
mLt6jfUV/JrYUqBtND58jAUfUUmrFlg6syKX29z46ODW6ssnTSkyZt/gCcMn5nut
Z287PD7sc3jE8E1ImJQXmTatlXET+TRcZuDX5rFESezPNR7ngyG9m6/WGKLISbzX
II3543nouEwFQbPNYubR88S1Bt5A2/4H8+r1Fud2g4tDPt5KXItDyFcdeeBt3Ghg
dzHtauEs5YCAX8uTZ88n6VY4jVduFR3H+qJElW4u3xmUVz5amaHZIY6z3tTizXnZ
k22TIHMq71OJo0BnqaTmjrY67UmqdHXW2YIEnN/q4afZ
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:00:52 2025 by rpki-client