Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/T1PoxPk4Wl8XIPr22X4sf0uJzIQ.roa
File: T1PoxPk4Wl8XIPr22X4sf0uJzIQ.roa (raw, json)
Hash identifier: P1UEhGOnIU8Nil3dY/TAlN/o3yN6LaIcf+WweQfhgzs=
Subject key identifier: 4F:53:E8:C4:F9:38:5A:5F:17:20:FA:F6:D9:7E:2C:7F:4B:89:CC:84
Certificate issuer: /CN=9757052075961e9d90c27d07125a4b446cafd790
Certificate serial: 01856DCAC3B683FBF24C93D713854EB24FD9
Authority key identifier: 97:57:05:20:75:96:1E:9D:90:C2:7D:07:12:5A:4B:44:6C:AF:D7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1cFIHWWHp2Qwn0HElpLRGyv15A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/T1PoxPk4Wl8XIPr22X4sf0uJzIQ.roa
Signing time: Sun 01 Jan 2023 14:44:42 +0000
ROA not before: Sun 01 Jan 2023 14:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49957
IP address blocks: 91.207.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:c3:b6:83:fb:f2:4c:93:d7:13:85:4e:b2:4f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9757052075961e9d90c27d07125a4b446cafd790
Validity
Not Before: Jan 1 14:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f53e8c4f9385a5f1720faf6d97e2c7f4b89cc84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:da:ab:4c:45:e8:bc:0e:0b:1d:e5:a7:b5:78:
03:2f:ca:85:01:97:85:57:d8:c7:2d:b6:de:b3:2d:
c5:39:dc:38:38:87:ef:fd:1a:cb:f7:5b:68:a8:0f:
23:7b:98:49:ea:b6:e7:30:f4:3e:fd:8e:26:01:cb:
69:1c:71:b6:39:b9:af:3c:c0:3b:ac:bf:07:1a:14:
e6:7a:80:16:1d:9b:95:b2:8d:07:17:88:73:02:2d:
26:f7:51:68:f7:58:05:7e:3f:4b:67:8d:20:34:9c:
b3:a7:ad:aa:4f:82:c1:b7:3b:b6:3c:c6:28:36:a3:
2d:34:0a:f8:62:2f:e6:f3:58:a1:ce:cc:82:9d:80:
80:6d:0f:95:49:0d:47:46:be:c5:1b:ce:0d:5a:0d:
62:98:d3:ba:89:17:3c:2f:04:19:ad:f4:b2:18:dd:
4b:fd:03:3f:3e:5e:dd:a2:41:db:90:af:a6:ce:fd:
47:7b:3d:97:14:9d:20:75:54:1d:6f:ca:77:a7:78:
44:ad:e7:6f:a4:6b:c3:65:2c:05:a0:64:ca:ec:72:
48:4b:9b:76:ee:73:68:22:d1:22:47:99:69:3d:53:
f0:39:8e:5f:96:45:91:90:96:b3:3a:38:47:62:1e:
d3:68:ba:09:0c:25:5f:b2:fd:78:d0:6a:3e:5f:83:
cb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:53:E8:C4:F9:38:5A:5F:17:20:FA:F6:D9:7E:2C:7F:4B:89:CC:84
X509v3 Authority Key Identifier:
keyid:97:57:05:20:75:96:1E:9D:90:C2:7D:07:12:5A:4B:44:6C:AF:D7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1cFIHWWHp2Qwn0HElpLRGyv15A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/T1PoxPk4Wl8XIPr22X4sf0uJzIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/l1cFIHWWHp2Qwn0HElpLRGyv15A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.250.0/23
Signature Algorithm: sha256WithRSAEncryption
67:25:25:99:18:a6:d8:89:65:c5:ef:75:ad:5d:4c:e6:58:57:
5b:06:ef:c7:c3:21:58:34:ea:25:5f:83:ac:62:c6:df:de:7c:
21:f3:dc:88:85:6a:ac:73:91:70:da:45:6d:9c:96:ed:0e:bc:
d4:5a:a4:3e:65:48:e0:c9:0c:39:bc:e9:87:0d:fc:87:39:46:
55:92:4c:b5:0c:74:9c:47:c9:22:b5:ac:36:e0:eb:f8:e9:85:
ad:f1:a4:53:d3:9d:78:b8:86:99:2d:cb:31:ff:8a:62:ef:82:
a7:64:c3:5a:69:a7:77:4f:c5:26:3f:23:56:e6:e1:a9:3d:69:
ef:8b:59:ff:0c:73:d7:fe:2f:88:3c:8c:75:c1:7d:25:0c:3b:
22:f7:3b:1f:e9:69:9a:fe:cc:e0:54:0c:71:02:3c:ee:7c:13:
2d:71:ed:1b:a7:0e:fd:72:ef:78:5f:74:4b:23:04:a3:95:ef:
a4:a6:9c:f2:5e:03:38:e8:9c:74:0d:45:01:ec:c1:80:87:8c:
ff:1b:21:76:1e:47:53:08:a8:de:0c:f9:d1:bd:44:1a:21:7e:
92:e9:42:b7:1c:5e:20:a2:19:ea:4b:3d:56:b8:92:da:61:ed:
11:ab:31:43:18:9a:bd:fa:e9:09:3e:db:ab:7e:4f:80:8a:56:
9d:55:34:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtysO2g/vyTJPXE4VOsk/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTcwNTIwNzU5NjFlOWQ5MGMyN2QwNzEyNWE0YjQ0NmNh
ZmQ3OTAwHhcNMjMwMTAxMTQ0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjUzZThjNGY5Mzg1YTVmMTcyMGZhZjZkOTdlMmM3ZjRiODljYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdqrTEXovA4LHeWntXgDL8qFAZeF
V9jHLbbesy3FOdw4OIfv/RrL91toqA8je5hJ6rbnMPQ+/Y4mActpHHG2ObmvPMA7
rL8HGhTmeoAWHZuVso0HF4hzAi0m91Fo91gFfj9LZ40gNJyzp62qT4LBtzu2PMYo
NqMtNAr4Yi/m81ihzsyCnYCAbQ+VSQ1HRr7FG84NWg1imNO6iRc8LwQZrfSyGN1L
/QM/Pl7dokHbkK+mzv1Hez2XFJ0gdVQdb8p3p3hEredvpGvDZSwFoGTK7HJIS5t2
7nNoItEiR5lpPVPwOY5flkWRkJazOjhHYh7TaLoJDCVfsv140Go+X4PLhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9T6MT5OFpfFyD69tl+LH9LicyEMB8GA1UdIwQY
MBaAFJdXBSB1lh6dkMJ9BxJaS0Rsr9eQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFjRklIV1dIcDJRd24wSEVscExSR3l2MTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi85NjhkNDEtNGQ3Ny00MmJlLTgwYjEt
YmVhZmUwZWZjMDljLzEvVDFQb3hQazRXbDhYSVByMjJYNHNmMHVKeklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi85NjhkNDEtNGQ3Ny00MmJlLTgwYjEtYmVhZmUwZWZjMDlj
LzEvbDFjRklIV1dIcDJRd24wSEVscExSR3l2MTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/6MA0G
CSqGSIb3DQEBCwUAA4IBAQBnJSWZGKbYiWXF73WtXUzmWFdbBu/HwyFYNOolX4Os
Ysbf3nwh89yIhWqsc5Fw2kVtnJbtDrzUWqQ+ZUjgyQw5vOmHDfyHOUZVkky1DHSc
R8kitaw24Ov46YWt8aRT0514uIaZLcsx/4pi74KnZMNaaad3T8UmPyNW5uGpPWnv
i1n/DHPX/i+IPIx1wX0lDDsi9zsf6Wma/szgVAxxAjzufBMtce0bpw79cu94X3RL
IwSjle+kppzyXgM46Jx0DUUB7MGAh4z/GyF2HkdTCKjeDPnRvUQaIX6S6UK3HF4g
ohnqSz1WuJLaYe0RqzFDGJq9+ukJPturfk+AiladVTSN
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:51 2025 by rpki-client