Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/on2iTZ-Kpt8QdyzX9BXKXMS_yq8.roa
File: on2iTZ-Kpt8QdyzX9BXKXMS_yq8.roa (raw, json)
Hash identifier: XeHxrxE/e+JdBBmYZGW1+DRoMbVEMTUID00jAZ6YbAY=
Subject key identifier: A2:7D:A2:4D:9F:8A:A6:DF:10:77:2C:D7:F4:15:CA:5C:C4:BF:CA:AF
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018AB31A91AFCD3AFA4131AE0E101D7EC2EE
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/on2iTZ-Kpt8QdyzX9BXKXMS_yq8.roa
Signing time: Wed 20 Sep 2023 14:59:37 +0000
ROA not before: Wed 20 Sep 2023 14:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 932
IP address blocks: 91.208.73.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.104.0/24 maxlen: 24
45.150.198.0/23 maxlen: 23
2a12:ab80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:1a:91:af:cd:3a:fa:41:31:ae:0e:10:1d:7e:c2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Sep 20 14:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27da24d9f8aa6df10772cd7f415ca5cc4bfcaaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1c:9a:93:4a:b9:30:c7:a5:16:11:f3:65:f5:
36:70:de:e6:f0:64:92:01:55:52:32:87:30:c9:bf:
b0:4a:9d:74:ff:55:98:d2:5a:47:af:c5:34:f9:14:
d9:4a:2f:da:da:23:5f:70:c9:2c:16:b1:91:38:39:
d6:83:8e:bb:77:7b:3f:10:5a:1d:b0:eb:c6:d0:f8:
51:ea:ba:64:6d:3d:80:f7:f2:ce:e4:44:f8:6c:96:
22:fb:51:c7:74:d2:f9:bf:4b:fa:a2:d4:b8:e6:3e:
d2:11:e4:01:fc:07:cc:0f:e1:03:07:a1:e6:3c:68:
f7:a2:26:77:d3:af:8f:cc:3d:1e:67:4f:5c:eb:01:
68:2d:7e:67:90:fe:ca:1f:92:07:c1:6e:39:1e:2b:
73:98:49:06:f5:a1:ef:b3:a4:dd:f7:79:a5:13:3e:
ef:c3:46:22:ec:a1:b9:ea:fe:48:a7:55:b6:2a:90:
e6:89:44:5f:8e:45:81:0e:ee:7b:8b:4a:5b:56:db:
7d:a8:c3:27:c8:ea:36:8a:ed:83:34:21:b0:35:74:
a8:31:4b:e5:46:04:c2:32:bd:08:09:8b:e2:ed:c0:
28:9e:ab:7b:f4:c0:ac:bc:58:1d:50:7b:c8:43:01:
6b:ea:ae:64:39:d1:d7:00:5d:0f:3c:de:d2:a9:4b:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7D:A2:4D:9F:8A:A6:DF:10:77:2C:D7:F4:15:CA:5C:C4:BF:CA:AF
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/on2iTZ-Kpt8QdyzX9BXKXMS_yq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.198.0/23
91.208.73.0/24
91.208.104.0/24
91.213.200.0/24
IPv6:
2a12:ab80::/29
Signature Algorithm: sha256WithRSAEncryption
6e:8a:47:48:1c:42:22:f1:9e:10:03:4e:30:ef:51:d9:55:4f:
0d:67:77:15:3f:1d:69:ed:c5:28:fb:69:10:d5:a3:23:b1:60:
c5:fa:79:18:65:ec:a0:d7:00:87:e2:c3:e8:23:a1:dd:ba:9d:
53:a8:9c:c0:be:54:1c:5f:7f:a1:02:29:9c:38:d9:ee:df:d6:
dc:0b:60:7e:98:b7:e3:4f:b2:9d:cb:96:2e:29:7a:ad:01:7f:
25:91:27:df:7f:7f:02:83:7d:09:f3:7b:61:4f:f6:fd:3c:1a:
3c:9e:0c:dd:d0:3f:46:93:a8:d0:bb:4c:08:d5:0b:a9:4f:32:
14:b5:ed:c7:45:f3:a4:73:8f:93:ca:8e:98:12:6f:46:76:61:
13:51:6b:05:97:4f:b4:90:59:e9:dd:1d:db:f3:1f:19:c2:1b:
3d:44:d0:84:1b:4b:b3:36:db:e8:ec:7f:86:03:65:f4:5e:25:
f3:25:8b:8c:61:09:b6:7c:1f:b9:72:97:f1:40:04:1b:eb:53:
84:89:11:a4:71:8f:63:a1:be:55:f9:6c:9f:20:01:04:cf:43:
9c:57:65:40:9c:2c:c8:09:22:1c:cf:d5:08:4b:90:a2:a4:cb:
86:28:76:3f:cd:0a:d9:7d:79:07:9d:e0:33:2e:66:76:ab:a9:
42:44:4e:11
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqzGpGvzTr6QTGuDhAdfsLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwOTIwMTQ1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdkYTI0ZDlmOGFhNmRmMTA3NzJjZDdmNDE1Y2E1Y2M0YmZjYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqByak0q5MMelFhHzZfU2cN7m8GSS
AVVSMocwyb+wSp10/1WY0lpHr8U0+RTZSi/a2iNfcMksFrGRODnWg467d3s/EFod
sOvG0PhR6rpkbT2A9/LO5ET4bJYi+1HHdNL5v0v6otS45j7SEeQB/AfMD+EDB6Hm
PGj3oiZ306+PzD0eZ09c6wFoLX5nkP7KH5IHwW45HitzmEkG9aHvs6Td93mlEz7v
w0Yi7KG56v5Ip1W2KpDmiURfjkWBDu57i0pbVtt9qMMnyOo2iu2DNCGwNXSoMUvl
RgTCMr0ICYvi7cAonqt79MCsvFgdUHvIQwFr6q5kOdHXAF0PPN7SqUvu9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKJ9ok2fiqbfEHcs1/QVylzEv8qvMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvb24yaVRaLUtwdDhRZHl6WDlCWEtYTVNfeXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBLZbGAwQA
W9BJAwQAW9BoAwQAW9XIMA0EAgACMAcDBQMqEquAMA0GCSqGSIb3DQEBCwUAA4IB
AQBuikdIHEIi8Z4QA04w71HZVU8NZ3cVPx1p7cUo+2kQ1aMjsWDF+nkYZeyg1wCH
4sPoI6Hdup1TqJzAvlQcX3+hAimcONnu39bcC2B+mLfjT7Kdy5YuKXqtAX8lkSff
f38Cg30J83thT/b9PBo8ngzd0D9Gk6jQu0wI1QupTzIUte3HRfOkc4+Tyo6YEm9G
dmETUWsFl0+0kFnp3R3b8x8Zwhs9RNCEG0uzNtvo7H+GA2X0XiXzJYuMYQm2fB+5
cpfxQAQb61OEiRGkcY9job5V+WyfIAEEz0OcV2VAnCzICSIcz9UIS5CipMuGKHY/
zQrZfXkHneAzLmZ2q6lCRE4R
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:51:13 2025 by rpki-client