Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a2df79-d4ff-40c7-b4a4-7aec558eb40d/1/ZHeSLfC5-JhceRlQduOFFyuUVEo.roa
File: ZHeSLfC5-JhceRlQduOFFyuUVEo.roa (raw, json)
Hash identifier: gZrKsKETkpMSWrXs0ZO4CCgcwRcpXQTOx1rbng1II0I=
Subject key identifier: 64:77:92:2D:F0:B9:F8:98:5C:79:19:50:76:E3:85:17:2B:94:54:4A
Certificate issuer: /CN=88fc58875608970d9a728347d05ef00d0f1d5611
Certificate serial: 018571F0D6EDF50853149322AA3D2D0C9944
Authority key identifier: 88:FC:58:87:56:08:97:0D:9A:72:83:47:D0:5E:F0:0D:0F:1D:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPxYh1YIlw2acoNH0F7wDQ8dVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/a2df79-d4ff-40c7-b4a4-7aec558eb40d/1/ZHeSLfC5-JhceRlQduOFFyuUVEo.roa
Signing time: Mon 02 Jan 2023 10:04:47 +0000
ROA not before: Mon 02 Jan 2023 10:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 91.198.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:d6:ed:f5:08:53:14:93:22:aa:3d:2d:0c:99:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fc58875608970d9a728347d05ef00d0f1d5611
Validity
Not Before: Jan 2 10:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6477922df0b9f8985c79195076e385172b94544a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:61:58:4a:43:3b:65:04:e3:9d:41:f9:82:78:
63:ae:b3:79:82:5b:18:19:8e:e0:84:9a:d7:16:f2:
36:91:d1:31:5d:f8:ff:75:a8:cb:d3:39:27:00:2c:
be:24:05:3b:94:95:33:a0:26:d3:ef:1b:fd:20:f7:
78:a7:8d:d3:8b:fb:cd:19:48:5c:3b:55:58:b7:6a:
f5:a2:2e:65:3c:c4:90:58:87:6c:43:c7:c5:42:51:
1e:c5:06:92:f5:01:8a:96:d4:59:c7:14:d6:9c:35:
e3:76:bb:42:55:6c:d5:2a:ee:1f:c5:ea:56:0d:ee:
9e:c8:4d:96:a6:bd:3b:b7:af:a7:83:42:e9:77:a3:
9c:18:c2:ff:4e:1f:49:34:51:72:08:06:b6:a6:39:
bf:79:c4:e5:39:2d:7b:3a:20:1d:b2:57:9e:33:25:
22:0a:83:59:8f:66:7d:83:75:9f:bc:de:5c:25:de:
c9:2a:ab:2e:4e:20:e4:d0:69:0d:34:88:1a:39:c3:
a3:01:54:74:c6:f6:e7:7b:8f:16:30:22:d0:54:60:
26:81:e4:12:0a:b1:c8:4e:c2:2f:e2:59:b3:de:d2:
38:c9:7a:03:61:12:39:22:4e:20:63:5d:d9:6b:8f:
35:9e:df:64:c0:f3:4a:e7:d4:02:6c:fc:ba:a1:ee:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:77:92:2D:F0:B9:F8:98:5C:79:19:50:76:E3:85:17:2B:94:54:4A
X509v3 Authority Key Identifier:
keyid:88:FC:58:87:56:08:97:0D:9A:72:83:47:D0:5E:F0:0D:0F:1D:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPxYh1YIlw2acoNH0F7wDQ8dVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a2df79-d4ff-40c7-b4a4-7aec558eb40d/1/ZHeSLfC5-JhceRlQduOFFyuUVEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a2df79-d4ff-40c7-b4a4-7aec558eb40d/1/iPxYh1YIlw2acoNH0F7wDQ8dVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:e7:fc:5f:f4:78:cd:84:f5:d8:fc:af:6d:cd:c7:37:02:0b:
46:9e:cb:ef:a4:08:17:4f:1b:a0:0b:70:7a:eb:ba:97:b8:c6:
c0:e5:6b:6b:7c:1a:3b:4a:60:f2:9f:b3:5a:23:2d:53:af:b0:
54:27:d2:5c:7a:0b:57:07:00:6c:cc:71:c3:ec:fc:76:98:e9:
39:49:74:0d:69:2b:8b:70:67:98:17:c9:df:e6:87:ab:9b:1a:
b8:2e:ee:bd:60:10:b7:79:3d:7f:9a:52:98:bc:6c:e1:f4:67:
b9:2c:e5:b1:be:86:cb:fc:39:3f:68:db:09:62:0f:d3:88:5f:
b0:44:88:03:05:52:75:81:b7:37:27:dc:65:68:f9:e4:22:d4:
15:83:19:68:68:74:35:a0:b3:31:98:c2:60:a3:7e:87:f9:90:
70:11:4f:43:05:e9:b6:a8:4b:e3:37:a5:8e:7a:11:91:57:fd:
7f:c1:52:2f:d2:b2:b0:42:c9:e7:a8:7d:2f:1b:2e:24:07:46:
e6:e4:58:dc:ca:bf:b6:f5:ac:73:57:13:bc:2a:d6:54:e1:a1:
0b:6a:bf:36:ca:83:b4:e7:78:7f:e0:bb:26:5f:1c:4a:88:29:
89:a3:55:cb:6d:0e:87:11:e3:2a:8d:49:5f:28:7b:87:c2:4a:
bf:57:17:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8Nbt9QhTFJMiqj0tDJlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmM1ODg3NTYwODk3MGQ5YTcyODM0N2QwNWVmMDBkMGYx
ZDU2MTEwHhcNMjMwMTAyMTAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc3OTIyZGYwYjlmODk4NWM3OTE5NTA3NmUzODUxNzJiOTQ1NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2FYSkM7ZQTjnUH5gnhjrrN5glsY
GY7ghJrXFvI2kdExXfj/dajL0zknACy+JAU7lJUzoCbT7xv9IPd4p43Ti/vNGUhc
O1VYt2r1oi5lPMSQWIdsQ8fFQlEexQaS9QGKltRZxxTWnDXjdrtCVWzVKu4fxepW
De6eyE2Wpr07t6+ng0Lpd6OcGML/Th9JNFFyCAa2pjm/ecTlOS17OiAdsleeMyUi
CoNZj2Z9g3WfvN5cJd7JKqsuTiDk0GkNNIgaOcOjAVR0xvbne48WMCLQVGAmgeQS
CrHITsIv4lmz3tI4yXoDYRI5Ik4gY13Za481nt9kwPNK59QCbPy6oe7CtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGR3ki3wufiYXHkZUHbjhRcrlFRKMB8GA1UdIwQY
MBaAFIj8WIdWCJcNmnKDR9Be8A0PHVYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVB4WWgxWUlsdzJhY29OSDBGN3dEUThkVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMmRmNzktZDRmZi00MGM3LWI0YTQt
N2FlYzU1OGViNDBkLzEvWkhlU0xmQzUtSmhjZVJsUWR1T0ZGeXVVVkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMmRmNzktZDRmZi00MGM3LWI0YTQtN2FlYzU1OGViNDBk
LzEvaVB4WWgxWUlsdzJhY29OSDBGN3dEUThkVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8aOMA0G
CSqGSIb3DQEBCwUAA4IBAQCm5/xf9HjNhPXY/K9tzcc3AgtGnsvvpAgXTxugC3B6
67qXuMbA5WtrfBo7SmDyn7NaIy1Tr7BUJ9JcegtXBwBszHHD7Px2mOk5SXQNaSuL
cGeYF8nf5oermxq4Lu69YBC3eT1/mlKYvGzh9Ge5LOWxvobL/Dk/aNsJYg/TiF+w
RIgDBVJ1gbc3J9xlaPnkItQVgxloaHQ1oLMxmMJgo36H+ZBwEU9DBem2qEvjN6WO
ehGRV/1/wVIv0rKwQsnnqH0vGy4kB0bm5Fjcyr+29axzVxO8KtZU4aELar82yoO0
53h/4LsmXxxKiCmJo1XLbQ6HEeMqjUlfKHuHwkq/VxeF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:09 2025 by rpki-client