Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/1-SRsies_rHpU8aWdE61nENAbzSA.roa
File: 1-SRsies_rHpU8aWdE61nENAbzSA.roa (raw, json)
Hash identifier: t7E5FqaZHefXMClSTTtDybs1/VnL+VtTDsuPuuSHfQ0=
Subject key identifier: F9:24:6C:89:EB:3F:AC:7A:54:F1:A5:9D:13:AD:67:10:D0:1B:CD:20
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01856D7899B178998CFE9785B7E0BC3243D8
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/1-SRsies_rHpU8aWdE61nENAbzSA.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202
IP address blocks: 91.240.72.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
185.42.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:99:b1:78:99:8c:fe:97:85:b7:e0:bc:32:43:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9246c89eb3fac7a54f1a59d13ad6710d01bcd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b8:94:0f:0e:1f:cf:73:2e:21:c5:a0:24:04:
57:c6:c5:50:c9:dc:95:4e:e2:03:4a:4a:c5:f7:5a:
1b:58:6b:05:36:bd:ce:b4:20:59:a4:a4:32:90:05:
38:1e:de:dd:37:93:2e:64:80:3f:b0:74:fa:62:52:
36:e1:44:7a:7b:25:0a:91:31:86:ea:c8:61:28:4e:
9b:ff:8f:b0:27:30:0c:22:cd:fe:07:92:a4:d6:2f:
53:11:8d:06:40:05:5d:6c:79:70:b7:80:77:42:4a:
23:fe:d4:ba:df:ef:62:cc:0f:41:c1:bd:37:60:fb:
61:e3:94:7f:14:7c:72:02:df:2a:2b:26:1a:a6:8f:
ee:83:82:f5:18:65:19:c9:0d:b2:33:47:34:aa:6c:
0c:8c:c9:76:be:ce:90:b2:af:f7:45:8d:70:d4:30:
ba:55:b1:25:2f:d6:4f:cc:e4:5d:1e:af:5b:a1:65:
d5:97:ab:53:d9:69:6f:53:d2:ab:c1:25:18:92:bf:
fb:b1:a5:e6:95:ee:e3:af:3a:e7:a1:5a:0c:b4:01:
01:3d:13:f2:3a:db:7f:be:57:d4:2b:b9:08:1b:e5:
4a:d5:b7:56:ef:30:06:4f:a1:85:a0:05:67:d6:ec:
99:c3:aa:d8:54:18:17:21:ae:1c:a3:4b:3b:c9:68:
f5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:24:6C:89:EB:3F:AC:7A:54:F1:A5:9D:13:AD:67:10:D0:1B:CD:20
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/1-SRsies_rHpU8aWdE61nENAbzSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.72.0/24
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:6a:ff:64:8b:90:f7:6f:b6:0e:61:db:1b:33:bb:eb:1a:db:
4f:36:20:8d:92:94:26:65:32:72:92:4c:3b:e9:36:49:f0:92:
49:dc:a7:79:04:4a:1c:8a:2f:45:1c:13:8e:20:06:06:c1:f9:
9c:47:a6:fc:86:79:4c:4a:8e:2d:43:b6:15:ae:bb:a4:8b:81:
ea:c5:7f:e6:20:22:f4:6e:3c:db:37:23:2c:f6:53:c9:9b:3e:
e7:98:e8:3a:50:68:dd:51:31:55:20:f5:c3:40:ce:96:f7:55:
c9:0a:29:3b:b4:68:2a:9c:8a:0f:ef:1d:e4:11:31:c3:22:60:
57:8e:86:4d:38:d6:7f:d6:34:50:d9:fb:13:25:4a:ac:f7:4e:
85:c2:5d:9a:8e:11:37:aa:7b:29:3b:65:71:c2:28:e2:7e:88:
d2:2e:10:3a:3c:cd:cf:bc:f7:75:af:86:12:ff:45:6d:c3:42:
b9:58:ab:9c:b2:50:5f:ef:ba:fb:7b:15:ea:2d:30:47:3d:d3:
f1:e7:66:a8:d1:45:14:9b:e0:39:bf:d6:41:24:df:c7:62:97:
5e:9a:25:4c:21:12:49:11:21:ce:e3:42:92:27:1d:7d:2d:0d:
3d:fe:ca:ed:59:08:58:3a:08:e3:ab:77:f5:8b:66:ed:ff:e7:
b5:bd:d5:bb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVteJmxeJmM/peFt+C8MkPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTI0NmM4OWViM2ZhYzdhNTRmMWE1OWQxM2FkNjcxMGQwMWJjZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobiUDw4fz3MuIcWgJARXxsVQydyV
TuIDSkrF91obWGsFNr3OtCBZpKQykAU4Ht7dN5MuZIA/sHT6YlI24UR6eyUKkTGG
6shhKE6b/4+wJzAMIs3+B5Kk1i9TEY0GQAVdbHlwt4B3Qkoj/tS63+9izA9Bwb03
YPth45R/FHxyAt8qKyYapo/ug4L1GGUZyQ2yM0c0qmwMjMl2vs6Qsq/3RY1w1DC6
VbElL9ZPzORdHq9boWXVl6tT2WlvU9KrwSUYkr/7saXmle7jrzrnoVoMtAEBPRPy
Ott/vlfUK7kIG+VK1bdW7zAGT6GFoAVn1uyZw6rYVBgXIa4co0s7yWj11wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPkkbInrP6x6VPGlnROtZxDQG80gMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvMS1TUnNpZXNfckhwVThhV2RFNjFuRU5BYnpTQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvMzI1Yjg0LTJlZDQtNDA5Mi05MDZjLTEwMGVlZDgxMmM0
MC8xL3BpOHRQQ2FkazFJbmFRc290X3ZkbFQ0ZW50dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvwSAME
Abkq6DANBgkqhkiG9w0BAQsFAAOCAQEApWr/ZIuQ92+2DmHbGzO76xrbTzYgjZKU
JmUycpJMO+k2SfCSSdyneQRKHIovRRwTjiAGBsH5nEem/IZ5TEqOLUO2Fa67pIuB
6sV/5iAi9G482zcjLPZTyZs+55joOlBo3VExVSD1w0DOlvdVyQopO7RoKpyKD+8d
5BExwyJgV46GTTjWf9Y0UNn7EyVKrPdOhcJdmo4RN6p7KTtlccIo4n6I0i4QOjzN
z7z3da+GEv9FbcNCuVirnLJQX++6+3sV6i0wRz3T8edmqNFFFJvgOb/WQSTfx2KX
XpolTCESSREhzuNCkicdfS0NPf7K7VkIWDoI46t39Ytm7f/ntb3Vuw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:53:26 2025 by rpki-client