Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/Dfx49loh-0KcnmS0l7mwSgpp4vg.roa
File: Dfx49loh-0KcnmS0l7mwSgpp4vg.roa (raw, json)
Hash identifier: h+YyPv7Ehk/AdI5UwDP6M6CHyvbw6oVb+D5k7CWmh/Y=
Subject key identifier: 0D:FC:78:F6:5A:21:FB:42:9C:9E:64:B4:97:B9:B0:4A:0A:69:E2:F8
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01843EA28921C271576036F8FAFDC3EFA7AB
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/Dfx49loh-0KcnmS0l7mwSgpp4vg.roa
Signing time: Thu 03 Nov 2022 17:55:50 +0000
ROA not before: Thu 03 Nov 2022 17:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212012
IP address blocks: 91.240.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:a2:89:21:c2:71:57:60:36:f8:fa:fd:c3:ef:a7:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Nov 3 17:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dfc78f65a21fb429c9e64b497b9b04a0a69e2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:62:6c:b7:a1:74:f9:6b:ec:48:58:49:a4:b8:
cb:87:a0:76:77:ac:db:43:99:6e:50:6b:32:c4:fe:
8a:f4:8c:98:60:31:f1:1c:21:16:c3:d0:82:a3:57:
86:25:39:3b:25:88:1e:e4:90:48:f5:69:73:ea:ce:
5b:4a:e1:8e:be:78:60:7d:4b:af:54:22:5d:e6:9c:
c0:6b:be:65:bd:fb:b1:44:46:b9:67:d3:5b:26:10:
e9:49:f0:7d:e4:20:d6:df:6c:1b:f5:5e:c3:c4:ed:
0b:86:ff:b3:db:4c:60:20:04:9b:68:98:96:8b:4c:
63:3c:d8:d8:bc:c6:26:14:f1:95:53:4f:a7:de:62:
3e:7f:cb:65:b2:d2:53:ea:98:98:fd:e1:e8:00:23:
6b:18:51:03:db:32:96:38:4b:52:e4:49:86:03:9a:
72:52:5e:b1:6d:56:75:d6:66:15:ac:d8:91:a1:bc:
1f:3c:83:0b:c7:86:40:a3:01:8d:b0:5e:a1:0f:22:
f1:c9:01:40:b0:b2:84:53:c4:7e:14:1c:dd:de:e7:
41:b4:d3:ec:08:8c:8c:0a:5b:76:c5:43:5e:88:42:
0a:1a:8b:a5:0e:12:8c:b1:ef:d2:df:68:08:4f:d1:
d4:d9:fc:af:97:f6:db:cf:9a:34:fd:0e:2c:ce:4f:
fb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FC:78:F6:5A:21:FB:42:9C:9E:64:B4:97:B9:B0:4A:0A:69:E2:F8
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/Dfx49loh-0KcnmS0l7mwSgpp4vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.72.0/24
Signature Algorithm: sha256WithRSAEncryption
36:46:1b:70:23:4b:99:5b:0a:fa:e2:e3:e0:77:1a:e7:56:5c:
32:88:44:d2:ce:02:81:b4:67:cc:af:24:c4:b2:be:af:35:ba:
d4:fe:0d:0e:3d:01:9c:68:a0:6a:c7:f6:f6:f2:e2:65:c0:47:
26:0a:bf:12:eb:83:fa:d5:e5:1d:25:5d:d7:8d:14:ff:a0:d7:
06:97:6b:ae:8e:57:73:1c:e7:2e:fb:09:9b:e6:51:9d:c2:82:
f4:3e:fe:c6:3d:3c:89:15:13:0b:bb:02:60:a3:05:11:2b:f9:
3a:22:73:10:54:c0:cc:fb:be:ec:24:61:c4:9f:66:38:3d:01:
b1:bb:e1:9c:45:c0:b6:fb:d7:9e:73:81:b0:d3:ce:69:b9:b3:
25:c1:8a:71:c3:88:ad:eb:fb:1a:eb:b2:e7:0d:31:40:73:91:
66:61:21:81:35:fc:16:61:47:d7:78:e5:f2:d9:71:70:4a:36:
99:b8:26:ac:83:e5:f1:a4:ef:af:9c:06:8a:e0:ed:03:a5:9c:
35:e6:64:7c:f5:af:3b:d6:2f:3b:b5:17:47:4b:1b:27:2c:82:
67:c2:d8:a6:f2:e4:b1:e4:8e:27:93:a3:21:21:bd:5f:11:1d:
c6:30:0d:98:87:48:01:99:83:a8:ca:50:3c:50:79:e0:49:7a:
9b:19:6f:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ+ookhwnFXYDb4+v3D76erMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjIxMTAzMTc1NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZjNzhmNjVhMjFmYjQyOWM5ZTY0YjQ5N2I5YjA0YTBhNjllMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Jst6F0+WvsSFhJpLjLh6B2d6zb
Q5luUGsyxP6K9IyYYDHxHCEWw9CCo1eGJTk7JYge5JBI9Wlz6s5bSuGOvnhgfUuv
VCJd5pzAa75lvfuxREa5Z9NbJhDpSfB95CDW32wb9V7DxO0Lhv+z20xgIASbaJiW
i0xjPNjYvMYmFPGVU0+n3mI+f8tlstJT6piY/eHoACNrGFED2zKWOEtS5EmGA5py
Ul6xbVZ11mYVrNiRobwfPIMLx4ZAowGNsF6hDyLxyQFAsLKEU8R+FBzd3udBtNPs
CIyMClt2xUNeiEIKGoulDhKMse/S32gIT9HU2fyvl/bbz5o0/Q4szk/7rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA38ePZaIftCnJ5ktJe5sEoKaeL4MB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvRGZ4NDlsb2gtMEtjbm1TMGw3bXdTZ3BwNHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/BIMA0G
CSqGSIb3DQEBCwUAA4IBAQA2RhtwI0uZWwr64uPgdxrnVlwyiETSzgKBtGfMryTE
sr6vNbrU/g0OPQGcaKBqx/b28uJlwEcmCr8S64P61eUdJV3XjRT/oNcGl2uujldz
HOcu+wmb5lGdwoL0Pv7GPTyJFRMLuwJgowURK/k6InMQVMDM+77sJGHEn2Y4PQGx
u+GcRcC2+9eec4Gw085pubMlwYpxw4it6/sa67LnDTFAc5FmYSGBNfwWYUfXeOXy
2XFwSjaZuCasg+XxpO+vnAaK4O0DpZw15mR89a871i87tRdHSxsnLIJnwtim8uSx
5I4nk6MhIb1fER3GMA2Yh0gBmYOoylA8UHngSXqbGW/9
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:58:33 2025 by rpki-client