Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/2nr3jK6Xar0jsgJNzfhmzAzMWDk.roa
File: 2nr3jK6Xar0jsgJNzfhmzAzMWDk.roa (raw, json)
Hash identifier: 5WIgqV8gE0qeAXhTA1Q3ivKS7yfshs3G7BWQTApQpwU=
Subject key identifier: DA:7A:F7:8C:AE:97:6A:BD:23:B2:02:4D:CD:F8:66:CC:0C:CC:58:39
Certificate issuer: /CN=5134d1320645644e2eaf3685879d693f72522c76
Certificate serial: 04844341
Authority key identifier: 51:34:D1:32:06:45:64:4E:2E:AF:36:85:87:9D:69:3F:72:52:2C:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UTTRMgZFZE4urzaFh51pP3JSLHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/2nr3jK6Xar0jsgJNzfhmzAzMWDk.roa
Signing time: Sat 01 Jan 2022 06:53:25 +0000
ROA not before: Sat 01 Jan 2022 06:53:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 91.194.104.0/23 maxlen: 24
91.194.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75776833 (0x4844341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5134d1320645644e2eaf3685879d693f72522c76
Validity
Not Before: Jan 1 06:53:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da7af78cae976abd23b2024dcdf866cc0ccc5839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:14:1c:c6:d3:82:53:97:14:d3:08:e5:2c:74:
08:81:b8:7b:76:5a:34:99:99:45:91:e9:cf:c9:9d:
7a:36:0e:6d:d8:83:96:eb:f1:23:02:f0:44:24:91:
d4:c0:b2:a7:bc:e3:16:c9:5d:7f:8f:d0:cd:b7:e7:
c4:97:88:83:a9:2e:45:d6:73:44:da:94:a0:dd:72:
bf:9f:4c:84:44:d1:dc:68:a2:d6:65:32:24:59:a5:
a0:74:a8:25:0e:f8:4b:79:bb:e2:15:c8:58:02:10:
d3:5c:9b:48:81:80:db:16:ad:26:da:1d:86:43:ad:
41:d3:97:f0:b3:2f:70:df:d0:63:05:2c:51:85:7a:
23:e0:35:0e:e9:bd:5c:04:42:a5:41:78:80:0c:b6:
4e:82:02:14:09:b0:f9:24:52:5d:7d:d1:c3:4c:b2:
20:77:39:36:38:40:4d:ca:63:ef:f9:3e:b2:09:75:
19:34:18:3d:47:fb:bd:2b:50:56:f7:4d:70:ca:3a:
66:5b:1e:79:ef:09:a8:af:82:47:0c:ad:24:14:ce:
4d:f1:97:f7:ef:fb:ae:f5:2f:fc:3d:da:aa:52:67:
ff:db:eb:fe:e6:82:99:da:ee:2a:9a:7e:3a:f2:a9:
95:ee:86:41:ec:45:27:79:57:cf:84:8c:34:80:7d:
29:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7A:F7:8C:AE:97:6A:BD:23:B2:02:4D:CD:F8:66:CC:0C:CC:58:39
X509v3 Authority Key Identifier:
keyid:51:34:D1:32:06:45:64:4E:2E:AF:36:85:87:9D:69:3F:72:52:2C:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTTRMgZFZE4urzaFh51pP3JSLHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/2nr3jK6Xar0jsgJNzfhmzAzMWDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/UTTRMgZFZE4urzaFh51pP3JSLHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.25.0/24
91.194.104.0/23
Signature Algorithm: sha256WithRSAEncryption
09:36:14:3d:0e:94:ca:99:71:a9:af:c1:f2:8f:19:c4:35:69:
03:ed:65:65:bc:61:a6:b6:46:02:85:1b:73:18:b1:d8:9e:f7:
78:41:dd:a8:32:8f:ea:96:4e:c9:0e:ac:87:9b:30:a6:5d:5d:
39:ab:34:d9:91:bf:42:2b:e4:da:fd:1a:c3:e8:e2:0b:c4:fd:
53:70:12:23:22:7e:b3:ee:06:96:e7:0d:f5:4a:bb:60:23:c2:
6e:d1:49:b1:07:87:6e:58:33:8a:2b:93:ce:0e:2e:78:98:49:
9e:7e:58:1b:47:8a:13:77:c5:e7:37:a7:43:d0:ca:f6:60:92:
b6:f9:85:b8:69:5c:12:9f:c3:78:42:a8:98:cf:80:7a:b1:94:
93:b3:62:2d:38:17:37:c6:b7:6e:0b:c4:ba:d1:ac:ee:2b:04:
44:24:34:d6:b5:27:34:15:3c:1b:a6:31:d6:36:b4:07:83:91:
00:fa:a0:12:7c:9a:a3:89:31:9e:6d:35:b7:01:db:90:2c:9f:
b7:7b:81:ea:bd:0c:d9:9b:91:0c:f2:41:3d:f8:89:d5:ca:24:
d5:e6:ad:43:93:ba:8e:eb:c0:cb:a4:1f:eb:4b:dc:68:6f:36:
54:68:b7:37:69:48:51:e9:e1:c0:9d:44:c9:72:20:cc:34:14:
a1:af:68:b4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBIRDQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTM0ZDEzMjA2NDU2NDRlMmVhZjM2ODU4NzlkNjkzZjcyNTIyYzc2MB4XDTIyMDEw
MTA2NTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE3YWY3OGNhZTk3
NmFiZDIzYjIwMjRkY2RmODY2Y2MwY2NjNTgzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO4UHMbTglOXFNMI5Sx0CIG4e3ZaNJmZRZHpz8mdejYObdiD
luvxIwLwRCSR1MCyp7zjFsldf4/QzbfnxJeIg6kuRdZzRNqUoN1yv59MhETR3Gii
1mUyJFmloHSoJQ74S3m74hXIWAIQ01ybSIGA2xatJtodhkOtQdOX8LMvcN/QYwUs
UYV6I+A1Dum9XARCpUF4gAy2ToICFAmw+SRSXX3Rw0yyIHc5NjhATcpj7/k+sgl1
GTQYPUf7vStQVvdNcMo6Zlseee8JqK+CRwytJBTOTfGX9+/7rvUv/D3aqlJn/9vr
/uaCmdruKpp+OvKple6GQexFJ3lXz4SMNIB9KUkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTaeveMrpdqvSOyAk3N+GbMDMxYOTAfBgNVHSMEGDAWgBRRNNEyBkVkTi6v
NoWHnWk/clIsdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VUVFJNZ1pGWkU0dXJ6YUZoNTFwUDNKU0xIWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvOWZiMWQ3LTg0MjQtNGM4NC1iMGNiLTJmNTFlY2QxYWEwZS8x
LzJucjNqSzZYYXIwanNnSk56ZmhtekF6TVdEay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
OWZiMWQ3LTg0MjQtNGM4NC1iMGNiLTJmNTFlY2QxYWEwZS8xL1VUVFJNZ1pGWkU0
dXJ6YUZoNTFwUDNKU0xIWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvCGQMEAVvCaDANBgkqhkiG9w0B
AQsFAAOCAQEACTYUPQ6Uyplxqa/B8o8ZxDVpA+1lZbxhprZGAoUbcxix2J73eEHd
qDKP6pZOyQ6sh5swpl1dOas02ZG/Qivk2v0aw+jiC8T9U3ASIyJ+s+4GlucN9Uq7
YCPCbtFJsQeHblgziiuTzg4ueJhJnn5YG0eKE3fF5zenQ9DK9mCStvmFuGlcEp/D
eEKomM+AerGUk7NiLTgXN8a3bgvEutGs7isERCQ01rUnNBU8G6Yx1ja0B4ORAPqg
Enyao4kxnm01twHbkCyft3uB6r0M2ZuRDPJBPfiJ1cok1eatQ5O6juvAy6Qf60vc
aG82VGi3N2lIUenhwJ1EyXIgzDQUoa9otA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:09 2025 by rpki-client