Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/d53BepWaeQiYI6nXxngdxGJAteI.roa
File: d53BepWaeQiYI6nXxngdxGJAteI.roa (raw, json)
Hash identifier: a6cvg28H9bBCe/Bv6sHFUlIATrZEKbrJ63+Su/9v3d4=
Subject key identifier: 77:9D:C1:7A:95:9A:79:08:98:23:A9:D7:C6:78:1D:C4:62:40:B5:E2
Certificate issuer: /CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Certificate serial: 01856BCA2A0B231E1F47E9A7FD1133DB6C5B
Authority key identifier: 9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/d53BepWaeQiYI6nXxngdxGJAteI.roa
Signing time: Sun 01 Jan 2023 05:24:49 +0000
ROA not before: Sun 01 Jan 2023 05:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35236
IP address blocks: 45.91.28.0/22 maxlen: 24
2a0e:25c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:2a:0b:23:1e:1f:47:e9:a7:fd:11:33:db:6c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Validity
Not Before: Jan 1 05:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=779dc17a959a79089823a9d7c6781dc46240b5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ee:f3:4d:12:9d:92:27:73:9d:e1:b4:fc:76:
48:03:ba:16:3a:0e:5a:cc:cf:b0:89:96:24:eb:c7:
77:db:d5:40:ad:9d:a7:d7:66:a8:d7:fb:cc:69:21:
cb:e0:af:9e:39:66:3c:90:4f:d3:17:15:50:d0:28:
05:6b:d2:72:b6:82:f3:42:94:b9:db:39:3a:b3:82:
68:83:c3:51:72:98:96:15:8f:42:e2:85:c4:1c:d2:
f5:7d:f6:d6:17:50:fe:a5:ee:5d:00:d2:50:9b:cb:
08:2a:a1:a8:b3:67:d5:39:f3:3e:e5:3e:bb:7a:54:
2f:0d:ed:70:48:c3:a2:51:9e:3d:12:17:a7:29:ee:
76:4b:47:d8:de:11:cf:14:17:d4:50:c0:31:ff:11:
93:7e:8d:95:4c:6c:e2:d3:56:44:90:4f:b4:17:ed:
94:5f:b6:21:b4:07:61:88:8f:df:fe:8b:06:95:e8:
0c:d2:d3:f1:c9:67:ad:db:1b:64:8e:9e:57:df:83:
c5:4e:a7:37:fc:d5:3d:df:9c:5c:a1:7f:20:33:26:
28:f8:8f:bf:dd:1c:34:39:cc:84:f7:d4:74:a5:f1:
88:34:94:76:ab:e6:cc:38:68:7b:62:35:9c:e7:c8:
b9:23:a7:4b:d0:3a:19:3d:3f:b4:f0:7b:67:0d:39:
bf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9D:C1:7A:95:9A:79:08:98:23:A9:D7:C6:78:1D:C4:62:40:B5:E2
X509v3 Authority Key Identifier:
keyid:9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/d53BepWaeQiYI6nXxngdxGJAteI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/m7rm4-12beR6umaTu1r4pkiXQxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.28.0/22
IPv6:
2a0e:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:9b:2f:f1:19:c4:07:33:1d:93:32:3c:75:b0:51:28:b9:df:
f4:27:7e:bd:69:a1:3d:b5:fa:bc:7f:4a:73:4e:33:fe:da:23:
18:40:df:e1:89:d4:4a:f4:03:50:45:e4:68:4c:c2:11:25:9a:
ee:db:58:08:5c:b2:0f:8a:19:21:ff:1f:6c:cf:fb:f7:9c:09:
04:33:07:58:d1:44:5f:92:e2:10:74:d9:47:86:19:90:1e:10:
47:a0:89:89:1a:a8:c6:41:ac:56:df:8e:bf:26:ef:05:d5:b9:
12:6b:09:75:38:f5:3f:92:9a:21:e1:8e:e2:93:d7:7f:12:76:
05:36:8c:66:1c:8b:5d:eb:72:c5:ae:88:29:5b:a3:de:58:2d:
b9:1e:36:8d:1c:a0:16:e4:d6:55:bc:99:6a:6d:68:9b:7d:86:
32:72:41:e7:f5:bc:1c:f3:95:69:57:31:ea:48:65:9d:86:18:
49:b2:ea:35:c7:a6:71:c3:b4:d0:05:ec:a7:c2:07:7a:3a:20:
53:21:8d:d7:bf:c3:5e:5d:b5:54:4f:ff:58:88:c5:7d:e6:b2:
d3:ad:b0:05:2b:98:43:fe:54:d2:98:37:17:dc:bf:08:30:83:
c4:74:67:7c:46:1c:83:7f:02:ca:0b:d2:47:69:e1:94:50:f9:
45:37:d9:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVryioLIx4fR+mn/REz22xbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmFlNmUzZWQ3NjZkZTQ3YWJhNjY5M2JiNWFmOGE2NDg5
NzQzMTAwHhcNMjMwMTAxMDUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzlkYzE3YTk1OWE3OTA4OTgyM2E5ZDdjNjc4MWRjNDYyNDBiNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+7zTRKdkidzneG0/HZIA7oWOg5a
zM+wiZYk68d329VArZ2n12ao1/vMaSHL4K+eOWY8kE/TFxVQ0CgFa9JytoLzQpS5
2zk6s4Jog8NRcpiWFY9C4oXEHNL1ffbWF1D+pe5dANJQm8sIKqGos2fVOfM+5T67
elQvDe1wSMOiUZ49EhenKe52S0fY3hHPFBfUUMAx/xGTfo2VTGzi01ZEkE+0F+2U
X7YhtAdhiI/f/osGlegM0tPxyWet2xtkjp5X34PFTqc3/NU935xcoX8gMyYo+I+/
3Rw0OcyE99R0pfGINJR2q+bMOGh7YjWc58i5I6dL0DoZPT+08HtnDTm/RwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHedwXqVmnkImCOp18Z4HcRiQLXiMB8GA1UdIwQY
MBaAFJu65uPtdm3kerpmk7ta+KZIl0MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQt
OTg1YzY0ZmUyN2VlLzEvZDUzQmVwV2FlUWlZSTZuWHhuZ2R4R0pBdGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQtOTg1YzY0ZmUyN2Vl
LzEvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVscMA0E
AgACMAcDBQMqDiXAMA0GCSqGSIb3DQEBCwUAA4IBAQABmy/xGcQHMx2TMjx1sFEo
ud/0J369aaE9tfq8f0pzTjP+2iMYQN/hidRK9ANQReRoTMIRJZru21gIXLIPihkh
/x9sz/v3nAkEMwdY0URfkuIQdNlHhhmQHhBHoImJGqjGQaxW346/Ju8F1bkSawl1
OPU/kpoh4Y7ik9d/EnYFNoxmHItd63LFrogpW6PeWC25HjaNHKAW5NZVvJlqbWib
fYYyckHn9bwc85VpVzHqSGWdhhhJsuo1x6Zxw7TQBeynwgd6OiBTIY3Xv8NeXbVU
T/9YiMV95rLTrbAFK5hD/lTSmDcX3L8IMIPEdGd8RhyDfwLKC9JHaeGUUPlFN9nk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:35 2025 by rpki-client