Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/U01AQvZ4HEgG9et8xByqF6vCEL8.roa
File: U01AQvZ4HEgG9et8xByqF6vCEL8.roa (raw, json)
Hash identifier: ZZP3KzVsCV/NrB2X36M/KhwGf25i205H8tIbUUBVDZE=
Subject key identifier: 53:4D:40:42:F6:78:1C:48:06:F5:EB:7C:C4:1C:AA:17:AB:C2:10:BF
Certificate issuer: /CN=e6cc65c27c23298b0c5a0e0bc74ba51034a704c8
Certificate serial: 0185729ECA8583E13A13C8B5496F0CF6E505
Authority key identifier: E6:CC:65:C2:7C:23:29:8B:0C:5A:0E:0B:C7:4B:A5:10:34:A7:04:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/U01AQvZ4HEgG9et8xByqF6vCEL8.roa
Signing time: Mon 02 Jan 2023 13:14:47 +0000
ROA not before: Mon 02 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31010
IP address blocks: 91.212.85.0/24 maxlen: 24
2001:678:598::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ca:85:83:e1:3a:13:c8:b5:49:6f:0c:f6:e5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6cc65c27c23298b0c5a0e0bc74ba51034a704c8
Validity
Not Before: Jan 2 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=534d4042f6781c4806f5eb7cc41caa17abc210bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:54:26:8b:4c:90:71:bf:a3:64:3e:d1:fb:
ff:d6:aa:00:89:e5:3c:23:ee:29:e9:86:7a:75:86:
bc:0f:ea:bd:e4:33:86:45:dd:4a:11:fe:15:34:c7:
01:a8:99:38:8b:46:e4:78:4b:b4:2b:3f:51:b8:a0:
e4:85:61:e0:1c:0f:be:86:11:30:ed:eb:e5:9a:58:
86:af:c6:c5:d5:fe:72:20:83:0b:eb:a9:45:60:a0:
5e:9b:0d:6e:70:c7:fb:5e:aa:99:0f:aa:d8:3b:ad:
12:36:18:61:f8:75:14:2e:52:59:3d:9b:69:32:d8:
72:dd:14:ea:cd:59:53:49:53:0a:56:29:b4:7c:e2:
93:20:c5:26:c3:3d:2e:de:83:17:2c:39:a1:e4:b3:
1e:a2:f7:09:2a:f1:82:cc:97:66:3f:63:b9:b0:1b:
df:dc:49:f1:06:f1:ef:58:f3:dc:e8:9b:f9:e0:4c:
7c:91:99:9c:27:b8:64:05:4c:9a:6e:b1:72:8a:8e:
59:e4:6f:0a:3f:42:0b:13:49:d7:00:e2:6a:9c:9e:
56:68:68:b8:d2:fd:1b:41:0f:72:1b:9a:ff:a7:00:
40:b4:6b:3e:8b:48:a9:4b:1b:a7:fd:b2:4d:e8:f6:
38:28:00:81:40:fe:8e:40:31:f9:3c:d2:c9:bb:23:
24:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4D:40:42:F6:78:1C:48:06:F5:EB:7C:C4:1C:AA:17:AB:C2:10:BF
X509v3 Authority Key Identifier:
keyid:E6:CC:65:C2:7C:23:29:8B:0C:5A:0E:0B:C7:4B:A5:10:34:A7:04:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/U01AQvZ4HEgG9et8xByqF6vCEL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.85.0/24
IPv6:
2001:678:598::/48
Signature Algorithm: sha256WithRSAEncryption
76:c9:81:10:2e:55:c8:54:2a:5c:99:8c:d6:c2:bf:9e:c1:00:
b7:22:d0:25:55:41:c7:a1:94:5a:02:90:59:00:cd:96:b2:56:
9c:e1:86:fc:b4:1a:d3:40:a5:54:ca:8e:6b:ad:74:34:99:32:
99:5a:7a:a1:f8:9a:f6:fb:46:0d:04:69:d2:9f:9f:67:2a:5f:
fe:24:d0:03:b3:76:5a:46:41:ad:bf:d6:c4:36:c0:8d:8e:3b:
86:c0:46:45:4c:b7:4a:7b:14:95:86:de:6b:5a:70:c0:6e:0b:
38:4b:b0:e0:a4:ce:16:85:21:99:1f:0a:0e:1f:02:8f:56:6b:
a8:94:3e:c3:77:82:92:39:05:5b:be:a4:06:ac:5d:8f:98:16:
46:e7:a1:a3:0e:e1:86:22:ce:97:2d:24:b8:0b:29:96:78:5e:
c4:2b:c2:c9:9b:61:94:c5:cb:c3:14:02:cc:76:d2:4b:e5:11:
36:91:da:28:cc:0b:1b:f5:74:53:1c:d8:60:cf:94:58:94:67:
2a:24:0c:ab:b0:8c:52:02:91:ff:da:97:6c:a4:7a:88:6c:59:
94:a1:ba:ab:a6:91:83:53:41:5a:96:f4:ae:4a:7c:13:7d:5c:
37:b8:c5:68:b5:9a:da:7a:56:5f:e1:75:fd:7e:98:98:46:a7:
cf:61:e8:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVynsqFg+E6E8i1SW8M9uUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2Y2M2NWMyN2MyMzI5OGIwYzVhMGUwYmM3NGJhNTEwMzRh
NzA0YzgwHhcNMjMwMTAyMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRkNDA0MmY2NzgxYzQ4MDZmNWViN2NjNDFjYWExN2FiYzIxMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5pUJotMkHG/o2Q+0fv/1qoAieU8
I+4p6YZ6dYa8D+q95DOGRd1KEf4VNMcBqJk4i0bkeEu0Kz9RuKDkhWHgHA++hhEw
7evlmliGr8bF1f5yIIML66lFYKBemw1ucMf7XqqZD6rYO60SNhhh+HUULlJZPZtp
Mthy3RTqzVlTSVMKVim0fOKTIMUmwz0u3oMXLDmh5LMeovcJKvGCzJdmP2O5sBvf
3EnxBvHvWPPc6Jv54Ex8kZmcJ7hkBUyabrFyio5Z5G8KP0ILE0nXAOJqnJ5WaGi4
0v0bQQ9yG5r/pwBAtGs+i0ipSxun/bJN6PY4KACBQP6OQDH5PNLJuyMkzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFNNQEL2eBxIBvXrfMQcqherwhC/MB8GA1UdIwQY
MBaAFObMZcJ8IymLDFoOC8dLpRA0pwTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXN4bHdud2pLWXNNV2c0THgwdWxFRFNuQk1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZThiYWQtMTIxYy00YTU2LTk2Y2Qt
YWFjZmMwZGJlZDEyLzEvVTAxQVF2WjRIRWdHOWV0OHhCeXFGNnZDRUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZThiYWQtMTIxYy00YTU2LTk2Y2QtYWFjZmMwZGJlZDEy
LzEvNXN4bHdud2pLWXNNV2c0THgwdWxFRFNuQk1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9RVMA8E
AgACMAkDBwAgAQZ4BZgwDQYJKoZIhvcNAQELBQADggEBAHbJgRAuVchUKlyZjNbC
v57BALci0CVVQcehlFoCkFkAzZayVpzhhvy0GtNApVTKjmutdDSZMplaeqH4mvb7
Rg0EadKfn2cqX/4k0AOzdlpGQa2/1sQ2wI2OO4bARkVMt0p7FJWG3mtacMBuCzhL
sOCkzhaFIZkfCg4fAo9Wa6iUPsN3gpI5BVu+pAasXY+YFkbnoaMO4YYizpctJLgL
KZZ4XsQrwsmbYZTFy8MUAsx20kvlETaR2ijMCxv1dFMc2GDPlFiUZyokDKuwjFIC
kf/al2ykeohsWZShuqumkYNTQVqW9K5KfBN9XDe4xWi1mtp6Vl/hdf1+mJhGp89h
6CM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:51 2025 by rpki-client