Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa
File: aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa (raw, json)
Hash identifier: quj+MRFvDqIK0H6ZidHu/y+vV+8ubNkG6uDlztdYAEM=
Subject key identifier: 69:36:E3:27:2D:84:BB:C5:26:95:C3:F8:80:17:B0:DF:8A:84:14:34
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042AB40FCB62641AE0C057281155763
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57967
IP address blocks: 91.237.90.0/24 maxlen: 24
2001:67c:2794::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ab:40:fc:b6:26:41:ae:0c:05:72:81:15:57:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6936e3272d84bbc52695c3f88017b0df8a841434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9c:11:d7:34:69:f6:f0:03:76:c8:fa:53:96:
7b:df:60:bd:fb:c7:90:35:03:b5:9c:49:b6:14:7f:
ec:2e:e9:21:ef:86:69:11:94:39:bc:14:95:80:dc:
5d:ba:67:33:79:d1:2f:51:4a:eb:2a:99:ed:2b:e5:
83:cd:96:60:00:da:b4:08:83:3f:ef:df:b9:b6:be:
78:96:04:d3:33:a8:b9:c8:17:2a:e8:8f:34:62:3b:
f9:ee:79:85:bf:bb:2e:a0:95:f5:65:31:e3:c3:3b:
c0:a8:be:34:37:17:4e:fa:e6:bc:b9:b2:51:13:46:
9c:53:c2:7f:35:4b:8e:f9:fe:af:4b:23:ff:66:35:
1d:19:56:a4:3a:4e:e2:f5:18:c9:b8:6b:df:ce:0c:
e7:89:9c:43:13:9a:f2:38:ee:a2:67:f7:8e:83:a9:
a6:28:3b:6e:61:59:67:6c:ff:60:a4:2d:c5:ab:f9:
f5:c1:4d:c8:5f:bb:4b:f7:ea:23:3e:81:62:72:f6:
9c:db:ec:91:84:21:d9:96:a1:cf:a8:2a:70:be:bd:
02:4b:93:0a:77:12:ab:00:87:3b:80:e8:24:bc:cd:
a6:7d:e5:9c:a8:d0:cb:a4:dd:54:c1:b3:51:a3:22:
48:82:40:98:5f:80:8e:f3:75:c8:7a:8a:5e:a3:4f:
71:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:36:E3:27:2D:84:BB:C5:26:95:C3:F8:80:17:B0:DF:8A:84:14:34
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.90.0/24
IPv6:
2001:67c:2794::/48
Signature Algorithm: sha256WithRSAEncryption
43:4f:ae:12:ab:4e:e9:59:f7:3f:24:ae:6b:b8:aa:1f:c5:c1:
91:9b:e6:55:61:85:7b:32:a7:6e:8e:c8:7e:fd:b3:86:17:1e:
40:74:64:5d:f9:c6:eb:bf:f6:28:cd:9b:6f:4f:7a:af:b0:44:
00:f0:96:4e:6f:87:a1:62:1c:ed:2f:dc:40:98:d0:79:2c:79:
cb:a1:aa:23:e3:0c:a9:ac:df:fd:3a:16:09:42:20:da:c3:c2:
d4:8c:b3:be:ea:4a:e7:24:bf:92:ce:f7:b7:a5:05:10:52:45:
4e:76:3c:a4:c7:4f:c7:fd:6c:6b:02:2e:9b:2d:3e:c4:67:ba:
c6:45:17:a9:fb:bc:6d:ca:7f:e0:14:0e:cc:ce:ba:9c:4e:ce:
b0:d5:44:86:c2:3a:8a:5a:66:c4:f7:d7:a3:bc:a8:2c:87:70:
d2:46:c1:10:10:a9:a6:2c:18:f1:22:bc:90:b4:03:a8:ac:ea:
ce:1a:01:90:9a:03:dd:e7:3e:0a:20:68:10:b5:83:f6:d9:f0:
64:0f:09:a7:68:3f:70:e0:47:59:7c:1b:f9:b3:2c:ad:36:57:
dd:7b:6b:d2:48:88:8b:11:3d:c7:78:1e:42:d7:f3:21:20:dc:
28:9a:5d:b3:8b:98:04:0d:57:ce:6d:3d:68:16:f3:5f:e2:ef:
8b:0d:45:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwQqtA/LYmQa4MBXKBFVdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM2ZTMyNzJkODRiYmM1MjY5NWMzZjg4MDE3YjBkZjhhODQxNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZwR1zRp9vADdsj6U5Z732C9+8eQ
NQO1nEm2FH/sLukh74ZpEZQ5vBSVgNxdumczedEvUUrrKpntK+WDzZZgANq0CIM/
79+5tr54lgTTM6i5yBcq6I80Yjv57nmFv7suoJX1ZTHjwzvAqL40NxdO+ua8ubJR
E0acU8J/NUuO+f6vSyP/ZjUdGVakOk7i9RjJuGvfzgzniZxDE5ryOO6iZ/eOg6mm
KDtuYVlnbP9gpC3Fq/n1wU3IX7tL9+ojPoFicvac2+yRhCHZlqHPqCpwvr0CS5MK
dxKrAIc7gOgkvM2mfeWcqNDLpN1UwbNRoyJIgkCYX4CO83XIeopeo09xawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGk24ycthLvFJpXD+IAXsN+KhBQ0MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvYVRiakp5MkV1OFVtbGNQNGdCZXczNHFFRkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1aMA8E
AgACMAkDBwAgAQZ8J5QwDQYJKoZIhvcNAQELBQADggEBAENPrhKrTulZ9z8krmu4
qh/FwZGb5lVhhXsyp26OyH79s4YXHkB0ZF35xuu/9ijNm29Peq+wRADwlk5vh6Fi
HO0v3ECY0HksecuhqiPjDKms3/06FglCINrDwtSMs77qSuckv5LO97elBRBSRU52
PKTHT8f9bGsCLpstPsRnusZFF6n7vG3Kf+AUDszOupxOzrDVRIbCOopaZsT316O8
qCyHcNJGwRAQqaYsGPEivJC0A6is6s4aAZCaA93nPgogaBC1g/bZ8GQPCadoP3Dg
R1l8G/mzLK02V917a9JIiIsRPcd4HkLX8yEg3CiaXbOLmAQNV85tPWgW81/i74sN
RSg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:53 2025 by rpki-client