Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d4dade-caef-4cd0-aef3-004f0cb3ed77/1/tn0zO5G6RUXHjlaYvudIjDK5Rxs.roa
File: tn0zO5G6RUXHjlaYvudIjDK5Rxs.roa (raw, json)
Hash identifier: ClIZCDjma+bCpuwS+rqL7np+nbbbxFAHOotAfo9J7WE=
Subject key identifier: B6:7D:33:3B:91:BA:45:45:C7:8E:56:98:BE:E7:48:8C:32:B9:47:1B
Certificate issuer: /CN=3035546ea5b0790549ca0ba1bb2a3e1dbae4a3da
Certificate serial: 01856F5DC1EC0F0636E58678B0D49D943CEF
Authority key identifier: 30:35:54:6E:A5:B0:79:05:49:CA:0B:A1:BB:2A:3E:1D:BA:E4:A3:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDVUbqWweQVJyguhuyo-Hbrko9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d4dade-caef-4cd0-aef3-004f0cb3ed77/1/tn0zO5G6RUXHjlaYvudIjDK5Rxs.roa
Signing time: Sun 01 Jan 2023 22:04:53 +0000
ROA not before: Sun 01 Jan 2023 22:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48016
IP address blocks: 91.208.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c1:ec:0f:06:36:e5:86:78:b0:d4:9d:94:3c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3035546ea5b0790549ca0ba1bb2a3e1dbae4a3da
Validity
Not Before: Jan 1 22:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b67d333b91ba4545c78e5698bee7488c32b9471b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bd:5c:74:2a:15:19:bd:04:e5:ee:64:62:81:
47:4e:13:55:cb:72:05:9a:38:fd:34:7a:1f:7d:ad:
a0:c0:a7:8c:c9:c9:d8:ff:50:21:84:ea:ac:c6:13:
49:91:b7:c4:7e:04:ea:a2:03:5d:b6:c4:40:f0:d0:
80:d5:3a:71:a8:da:54:87:ad:eb:e2:b5:db:cb:c7:
4b:a7:5b:79:3f:35:d7:32:ed:82:2a:ca:86:a4:ef:
0b:0a:bd:7a:c2:70:1c:3d:d5:39:2d:c3:e7:fa:bc:
23:03:dc:4d:48:76:b0:ef:e8:1d:e7:89:5c:c8:9b:
79:27:82:95:ec:5e:aa:fa:fa:ae:04:1b:9f:d7:7f:
ed:4c:89:e3:fd:f7:40:15:63:f0:7a:61:29:82:93:
4b:b4:5d:28:1c:8c:18:e0:36:18:00:c7:2b:3a:36:
ae:c4:32:da:34:12:da:01:67:15:95:fd:4a:25:5c:
65:d0:bf:c7:3e:57:d4:0d:55:60:38:8f:22:68:3d:
5f:b0:b5:ef:20:83:fe:4e:d0:67:23:18:08:b0:64:
3e:6b:fe:87:ed:2e:68:5c:f5:e0:ff:ea:f2:0c:80:
2a:2c:69:13:ae:7a:5f:73:f3:f3:80:84:e4:9d:85:
59:d7:8b:23:4e:d7:16:4d:9f:b4:73:2a:22:33:13:
50:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7D:33:3B:91:BA:45:45:C7:8E:56:98:BE:E7:48:8C:32:B9:47:1B
X509v3 Authority Key Identifier:
keyid:30:35:54:6E:A5:B0:79:05:49:CA:0B:A1:BB:2A:3E:1D:BA:E4:A3:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDVUbqWweQVJyguhuyo-Hbrko9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d4dade-caef-4cd0-aef3-004f0cb3ed77/1/tn0zO5G6RUXHjlaYvudIjDK5Rxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d4dade-caef-4cd0-aef3-004f0cb3ed77/1/MDVUbqWweQVJyguhuyo-Hbrko9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:de:52:25:96:a0:12:0e:09:dd:2f:b3:4d:3b:97:73:1d:3f:
e7:f1:ab:0b:1d:66:0b:36:b2:d0:ff:ed:fa:5a:5d:c8:2a:04:
fb:a5:33:a8:ac:30:94:23:7c:e3:75:9f:b4:fd:41:49:94:6a:
40:24:ad:8e:f9:a2:df:a7:4f:9b:95:fd:47:1b:69:70:92:53:
45:81:1a:dd:3d:5a:27:85:62:f6:c4:13:08:2a:f1:d6:23:d4:
d1:dd:fd:1d:a5:7d:2e:02:6f:d3:73:f7:38:ad:7a:85:9d:10:
51:26:ae:df:6f:8b:a0:34:ce:32:38:8d:29:b3:d4:3a:19:56:
34:d6:9d:09:be:e5:0c:42:e9:95:4d:dc:5d:17:c5:7b:51:91:
d2:db:14:dd:b9:af:6e:f4:21:28:86:7d:33:c5:29:7e:70:d2:
c2:4e:65:a7:39:86:a2:d0:65:4a:ca:04:4d:b8:8a:a0:6a:c8:
54:2c:9a:2c:11:70:09:22:f9:7e:be:de:b1:d4:10:05:97:3b:
c2:d2:4c:87:9e:15:fb:76:44:9b:b3:c8:0e:fa:92:fe:13:7b:
87:cc:8b:a3:db:94:40:ea:b0:ae:87:bf:8d:a3:63:62:f6:31:
54:7a:2a:90:20:ef:75:96:c8:3f:2b:19:ce:78:b2:d8:ef:7a:
bb:be:db:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXcHsDwY25YZ4sNSdlDzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMzU1NDZlYTViMDc5MDU0OWNhMGJhMWJiMmEzZTFkYmFl
NGEzZGEwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdkMzMzYjkxYmE0NTQ1Yzc4ZTU2OThiZWU3NDg4YzMyYjk0NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL1cdCoVGb0E5e5kYoFHThNVy3IF
mjj9NHoffa2gwKeMycnY/1AhhOqsxhNJkbfEfgTqogNdtsRA8NCA1TpxqNpUh63r
4rXby8dLp1t5PzXXMu2CKsqGpO8LCr16wnAcPdU5LcPn+rwjA9xNSHaw7+gd54lc
yJt5J4KV7F6q+vquBBuf13/tTInj/fdAFWPwemEpgpNLtF0oHIwY4DYYAMcrOjau
xDLaNBLaAWcVlf1KJVxl0L/HPlfUDVVgOI8iaD1fsLXvIIP+TtBnIxgIsGQ+a/6H
7S5oXPXg/+ryDIAqLGkTrnpfc/PzgITknYVZ14sjTtcWTZ+0cyoiMxNQOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZ9MzuRukVFx45WmL7nSIwyuUcbMB8GA1UdIwQY
MBaAFDA1VG6lsHkFScoLobsqPh265KPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURWVWJxV3dlUVZKeWd1aHV5by1IYnJrbzlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNGRhZGUtY2FlZi00Y2QwLWFlZjMt
MDA0ZjBjYjNlZDc3LzEvdG4wek81RzZSVVhIamxhWXZ1ZElqREs1UnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kNGRhZGUtY2FlZi00Y2QwLWFlZjMtMDA0ZjBjYjNlZDc3
LzEvTURWVWJxV3dlUVZKeWd1aHV5by1IYnJrbzlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DhMA0G
CSqGSIb3DQEBCwUAA4IBAQB73lIllqASDgndL7NNO5dzHT/n8asLHWYLNrLQ/+36
Wl3IKgT7pTOorDCUI3zjdZ+0/UFJlGpAJK2O+aLfp0+blf1HG2lwklNFgRrdPVon
hWL2xBMIKvHWI9TR3f0dpX0uAm/Tc/c4rXqFnRBRJq7fb4ugNM4yOI0ps9Q6GVY0
1p0JvuUMQumVTdxdF8V7UZHS2xTdua9u9CEohn0zxSl+cNLCTmWnOYai0GVKygRN
uIqgashULJosEXAJIvl+vt6x1BAFlzvC0kyHnhX7dkSbs8gO+pL+E3uHzIuj25RA
6rCuh7+No2Ni9jFUeiqQIO91lsg/KxnOeLLY73q7vtvf
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:40:23 2025 by rpki-client