Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/ibYg50gcvEd8sCcaWuV9rwI5DOE.roa
File: ibYg50gcvEd8sCcaWuV9rwI5DOE.roa (raw, json)
Hash identifier: P20/yzw4U6Fc8ms538AMHgjOQN9bSa0pSSNG5f7D9/Q=
Subject key identifier: 89:B6:20:E7:48:1C:BC:47:7C:B0:27:1A:5A:E5:7D:AF:02:39:0C:E1
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 0186979CDEAB314481EBC05FE28EB0BA2917
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/ibYg50gcvEd8sCcaWuV9rwI5DOE.roa
Signing time: Tue 28 Feb 2023 10:41:25 +0000
ROA not before: Tue 28 Feb 2023 10:41:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30731
IP address blocks: 91.236.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:9c:de:ab:31:44:81:eb:c0:5f:e2:8e:b0:ba:29:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Feb 28 10:41:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89b620e7481cbc477cb0271a5ae57daf02390ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:81:96:24:1e:e9:51:f4:80:af:2c:c2:3a:f7:
46:cf:e4:11:e2:15:fd:ad:2e:c2:5b:9a:4d:28:9f:
2e:c6:f3:e7:03:de:e0:95:4f:23:c8:d3:c4:20:b2:
e2:d9:a0:47:9f:96:ed:b2:e2:82:53:f4:04:da:ca:
25:8a:e8:37:07:52:8f:e2:49:d7:3c:ea:85:c5:30:
ea:c5:9a:b3:d2:41:ef:3b:bb:51:4d:b5:a8:fd:6a:
4b:e2:0d:9a:4f:5a:33:79:fa:73:dd:a3:7d:7e:70:
1e:6b:a9:68:f8:fd:d7:d6:2c:76:80:51:01:47:f2:
7c:12:fc:88:97:53:45:33:14:98:38:bf:0d:03:cf:
0a:13:19:a3:83:a2:a5:93:20:2a:3f:39:80:36:52:
3a:6b:0e:8f:97:5d:b5:2a:32:39:49:f7:c9:c4:c5:
83:b0:20:4b:4c:dd:5b:bd:2d:44:0f:67:2a:7a:d3:
d5:ad:7d:93:5f:8f:b0:1a:66:89:04:c9:29:d9:d4:
cd:df:7b:15:6c:58:f4:66:c0:43:6e:92:43:5e:27:
c7:c3:50:a8:64:46:01:e1:b9:ff:b8:a6:ba:be:6f:
f3:d0:26:82:00:ef:06:3b:05:4c:f2:85:bd:1b:bd:
b3:7a:26:3f:c5:6b:a9:71:7a:0c:ac:44:17:52:51:
a8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B6:20:E7:48:1C:BC:47:7C:B0:27:1A:5A:E5:7D:AF:02:39:0C:E1
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/ibYg50gcvEd8sCcaWuV9rwI5DOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.130.0/24
Signature Algorithm: sha256WithRSAEncryption
06:76:ab:d4:53:45:f9:24:1a:cf:2b:e7:cf:79:29:3d:aa:78:
f1:40:ec:17:b2:97:a8:10:f6:0f:18:77:c1:10:51:56:e4:19:
df:1f:8e:28:15:14:4e:db:f7:09:c4:f6:84:9c:1e:14:4d:e9:
53:39:41:3d:c9:5a:89:00:d2:40:71:1a:e5:7d:e2:c4:0b:50:
8a:82:ae:0b:f0:02:89:ee:01:3a:c4:d4:cc:18:22:d0:7b:e3:
17:1d:3f:22:18:7a:21:96:83:ed:2e:e3:24:87:0a:f1:99:1a:
a1:39:83:37:86:da:50:93:36:ef:10:a2:71:1d:e8:9f:8b:99:
35:79:c2:6d:1b:95:b8:1a:c2:85:29:04:98:ff:4d:4b:3c:d0:
1a:a3:8c:77:ce:65:ad:db:1a:a3:0c:54:2b:7e:88:17:2f:a6:
3a:32:12:d1:9f:25:3e:ba:2f:bd:15:c1:eb:06:0a:99:fa:b4:
1b:36:00:d7:28:6f:d1:e9:50:2c:a0:ad:a9:7f:5c:9b:1c:2b:
e9:47:3f:62:aa:3a:e5:65:47:5a:be:22:12:0f:62:84:79:b1:
9d:e2:22:53:b7:bc:d2:82:91:c9:9e:ec:60:ce:f1:9a:74:52:
4c:5a:18:e6:4c:78:63:e7:7a:40:3b:1f:61:0d:34:a3:4c:61:
cd:c0:19:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaXnN6rMUSB68Bf4o6wuikXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjMwMjI4MTA0MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI2MjBlNzQ4MWNiYzQ3N2NiMDI3MWE1YWU1N2RhZjAyMzkwY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYGWJB7pUfSAryzCOvdGz+QR4hX9
rS7CW5pNKJ8uxvPnA97glU8jyNPEILLi2aBHn5btsuKCU/QE2soliug3B1KP4knX
POqFxTDqxZqz0kHvO7tRTbWo/WpL4g2aT1ozefpz3aN9fnAea6lo+P3X1ix2gFEB
R/J8EvyIl1NFMxSYOL8NA88KExmjg6KlkyAqPzmANlI6aw6Pl121KjI5SffJxMWD
sCBLTN1bvS1ED2cqetPVrX2TX4+wGmaJBMkp2dTN33sVbFj0ZsBDbpJDXifHw1Co
ZEYB4bn/uKa6vm/z0CaCAO8GOwVM8oW9G72zeiY/xWupcXoMrEQXUlGoVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIm2IOdIHLxHfLAnGlrlfa8COQzhMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvaWJZZzUwZ2N2RWQ4c0NjYVd1Vjlyd0k1RE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yCMA0G
CSqGSIb3DQEBCwUAA4IBAQAGdqvUU0X5JBrPK+fPeSk9qnjxQOwXspeoEPYPGHfB
EFFW5BnfH44oFRRO2/cJxPaEnB4UTelTOUE9yVqJANJAcRrlfeLEC1CKgq4L8AKJ
7gE6xNTMGCLQe+MXHT8iGHohloPtLuMkhwrxmRqhOYM3htpQkzbvEKJxHeifi5k1
ecJtG5W4GsKFKQSY/01LPNAao4x3zmWt2xqjDFQrfogXL6Y6MhLRnyU+ui+9FcHr
BgqZ+rQbNgDXKG/R6VAsoK2pf1ybHCvpRz9iqjrlZUdaviISD2KEebGd4iJTt7zS
gpHJnuxgzvGadFJMWhjmTHhj53pAOx9hDTSjTGHNwBlR
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:28:49 2025 by rpki-client