Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/4fbea8-5e79-46a2-ba5c-a16d97afa643/1/RxoQ6GfdeXF-PJZBI392UroeNdY.roa
File: RxoQ6GfdeXF-PJZBI392UroeNdY.roa (raw, json)
Hash identifier: fIY/gwwTLzRhcg5Bu79WKJrg7PnO2S1xZRn9pGfGcBE=
Subject key identifier: 47:1A:10:E8:67:DD:79:71:7E:3C:96:41:23:7F:76:52:BA:1E:35:D6
Certificate issuer: /CN=43772b99993b0608d2782af45a22eb93c7fda63b
Certificate serial: 01857094DC9DE1EFC6ABBA58903E86D65B75
Authority key identifier: 43:77:2B:99:99:3B:06:08:D2:78:2A:F4:5A:22:EB:93:C7:FD:A6:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q3crmZk7BgjSeCr0WiLrk8f9pjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/4fbea8-5e79-46a2-ba5c-a16d97afa643/1/RxoQ6GfdeXF-PJZBI392UroeNdY.roa
Signing time: Mon 02 Jan 2023 03:44:42 +0000
ROA not before: Mon 02 Jan 2023 03:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198593
IP address blocks: 91.237.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:dc:9d:e1:ef:c6:ab:ba:58:90:3e:86:d6:5b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43772b99993b0608d2782af45a22eb93c7fda63b
Validity
Not Before: Jan 2 03:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=471a10e867dd79717e3c9641237f7652ba1e35d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4a:da:29:a1:56:e0:2c:61:1a:5f:f8:aa:05:
d4:25:b0:5d:7b:3d:6b:28:a5:58:fb:24:99:85:6b:
12:8f:a9:0d:5a:e3:4e:16:17:ee:6b:39:f3:b5:e1:
43:04:57:c2:de:62:8c:95:46:b1:11:26:ef:a5:a2:
52:4b:9d:63:a3:37:7d:0e:25:7d:32:14:9d:28:8e:
94:3e:33:2d:80:84:0c:83:0d:18:f1:2b:22:79:35:
aa:61:de:34:dc:b8:af:31:00:5c:96:d5:56:74:98:
b6:1b:d2:48:3a:dc:c2:a9:a4:86:17:de:03:33:51:
c3:89:84:9f:9d:ec:bf:9d:75:65:38:7b:f3:f9:56:
f3:8c:5d:4f:ea:4c:20:94:e6:05:9b:4e:af:c7:62:
57:d0:16:81:e0:88:82:2b:81:51:8c:5e:80:25:2d:
cb:06:ef:ff:fe:34:45:1a:b0:5c:97:79:78:f4:3f:
30:63:d2:85:84:40:1b:73:20:c7:ad:5c:66:cc:63:
e5:f4:65:2b:75:c2:85:40:05:8f:98:3d:52:dd:ec:
06:bc:ed:c8:0c:20:ba:43:71:87:fe:c3:d5:d5:7b:
e2:84:2c:3e:4c:93:8e:de:c3:13:00:5f:09:a2:9c:
8a:05:a4:04:97:7c:78:81:1b:35:03:2c:a2:d6:0f:
2a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1A:10:E8:67:DD:79:71:7E:3C:96:41:23:7F:76:52:BA:1E:35:D6
X509v3 Authority Key Identifier:
keyid:43:77:2B:99:99:3B:06:08:D2:78:2A:F4:5A:22:EB:93:C7:FD:A6:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q3crmZk7BgjSeCr0WiLrk8f9pjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/4fbea8-5e79-46a2-ba5c-a16d97afa643/1/RxoQ6GfdeXF-PJZBI392UroeNdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/4fbea8-5e79-46a2-ba5c-a16d97afa643/1/Q3crmZk7BgjSeCr0WiLrk8f9pjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:2a:80:f2:d1:08:d9:e9:3b:10:12:52:d4:52:00:9c:32:89:
07:bb:eb:da:7c:ad:19:51:40:ce:73:4f:fa:61:bf:4b:67:e1:
d0:af:e1:a4:36:03:ce:36:ad:1a:0e:25:71:65:e0:18:48:59:
c6:9c:cc:37:ff:8a:81:8e:9d:b9:17:36:92:19:8f:4e:cd:b8:
d2:1b:72:7a:96:69:00:e3:9e:84:8d:f9:0e:bf:7e:c4:b4:b9:
f4:50:2f:7f:78:b8:11:41:25:a6:d8:58:cf:60:bd:33:f4:46:
57:26:08:b5:1e:a2:02:09:7f:2e:f5:ce:78:a6:47:ce:68:56:
62:b9:64:35:7d:25:1d:9c:49:34:91:e7:14:34:8a:f7:29:2f:
84:0f:da:17:55:70:ad:02:83:d5:d8:60:a3:48:11:28:7f:cc:
99:2f:16:74:a5:38:23:a6:5f:73:c5:73:65:d2:2f:81:b6:61:
64:21:dc:d5:cc:9f:eb:22:af:87:09:ee:7b:17:66:7d:a3:17:
0a:80:3d:bc:fb:4c:ca:3d:24:c8:ca:42:56:f3:97:af:b0:e2:
64:93:5c:5a:d4:22:e8:ab:09:e5:63:2a:af:d2:0e:d4:9a:03:
75:8a:ba:4a:cf:9c:97:19:91:f8:48:4a:7f:cb:cf:df:37:4f:
83:33:49:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlNyd4e/Gq7pYkD6G1lt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNzcyYjk5OTkzYjA2MDhkMjc4MmFmNDVhMjJlYjkzYzdm
ZGE2M2IwHhcNMjMwMTAyMDM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFhMTBlODY3ZGQ3OTcxN2UzYzk2NDEyMzdmNzY1MmJhMWUzNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0raKaFW4CxhGl/4qgXUJbBdez1r
KKVY+ySZhWsSj6kNWuNOFhfuaznzteFDBFfC3mKMlUaxESbvpaJSS51jozd9DiV9
MhSdKI6UPjMtgIQMgw0Y8SsieTWqYd403LivMQBcltVWdJi2G9JIOtzCqaSGF94D
M1HDiYSfney/nXVlOHvz+VbzjF1P6kwglOYFm06vx2JX0BaB4IiCK4FRjF6AJS3L
Bu///jRFGrBcl3l49D8wY9KFhEAbcyDHrVxmzGPl9GUrdcKFQAWPmD1S3ewGvO3I
DCC6Q3GH/sPV1XvihCw+TJOO3sMTAF8JopyKBaQEl3x4gRs1Ayyi1g8qOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcaEOhn3XlxfjyWQSN/dlK6HjXWMB8GA1UdIwQY
MBaAFEN3K5mZOwYI0ngq9Foi65PH/aY7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTNjcm1aazdCZ2pTZUNyMFdpTHJrOGY5cGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80ZmJlYTgtNWU3OS00NmEyLWJhNWMt
YTE2ZDk3YWZhNjQzLzEvUnhvUTZHZmRlWEYtUEpaQkkzOTJVcm9lTmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80ZmJlYTgtNWU3OS00NmEyLWJhNWMtYTE2ZDk3YWZhNjQz
LzEvUTNjcm1aazdCZ2pTZUNyMFdpTHJrOGY5cGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+0FMA0G
CSqGSIb3DQEBCwUAA4IBAQBNKoDy0QjZ6TsQElLUUgCcMokHu+vafK0ZUUDOc0/6
Yb9LZ+HQr+GkNgPONq0aDiVxZeAYSFnGnMw3/4qBjp25FzaSGY9OzbjSG3J6lmkA
456EjfkOv37EtLn0UC9/eLgRQSWm2FjPYL0z9EZXJgi1HqICCX8u9c54pkfOaFZi
uWQ1fSUdnEk0kecUNIr3KS+ED9oXVXCtAoPV2GCjSBEof8yZLxZ0pTgjpl9zxXNl
0i+BtmFkIdzVzJ/rIq+HCe57F2Z9oxcKgD28+0zKPSTIykJW85evsOJkk1xa1CLo
qwnlYyqv0g7UmgN1irpKz5yXGZH4SEp/y8/fN0+DM0mR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:25 2025 by rpki-client