Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/73c829-1518-4d41-92c2-7e0ab8bcae89/1/d6NJzbIHKEZaoE19_uMP077ZM8o.roa
File: d6NJzbIHKEZaoE19_uMP077ZM8o.roa (raw, json)
Hash identifier: 6LdknIzfokg++XRF+eOXjb0DOUCEhv0ZSVYzovalCpk=
Subject key identifier: 77:A3:49:CD:B2:07:28:46:5A:A0:4D:7D:FE:E3:0F:D3:BE:D9:33:CA
Certificate issuer: /CN=316f433bb4cedd72d86c44ed8599903522b5e4f1
Certificate serial: 02142C7C
Authority key identifier: 31:6F:43:3B:B4:CE:DD:72:D8:6C:44:ED:85:99:90:35:22:B5:E4:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MW9DO7TO3XLYbETthZmQNSK15PE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/73c829-1518-4d41-92c2-7e0ab8bcae89/1/d6NJzbIHKEZaoE19_uMP077ZM8o.roa
Signing time: Sat 01 Jan 2022 09:02:03 +0000
ROA not before: Sat 01 Jan 2022 09:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61051
IP address blocks: 91.209.46.0/24 maxlen: 24
2a05:f540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34876540 (0x2142c7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=316f433bb4cedd72d86c44ed8599903522b5e4f1
Validity
Not Before: Jan 1 09:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77a349cdb20728465aa04d7dfee30fd3bed933ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:80:da:53:22:21:22:20:33:b9:3e:be:6d:
b4:37:9f:cc:2b:8d:b5:40:65:cf:ab:be:b6:a1:e0:
9e:b2:af:95:0f:6b:a0:4f:bb:71:68:f3:02:ac:dc:
c1:d2:a0:cb:7b:a4:23:0c:7c:5d:b5:37:0d:59:95:
77:08:f7:d9:80:69:8f:90:45:00:41:f3:18:c5:09:
e4:cc:31:fa:63:a1:a2:f7:ac:41:51:48:7e:38:28:
68:90:cd:3d:ef:60:24:2b:01:5c:c8:07:2b:d6:21:
94:3a:37:55:db:73:4e:25:d8:b1:97:fb:88:16:02:
fa:10:6f:6b:60:ca:6c:88:8e:96:1b:88:ce:9a:e8:
a5:a4:61:73:2e:36:13:b4:7f:47:07:71:c8:3a:99:
79:77:7f:a3:06:bf:fc:8c:1f:35:6b:f8:07:9c:36:
77:80:df:6e:5d:f5:17:36:b6:05:b6:cd:1f:99:af:
01:2a:bb:10:f3:1f:ee:65:77:f3:1d:2a:33:0b:99:
25:bd:ba:62:a9:d5:3d:ea:58:84:4a:88:ac:1a:ed:
d5:f2:3f:ea:7a:b0:aa:d0:81:ff:e7:eb:f6:62:c1:
9f:f5:9e:7d:ee:5e:67:0d:ae:51:48:ca:ac:20:20:
20:fb:55:41:49:4b:61:2b:76:0c:d6:e9:dd:d2:41:
71:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A3:49:CD:B2:07:28:46:5A:A0:4D:7D:FE:E3:0F:D3:BE:D9:33:CA
X509v3 Authority Key Identifier:
keyid:31:6F:43:3B:B4:CE:DD:72:D8:6C:44:ED:85:99:90:35:22:B5:E4:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MW9DO7TO3XLYbETthZmQNSK15PE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/73c829-1518-4d41-92c2-7e0ab8bcae89/1/d6NJzbIHKEZaoE19_uMP077ZM8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/73c829-1518-4d41-92c2-7e0ab8bcae89/1/MW9DO7TO3XLYbETthZmQNSK15PE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.46.0/24
IPv6:
2a05:f540::/29
Signature Algorithm: sha256WithRSAEncryption
3c:c9:a9:b9:2f:91:3e:c5:af:f2:1d:d1:6f:0d:8a:f6:a5:fa:
2c:b7:3c:61:7e:3c:e0:57:e6:2a:d4:b6:59:fa:27:26:1a:49:
fa:56:97:a1:11:99:41:b5:7f:cf:ca:2e:ec:11:27:5f:38:61:
17:e5:79:6b:70:16:48:54:b0:01:d6:76:a6:10:21:bd:73:d5:
6d:de:66:ef:c8:c8:55:bc:35:67:ac:88:e7:5d:16:42:bc:f3:
d6:8b:17:a1:30:7e:a7:f1:3e:21:42:0d:9d:32:9c:d0:07:e5:
90:37:78:61:4b:94:a6:9d:a2:6d:eb:a9:9c:30:9d:79:2c:a2:
4a:b8:ff:4e:35:fe:b9:31:a3:64:66:34:4f:f3:b7:59:13:f0:
bf:77:01:5e:82:69:b0:da:c3:cc:0f:12:e4:d1:cc:f2:55:6c:
46:38:d5:4d:87:72:5b:1d:6a:00:15:1c:a8:f5:41:bb:b0:d4:
47:b7:20:fc:9e:0d:97:52:8f:51:e6:55:a6:0c:ed:bd:8c:5d:
a5:4b:02:9d:7a:dc:2e:fc:13:ec:f2:74:30:cc:6e:40:1e:15:
a9:33:85:f3:c6:42:40:3e:3a:0d:38:2f:cf:5e:99:86:43:40:
1d:58:8d:2b:05:be:5b:0c:7c:9b:6c:c0:a5:b5:ca:f8:aa:8e:
d3:c0:7f:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAhQsfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTZmNDMzYmI0Y2VkZDcyZDg2YzQ0ZWQ4NTk5OTAzNTIyYjVlNGYxMB4XDTIyMDEw
MTA5MDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdhMzQ5Y2RiMjA3
Mjg0NjVhYTA0ZDdkZmVlMzBmZDNiZWQ5MzNjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1ogNpTIiEiIDO5Pr5ttDefzCuNtUBlz6u+tqHgnrKvlQ9r
oE+7cWjzAqzcwdKgy3ukIwx8XbU3DVmVdwj32YBpj5BFAEHzGMUJ5Mwx+mOhoves
QVFIfjgoaJDNPe9gJCsBXMgHK9YhlDo3VdtzTiXYsZf7iBYC+hBva2DKbIiOlhuI
zpropaRhcy42E7R/RwdxyDqZeXd/owa//IwfNWv4B5w2d4Dfbl31Fza2BbbNH5mv
ASq7EPMf7mV38x0qMwuZJb26YqnVPepYhEqIrBrt1fI/6nqwqtCB/+fr9mLBn/We
fe5eZw2uUUjKrCAgIPtVQUlLYSt2DNbp3dJBcaMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR3o0nNsgcoRlqgTX3+4w/TvtkzyjAfBgNVHSMEGDAWgBQxb0M7tM7dcths
RO2FmZA1IrXk8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01XOURPN1RPM1hMWWJFVHRoWm1RTlNLMTVQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvNzNjODI5LTE1MTgtNGQ0MS05MmMyLTdlMGFiOGJjYWU4OS8x
L2Q2Tkp6YklIS0VaYW9FMTlfdU1QMDc3Wk04by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
NzNjODI5LTE1MTgtNGQ0MS05MmMyLTdlMGFiOGJjYWU4OS8xL01XOURPN1RPM1hM
WWJFVHRoWm1RTlNLMTVQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvRLjANBAIAAjAHAwUDKgX1QDAN
BgkqhkiG9w0BAQsFAAOCAQEAPMmpuS+RPsWv8h3Rbw2K9qX6LLc8YX484FfmKtS2
WfonJhpJ+laXoRGZQbV/z8ou7BEnXzhhF+V5a3AWSFSwAdZ2phAhvXPVbd5m78jI
Vbw1Z6yI510WQrzz1osXoTB+p/E+IUINnTKc0AflkDd4YUuUpp2ibeupnDCdeSyi
Srj/TjX+uTGjZGY0T/O3WRPwv3cBXoJpsNrDzA8S5NHM8lVsRjjVTYdyWx1qABUc
qPVBu7DUR7cg/J4Nl1KPUeZVpgztvYxdpUsCnXrcLvwT7PJ0MMxuQB4VqTOF88ZC
QD46DTgvz16ZhkNAHViNKwW+Wwx8m2zApbXK+KqO08B/3w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:53 2025 by rpki-client