Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/995e4f-cd42-4dc9-ae24-0ec12cfce421/1/U-ciCS3kahjns3tKD4RVfmAnI7k.roa
File: U-ciCS3kahjns3tKD4RVfmAnI7k.roa (raw, json)
Hash identifier: 07d5AeJyy68Zg3038KYEWMgTu/u5m3SIjpZE0ClD6ZQ=
Subject key identifier: 53:E7:22:09:2D:E4:6A:18:E7:B3:7B:4A:0F:84:55:7E:60:27:23:B9
Certificate issuer: /CN=f9d7469be0d9c4ba889d3e2026ad8adc42c3cf53
Certificate serial: 018570B08AFD734B996649282F85234C1337
Authority key identifier: F9:D7:46:9B:E0:D9:C4:BA:88:9D:3E:20:26:AD:8A:DC:42:C3:CF:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ddGm-DZxLqInT4gJq2K3ELDz1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/995e4f-cd42-4dc9-ae24-0ec12cfce421/1/U-ciCS3kahjns3tKD4RVfmAnI7k.roa
Signing time: Mon 02 Jan 2023 04:14:56 +0000
ROA not before: Mon 02 Jan 2023 04:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49049
IP address blocks: 91.212.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:8a:fd:73:4b:99:66:49:28:2f:85:23:4c:13:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9d7469be0d9c4ba889d3e2026ad8adc42c3cf53
Validity
Not Before: Jan 2 04:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53e722092de46a18e7b37b4a0f84557e602723b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:fb:a2:ad:06:87:0b:fb:54:74:79:b2:3b:
d3:2d:04:72:20:bb:37:58:42:fd:18:1e:ce:0b:a8:
ab:6f:1e:06:86:32:3e:da:06:60:e4:6c:24:66:13:
d1:ca:42:5c:6c:c8:37:60:7e:05:ad:e6:23:9a:9e:
de:3c:0a:7a:d5:a3:61:3d:5b:8c:c7:15:63:dc:1b:
ed:4b:d9:e3:8a:99:92:9b:5b:a6:3e:79:f7:82:8c:
06:45:72:91:bf:fc:30:f7:dc:cb:94:b9:26:b5:56:
8c:52:9b:92:18:b8:66:8b:f3:65:8f:d2:01:91:a2:
09:d2:9c:c6:cb:95:30:0e:ad:01:e7:a1:64:4a:6b:
00:5a:7e:50:91:7a:0b:29:60:b5:e5:4a:24:bd:99:
96:a6:0f:87:fe:8b:3e:f9:5a:8a:28:10:b5:89:83:
df:38:86:25:42:06:6c:1f:0c:a1:3c:a9:32:05:68:
61:ff:7d:c8:17:89:a6:f5:55:bc:7f:f7:cc:3b:e2:
0c:1c:ec:fc:45:a1:42:83:f1:61:29:df:03:53:3e:
0c:f0:3d:d8:c4:70:81:ed:e3:67:01:72:06:0d:dd:
85:19:87:29:86:b9:b6:6d:3f:5e:e3:4f:25:b2:b2:
5f:f0:28:9c:f8:5a:0f:a5:1b:07:f8:41:d1:6e:5b:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E7:22:09:2D:E4:6A:18:E7:B3:7B:4A:0F:84:55:7E:60:27:23:B9
X509v3 Authority Key Identifier:
keyid:F9:D7:46:9B:E0:D9:C4:BA:88:9D:3E:20:26:AD:8A:DC:42:C3:CF:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ddGm-DZxLqInT4gJq2K3ELDz1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/995e4f-cd42-4dc9-ae24-0ec12cfce421/1/U-ciCS3kahjns3tKD4RVfmAnI7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/995e4f-cd42-4dc9-ae24-0ec12cfce421/1/1-ddGm-DZxLqInT4gJq2K3ELDz1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.105.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:53:a2:09:01:4e:e1:b0:57:76:11:74:43:ce:7a:66:19:af:
13:2d:28:e2:f6:85:92:8c:3d:ee:af:02:45:2c:8e:56:99:02:
0c:3f:a7:75:6e:4c:46:3e:2a:d8:6c:7d:48:30:52:85:3a:9c:
8b:9d:74:71:02:1c:39:d8:2b:3b:c2:61:85:52:be:e9:b6:9b:
ff:b6:28:a8:33:28:61:39:49:70:c2:06:df:48:e3:5d:93:0f:
81:6f:60:1a:f1:e5:0b:d1:82:91:40:9f:d6:68:be:6b:e2:67:
e1:b7:5c:48:ec:b7:fc:64:20:13:ee:0e:6f:ba:d2:b4:76:3f:
20:e4:c7:7d:a3:42:60:6b:3d:37:65:f6:89:67:a2:54:86:dd:
ae:f5:13:4c:9c:05:80:ee:3b:91:f1:7e:42:b7:01:61:80:c7:
41:06:dd:d8:0d:73:7e:61:8b:20:5c:e4:33:b2:b5:68:12:ea:
a6:78:fa:d4:42:0e:25:b1:77:e4:bb:37:0b:ac:49:54:11:11:
e1:d1:58:62:bd:78:1b:42:88:8f:a8:87:f3:f3:ab:7e:e4:c6:
42:ae:23:1d:c5:90:00:85:91:22:8f:42:d6:df:a7:41:40:80:
5f:64:bb:ce:0c:ed:09:7e:21:04:77:78:b4:d0:75:8f:50:ad:
ee:59:72:5a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwsIr9c0uZZkkoL4UjTBM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZDc0NjliZTBkOWM0YmE4ODlkM2UyMDI2YWQ4YWRjNDJj
M2NmNTMwHhcNMjMwMTAyMDQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2U3MjIwOTJkZTQ2YTE4ZTdiMzdiNGEwZjg0NTU3ZTYwMjcyM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6v7oq0Ghwv7VHR5sjvTLQRyILs3
WEL9GB7OC6irbx4GhjI+2gZg5GwkZhPRykJcbMg3YH4FreYjmp7ePAp61aNhPVuM
xxVj3BvtS9njipmSm1umPnn3gowGRXKRv/ww99zLlLkmtVaMUpuSGLhmi/Nlj9IB
kaIJ0pzGy5UwDq0B56FkSmsAWn5QkXoLKWC15UokvZmWpg+H/os++VqKKBC1iYPf
OIYlQgZsHwyhPKkyBWhh/33IF4mm9VW8f/fMO+IMHOz8RaFCg/FhKd8DUz4M8D3Y
xHCB7eNnAXIGDd2FGYcphrm2bT9e408lsrJf8Cic+FoPpRsH+EHRbluDNwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFPnIgkt5GoY57N7Sg+EVX5gJyO5MB8GA1UdIwQY
MBaAFPnXRpvg2cS6iJ0+ICatitxCw89TMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1kZEdtLURaeExxSW5UNGdKcTJLM0VMRHoxTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvOTk1ZTRmLWNkNDItNGRjOS1hZTI0
LTBlYzEyY2ZjZTQyMS8xL1UtY2lDUzNrYWhqbnMzdEtENFJWZm1Bbkk3ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODUvOTk1ZTRmLWNkNDItNGRjOS1hZTI0LTBlYzEyY2ZjZTQy
MS8xLzEtZGRHbS1EWnhMcUluVDRnSnEySzNFTER6MU0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb1Gkw
DQYJKoZIhvcNAQELBQADggEBAGtTogkBTuGwV3YRdEPOemYZrxMtKOL2hZKMPe6v
AkUsjlaZAgw/p3VuTEY+KthsfUgwUoU6nIuddHECHDnYKzvCYYVSvum2m/+2KKgz
KGE5SXDCBt9I412TD4FvYBrx5QvRgpFAn9ZovmviZ+G3XEjst/xkIBPuDm+60rR2
PyDkx32jQmBrPTdl9olnolSG3a71E0ycBYDuO5HxfkK3AWGAx0EG3dgNc35hiyBc
5DOytWgS6qZ4+tRCDiWxd+S7NwusSVQREeHRWGK9eBtCiI+oh/Pzq37kxkKuIx3F
kACFkSKPQtbfp0FAgF9ku84M7Ql+IQR3eLTQdY9Qre5Zclo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:55 2025 by rpki-client