Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2b9d89-ed82-4401-81d9-67d1b2a61bb0/1/xVlaLc0aKHPSNd3vKE_FLWsqNuE.roa
File: xVlaLc0aKHPSNd3vKE_FLWsqNuE.roa (raw, json)
Hash identifier: VjkqezwXIw+ibMW/mVNbPdFn62Bdb2972lKDqsxy07c=
Subject key identifier: C5:59:5A:2D:CD:1A:28:73:D2:35:DD:EF:28:4F:C5:2D:6B:2A:36:E1
Certificate issuer: /CN=7252c7d5ed8c5a2bc2ad03065d41c3e4b3ac1575
Certificate serial: 01856FA707598EE9F79F810DF79C5DE6FC8F
Authority key identifier: 72:52:C7:D5:ED:8C:5A:2B:C2:AD:03:06:5D:41:C3:E4:B3:AC:15:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clLH1e2MWivCrQMGXUHD5LOsFXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2b9d89-ed82-4401-81d9-67d1b2a61bb0/1/xVlaLc0aKHPSNd3vKE_FLWsqNuE.roa
Signing time: Sun 01 Jan 2023 23:24:55 +0000
ROA not before: Sun 01 Jan 2023 23:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47919
IP address blocks: 91.208.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:07:59:8e:e9:f7:9f:81:0d:f7:9c:5d:e6:fc:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7252c7d5ed8c5a2bc2ad03065d41c3e4b3ac1575
Validity
Not Before: Jan 1 23:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5595a2dcd1a2873d235ddef284fc52d6b2a36e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:ca:fd:f9:fc:ba:4c:17:32:9d:e6:e0:cd:
95:e7:98:b5:dc:61:a9:d2:13:59:1a:02:ee:09:d9:
dd:5b:b2:bc:a0:d8:d0:e8:11:cb:e1:2b:c9:26:69:
5d:8c:61:f7:38:25:0d:cd:68:fa:32:0a:dd:4e:70:
a3:3e:94:e8:10:aa:94:5e:fb:08:eb:34:56:54:50:
03:d2:64:42:6d:04:b2:5d:57:85:54:da:41:63:86:
90:83:5e:7c:26:0c:d3:df:2d:3b:50:8d:6f:ff:f0:
98:07:38:87:b8:f8:03:32:48:af:be:99:d6:17:f5:
b9:f1:9d:78:d9:b9:03:f7:cb:73:cb:67:9d:21:79:
53:cc:ae:90:08:5e:e5:c1:03:f1:14:9a:40:fd:4f:
8a:92:e0:7e:94:98:83:92:52:14:79:d1:2c:60:74:
9d:e6:38:c7:23:cb:6d:d4:3e:4e:0c:39:20:40:db:
0a:4b:4e:7f:6a:6c:05:7d:f0:33:fd:c1:cc:91:91:
45:e1:6e:21:50:31:dc:91:65:88:7c:eb:f9:7c:df:
06:1a:3d:85:da:c3:00:e0:51:c1:3e:ef:ac:2c:73:
ac:0b:02:bd:5f:32:b7:65:74:57:c0:a6:dd:52:5f:
e4:da:5e:c6:ef:ac:e8:45:90:bd:4c:fb:63:13:60:
8c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:59:5A:2D:CD:1A:28:73:D2:35:DD:EF:28:4F:C5:2D:6B:2A:36:E1
X509v3 Authority Key Identifier:
keyid:72:52:C7:D5:ED:8C:5A:2B:C2:AD:03:06:5D:41:C3:E4:B3:AC:15:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clLH1e2MWivCrQMGXUHD5LOsFXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2b9d89-ed82-4401-81d9-67d1b2a61bb0/1/xVlaLc0aKHPSNd3vKE_FLWsqNuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2b9d89-ed82-4401-81d9-67d1b2a61bb0/1/clLH1e2MWivCrQMGXUHD5LOsFXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.198.0/24
Signature Algorithm: sha256WithRSAEncryption
26:74:db:64:dc:85:ba:2b:8e:59:dd:a9:d3:dc:bb:9a:6b:af:
ab:4d:49:d8:42:e3:2b:26:3b:5b:2e:08:77:e8:a8:87:ea:d0:
bc:8c:e3:29:b5:2f:ec:a1:b9:66:6c:38:c1:02:36:a7:d6:c7:
2e:89:a8:6c:51:ae:f1:dc:75:23:73:f2:ca:08:cd:21:8d:d9:
ad:b2:e9:5f:5c:7c:47:d3:74:88:71:42:b3:bc:03:ba:a8:09:
60:15:5a:92:c5:70:ec:e5:0b:96:48:0b:c2:5b:07:7b:5d:8a:
d4:89:ee:ce:89:d6:f6:18:e4:7a:f5:8c:1f:0a:87:13:ca:f5:
f3:70:34:50:f6:5c:22:31:64:1b:9c:6d:e1:ea:7f:12:ef:bb:
56:bf:e8:d6:f6:f8:5d:b2:dd:8c:8a:de:c8:2f:7e:10:8c:15:
04:fb:30:ee:3d:96:ce:1a:e5:06:91:d9:f2:1e:17:78:1f:50:
5f:bf:10:9e:c3:3e:fb:59:84:32:60:c6:ac:99:be:a7:90:0a:
ca:13:02:ee:33:bc:42:08:95:ba:6c:76:e0:91:09:7c:60:b9:
b1:2a:7a:cd:8c:9c:af:c3:b4:5f:21:1b:19:06:ab:75:71:52:
75:c1:d8:b3:af:0f:24:93:a3:b8:7e:28:92:dc:ad:92:ce:8d:
3f:56:9e:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpwdZjun3n4EN95xd5vyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTJjN2Q1ZWQ4YzVhMmJjMmFkMDMwNjVkNDFjM2U0YjNh
YzE1NzUwHhcNMjMwMTAxMjMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTU5NWEyZGNkMWEyODczZDIzNWRkZWYyODRmYzUyZDZiMmEzNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8LK/fn8ukwXMp3m4M2V55i13GGp
0hNZGgLuCdndW7K8oNjQ6BHL4SvJJmldjGH3OCUNzWj6MgrdTnCjPpToEKqUXvsI
6zRWVFAD0mRCbQSyXVeFVNpBY4aQg158JgzT3y07UI1v//CYBziHuPgDMkivvpnW
F/W58Z142bkD98tzy2edIXlTzK6QCF7lwQPxFJpA/U+KkuB+lJiDklIUedEsYHSd
5jjHI8tt1D5ODDkgQNsKS05/amwFffAz/cHMkZFF4W4hUDHckWWIfOv5fN8GGj2F
2sMA4FHBPu+sLHOsCwK9XzK3ZXRXwKbdUl/k2l7G76zoRZC9TPtjE2CMJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVZWi3NGihz0jXd7yhPxS1rKjbhMB8GA1UdIwQY
MBaAFHJSx9XtjForwq0DBl1Bw+SzrBV1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xMSDFlMk1XaXZDclFNR1hVSEQ1TE9zRlhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yYjlkODktZWQ4Mi00NDAxLTgxZDkt
NjdkMWIyYTYxYmIwLzEveFZsYUxjMGFLSFBTTmQzdktFX0ZMV3NxTnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yYjlkODktZWQ4Mi00NDAxLTgxZDktNjdkMWIyYTYxYmIw
LzEvY2xMSDFlMk1XaXZDclFNR1hVSEQ1TE9zRlhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DGMA0G
CSqGSIb3DQEBCwUAA4IBAQAmdNtk3IW6K45Z3anT3Luaa6+rTUnYQuMrJjtbLgh3
6KiH6tC8jOMptS/soblmbDjBAjan1scuiahsUa7x3HUjc/LKCM0hjdmtsulfXHxH
03SIcUKzvAO6qAlgFVqSxXDs5QuWSAvCWwd7XYrUie7Oidb2GOR69YwfCocTyvXz
cDRQ9lwiMWQbnG3h6n8S77tWv+jW9vhdst2Mit7IL34QjBUE+zDuPZbOGuUGkdny
Hhd4H1BfvxCewz77WYQyYMasmb6nkArKEwLuM7xCCJW6bHbgkQl8YLmxKnrNjJyv
w7RfIRsZBqt1cVJ1wdizrw8kk6O4fiiS3K2Szo0/Vp5v
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:48 2025 by rpki-client