Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d8ac58-9a61-4852-9f2f-26f39384874f/1/aJaTjrsF-9dSkHXEXXdDOel-Sk8.roa
File: aJaTjrsF-9dSkHXEXXdDOel-Sk8.roa (raw, json)
Hash identifier: CaxJm4rISmKjBbHj5yNhph41pcG39FpGoodTLX90p/w=
Subject key identifier: 68:96:93:8E:BB:05:FB:D7:52:90:75:C4:5D:77:43:39:E9:7E:4A:4F
Certificate issuer: /CN=9d0e3080792cfa9f15f03eb3fd76ca68c8cde220
Certificate serial: 018708451AA10C626007828748621E215877
Authority key identifier: 9D:0E:30:80:79:2C:FA:9F:15:F0:3E:B3:FD:76:CA:68:C8:CD:E2:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQ4wgHks-p8V8D6z_XbKaMjN4iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/d8ac58-9a61-4852-9f2f-26f39384874f/1/aJaTjrsF-9dSkHXEXXdDOel-Sk8.roa
Signing time: Wed 22 Mar 2023 07:42:39 +0000
ROA not before: Wed 22 Mar 2023 07:42:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50599
IP address blocks: 91.244.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:45:1a:a1:0c:62:60:07:82:87:48:62:1e:21:58:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0e3080792cfa9f15f03eb3fd76ca68c8cde220
Validity
Not Before: Mar 22 07:42:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6896938ebb05fbd7529075c45d774339e97e4a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4f:00:b7:6c:0a:dd:1e:00:e5:b5:09:6b:96:
23:80:45:cf:89:22:67:01:85:97:2d:18:a9:02:0f:
af:ee:40:84:35:f5:99:e9:cc:e7:01:cd:4c:89:75:
08:01:5e:fe:0d:c5:5d:ac:2e:ef:71:8b:be:90:a2:
bf:64:ef:77:0b:5c:ab:a0:73:88:20:39:03:2c:b8:
f1:15:0c:7f:5f:b9:f8:5e:30:3b:66:59:c0:a5:8c:
ba:ba:a7:b9:a5:fa:15:af:33:cd:82:f8:e0:73:a1:
f8:4a:d1:58:87:d3:f1:d2:c6:cd:d8:c5:5f:82:5a:
5a:53:a3:cc:0c:0f:0c:84:b3:6e:a3:89:c1:00:e5:
2c:c5:a4:3a:fc:a2:8e:70:2d:f6:d3:6e:1c:fc:7b:
ee:28:c9:a3:f2:19:15:98:cb:c9:92:50:70:71:05:
16:b9:f6:6b:1c:3c:87:e6:49:e2:2d:60:eb:ba:5d:
c0:c8:ef:93:23:c2:ad:09:3a:3f:b6:fb:fb:60:ae:
5f:a1:ca:78:3c:28:c3:d4:f2:e5:e6:49:e1:4f:45:
8f:b5:4c:00:f9:7e:02:2b:e9:bb:1e:c2:88:87:7b:
19:73:8a:71:71:1b:28:06:a9:11:d2:02:34:5f:db:
1b:5f:d8:0f:af:17:48:fb:83:8c:ef:ee:76:46:81:
11:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:96:93:8E:BB:05:FB:D7:52:90:75:C4:5D:77:43:39:E9:7E:4A:4F
X509v3 Authority Key Identifier:
keyid:9D:0E:30:80:79:2C:FA:9F:15:F0:3E:B3:FD:76:CA:68:C8:CD:E2:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQ4wgHks-p8V8D6z_XbKaMjN4iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d8ac58-9a61-4852-9f2f-26f39384874f/1/aJaTjrsF-9dSkHXEXXdDOel-Sk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d8ac58-9a61-4852-9f2f-26f39384874f/1/nQ4wgHks-p8V8D6z_XbKaMjN4iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.225.0/24
Signature Algorithm: sha256WithRSAEncryption
83:8f:b6:50:43:bd:86:a0:a9:41:f8:73:0a:0c:8f:8c:bf:cc:
76:ca:d1:aa:9c:20:bc:fe:a7:6e:92:44:3c:86:e1:1a:2e:a3:
83:bc:c3:fe:24:64:54:dc:7e:b2:11:0c:db:e8:0d:e2:d1:72:
3d:94:d8:d9:9e:f8:1c:32:12:d7:8e:a0:22:13:74:8f:e9:13:
59:d7:c8:2b:59:19:ba:5e:75:fd:b7:fb:fa:d7:d8:44:e7:6d:
6c:78:3d:6c:2a:96:cb:6f:2f:54:91:48:79:6d:20:82:50:32:
19:49:fd:cd:36:a7:55:1b:89:14:eb:ce:db:2b:a3:85:57:cc:
a6:9b:f5:e9:23:87:44:87:0a:ec:2a:23:68:ab:6a:6d:99:cd:
04:ab:87:9a:01:bf:8a:98:30:e6:67:04:45:a4:2f:0e:cc:3d:
31:1a:3e:42:09:d8:79:a6:38:1c:a5:f0:94:8a:9f:74:ff:bd:
49:34:e2:f0:39:2f:62:e3:4d:11:29:4e:e6:cc:ab:71:e4:29:
ad:40:94:19:7e:48:60:43:8a:fc:dc:74:9f:d5:a9:49:31:94:
5e:37:10:c3:e2:c1:51:69:83:15:73:46:0a:71:06:e0:5d:fe:
7c:ce:3f:b6:84:49:89:73:9d:b0:66:75:4d:81:9e:e7:ad:5e:
76:a6:ff:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcIRRqhDGJgB4KHSGIeIVh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGUzMDgwNzkyY2ZhOWYxNWYwM2ViM2ZkNzZjYTY4Yzhj
ZGUyMjAwHhcNMjMwMzIyMDc0MjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk2OTM4ZWJiMDVmYmQ3NTI5MDc1YzQ1ZDc3NDMzOWU5N2U0YTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE8At2wK3R4A5bUJa5YjgEXPiSJn
AYWXLRipAg+v7kCENfWZ6cznAc1MiXUIAV7+DcVdrC7vcYu+kKK/ZO93C1yroHOI
IDkDLLjxFQx/X7n4XjA7ZlnApYy6uqe5pfoVrzPNgvjgc6H4StFYh9Px0sbN2MVf
glpaU6PMDA8MhLNuo4nBAOUsxaQ6/KKOcC32024c/HvuKMmj8hkVmMvJklBwcQUW
ufZrHDyH5kniLWDrul3AyO+TI8KtCTo/tvv7YK5focp4PCjD1PLl5knhT0WPtUwA
+X4CK+m7HsKIh3sZc4pxcRsoBqkR0gI0X9sbX9gPrxdI+4OM7+52RoERLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiWk467BfvXUpB1xF13QznpfkpPMB8GA1UdIwQY
MBaAFJ0OMIB5LPqfFfA+s/12ymjIzeIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblE0d2dIa3MtcDhWOEQ2el9YYkthTWpONGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kOGFjNTgtOWE2MS00ODUyLTlmMmYt
MjZmMzkzODQ4NzRmLzEvYUphVGpyc0YtOWRTa0hYRVhYZERPZWwtU2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kOGFjNTgtOWE2MS00ODUyLTlmMmYtMjZmMzkzODQ4NzRm
LzEvblE0d2dIa3MtcDhWOEQ2el9YYkthTWpONGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/ThMA0G
CSqGSIb3DQEBCwUAA4IBAQCDj7ZQQ72GoKlB+HMKDI+Mv8x2ytGqnCC8/qdukkQ8
huEaLqODvMP+JGRU3H6yEQzb6A3i0XI9lNjZnvgcMhLXjqAiE3SP6RNZ18grWRm6
XnX9t/v619hE521seD1sKpbLby9UkUh5bSCCUDIZSf3NNqdVG4kU687bK6OFV8ym
m/XpI4dEhwrsKiNoq2ptmc0Eq4eaAb+KmDDmZwRFpC8OzD0xGj5CCdh5pjgcpfCU
ip90/71JNOLwOS9i400RKU7mzKtx5CmtQJQZfkhgQ4r83HSf1alJMZReNxDD4sFR
aYMVc0YKcQbgXf58zj+2hEmJc52wZnVNgZ7nrV52pv+T
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:57 2025 by rpki-client