Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6e27ca-7ff7-4e09-bae5-0d0d7c0189ad/1/Ces40LmHT3Ze2Emr60-LfQtIM30.roa
File: Ces40LmHT3Ze2Emr60-LfQtIM30.roa (raw, json)
Hash identifier: F1XVzJQUwVrYgosFcYeiLCXKvKSg8mrKdaa2EeUq73c=
Subject key identifier: 09:EB:38:D0:B9:87:4F:76:5E:D8:49:AB:EB:4F:8B:7D:0B:48:33:7D
Certificate issuer: /CN=275aab7dfbb152a646adf3273b31aa5dde64a1df
Certificate serial: 0185724C6A8DA6654FEC389EF8D507772FFF
Authority key identifier: 27:5A:AB:7D:FB:B1:52:A6:46:AD:F3:27:3B:31:AA:5D:DE:64:A1:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1qrffuxUqZGrfMnOzGqXd5kod8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/6e27ca-7ff7-4e09-bae5-0d0d7c0189ad/1/Ces40LmHT3Ze2Emr60-LfQtIM30.roa
Signing time: Mon 02 Jan 2023 11:44:48 +0000
ROA not before: Mon 02 Jan 2023 11:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48275
IP address blocks: 91.207.180.0/24 maxlen: 32
91.207.181.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:6a:8d:a6:65:4f:ec:38:9e:f8:d5:07:77:2f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=275aab7dfbb152a646adf3273b31aa5dde64a1df
Validity
Not Before: Jan 2 11:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09eb38d0b9874f765ed849abeb4f8b7d0b48337d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:db:77:1e:43:a4:a6:6a:22:4b:6f:4d:6c:ec:
53:a6:de:27:f1:80:7d:f5:92:03:ee:9d:7a:58:fa:
f7:10:e5:60:95:91:69:35:0d:02:88:11:03:9e:fe:
de:bf:43:3a:f5:2c:44:d9:8d:48:e4:fb:68:57:ad:
96:50:b0:0b:a2:61:92:ca:ec:9c:bc:e9:4e:a9:54:
24:01:57:20:44:43:1a:f8:94:41:57:de:a4:e0:5b:
b8:11:1e:6f:26:fa:62:d2:67:7f:6d:ac:dc:89:d5:
41:3f:20:87:b9:b5:66:3d:9a:a2:0f:07:c7:5c:fa:
ad:e5:fb:91:8b:58:9e:51:df:81:e0:fa:8f:7b:9b:
4a:b3:c9:91:34:7f:74:3d:61:1b:3e:fc:75:17:d8:
d5:0f:de:7e:a0:54:81:ed:bc:80:7c:e0:55:89:ee:
39:29:f4:57:8a:b7:2e:af:33:b9:72:1c:ed:9a:f4:
e9:67:d8:87:b8:7a:d6:82:be:39:74:67:46:0d:17:
cf:0b:fe:5f:e4:12:71:c6:54:d1:2c:3c:96:62:48:
c6:54:6c:f5:7c:e7:9e:e2:00:89:a4:71:0b:9d:2a:
12:bf:3c:ca:07:56:72:df:66:db:f1:c0:79:39:3f:
37:3f:63:d8:57:54:ba:97:83:2f:85:e9:93:4a:5d:
82:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EB:38:D0:B9:87:4F:76:5E:D8:49:AB:EB:4F:8B:7D:0B:48:33:7D
X509v3 Authority Key Identifier:
keyid:27:5A:AB:7D:FB:B1:52:A6:46:AD:F3:27:3B:31:AA:5D:DE:64:A1:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1qrffuxUqZGrfMnOzGqXd5kod8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6e27ca-7ff7-4e09-bae5-0d0d7c0189ad/1/Ces40LmHT3Ze2Emr60-LfQtIM30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6e27ca-7ff7-4e09-bae5-0d0d7c0189ad/1/J1qrffuxUqZGrfMnOzGqXd5kod8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.180.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:9e:c2:69:cc:f2:3e:f6:df:d7:17:0b:e3:cb:f9:80:66:d8:
8f:51:51:9a:72:da:4d:05:d2:57:50:e7:1a:6a:38:38:c6:cb:
ee:b8:a3:70:5d:a0:e4:59:36:fc:00:97:31:fd:12:8b:90:68:
32:f2:3f:7b:64:4c:5b:7d:56:b8:4b:ee:74:cd:22:4c:18:e6:
d0:05:88:e9:3a:83:98:38:ed:fa:29:f2:42:34:da:2a:6d:fc:
0a:4d:6b:29:71:8f:fd:4d:53:28:ba:d3:d3:67:22:d6:23:24:
64:aa:8a:96:05:9a:56:ed:af:7e:d4:1c:3d:0f:f1:91:52:65:
35:ef:47:ef:87:77:c8:c8:9b:f4:78:64:6d:94:0a:d6:4f:f8:
69:cb:c2:f7:68:2a:02:ec:38:cf:c4:fd:f3:cb:53:60:27:4a:
69:e2:1a:b0:93:b3:24:84:8b:b3:08:d9:3b:a0:24:9e:31:c8:
52:16:a6:ea:d8:b4:e0:ba:01:a7:09:6b:4b:5d:bf:f8:fe:cd:
ec:88:67:68:5a:e8:f6:b1:2f:5e:72:6c:f7:b4:3d:97:e5:30:
56:21:66:9b:7a:27:88:a0:6a:5f:e8:33:65:ba:be:1b:ba:f4:
ee:3e:3f:91:8b:84:bd:6b:82:3d:e2:43:11:be:f0:a4:d0:83:
65:b7:c9:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTGqNpmVP7Die+NUHdy//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NWFhYjdkZmJiMTUyYTY0NmFkZjMyNzNiMzFhYTVkZGU2
NGExZGYwHhcNMjMwMTAyMTE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWViMzhkMGI5ODc0Zjc2NWVkODQ5YWJlYjRmOGI3ZDBiNDgzMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitt3HkOkpmoiS29NbOxTpt4n8YB9
9ZID7p16WPr3EOVglZFpNQ0CiBEDnv7ev0M69SxE2Y1I5PtoV62WULALomGSyuyc
vOlOqVQkAVcgREMa+JRBV96k4Fu4ER5vJvpi0md/bazcidVBPyCHubVmPZqiDwfH
XPqt5fuRi1ieUd+B4PqPe5tKs8mRNH90PWEbPvx1F9jVD95+oFSB7byAfOBVie45
KfRXircurzO5chztmvTpZ9iHuHrWgr45dGdGDRfPC/5f5BJxxlTRLDyWYkjGVGz1
fOee4gCJpHELnSoSvzzKB1Zy32bb8cB5OT83P2PYV1S6l4MvhemTSl2CFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAnrONC5h092XthJq+tPi30LSDN9MB8GA1UdIwQY
MBaAFCdaq337sVKmRq3zJzsxql3eZKHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFxcmZmdXhVcVpHcmZNbk96R3FYZDVrb2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZTI3Y2EtN2ZmNy00ZTA5LWJhZTUt
MGQwZDdjMDE4OWFkLzEvQ2VzNDBMbUhUM1plMkVtcjYwLUxmUXRJTTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZTI3Y2EtN2ZmNy00ZTA5LWJhZTUtMGQwZDdjMDE4OWFk
LzEvSjFxcmZmdXhVcVpHcmZNbk96R3FYZDVrb2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8+0MA0G
CSqGSIb3DQEBCwUAA4IBAQCMnsJpzPI+9t/XFwvjy/mAZtiPUVGactpNBdJXUOca
ajg4xsvuuKNwXaDkWTb8AJcx/RKLkGgy8j97ZExbfVa4S+50zSJMGObQBYjpOoOY
OO36KfJCNNoqbfwKTWspcY/9TVMoutPTZyLWIyRkqoqWBZpW7a9+1Bw9D/GRUmU1
70fvh3fIyJv0eGRtlArWT/hpy8L3aCoC7DjPxP3zy1NgJ0pp4hqwk7MkhIuzCNk7
oCSeMchSFqbq2LTgugGnCWtLXb/4/s3siGdoWuj2sS9ecmz3tD2X5TBWIWabeieI
oGpf6DNlur4buvTuPj+Ri4S9a4I94kMRvvCk0INlt8ks
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:00 2025 by rpki-client