Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/Gly7UOJmL9fdtsfXRlZ_b2diFRs.roa
File: Gly7UOJmL9fdtsfXRlZ_b2diFRs.roa (raw, json)
Hash identifier: RTotLs4+si5viso1b5m4l37X/vKFg/q5sxlPppmdi9o=
Subject key identifier: 1A:5C:BB:50:E2:66:2F:D7:DD:B6:C7:D7:46:56:7F:6F:67:62:15:1B
Certificate issuer: /CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Certificate serial: 018AFC6FC4CFD9BAE2823035E5CC9E0611A5
Authority key identifier: B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/Gly7UOJmL9fdtsfXRlZ_b2diFRs.roa
Signing time: Wed 04 Oct 2023 20:44:57 +0000
ROA not before: Wed 04 Oct 2023 20:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51341
IP address blocks: 91.218.85.0/24 maxlen: 24
91.218.84.0/24 maxlen: 24
91.218.86.0/24 maxlen: 24
91.218.87.0/24 maxlen: 24
91.236.141.0/24 maxlen: 24
91.236.140.0/24 maxlen: 24
91.236.143.0/24 maxlen: 24
91.236.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:6f:c4:cf:d9:ba:e2:82:30:35:e5:cc:9e:06:11:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Validity
Not Before: Oct 4 20:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a5cbb50e2662fd7ddb6c7d746567f6f6762151b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:88:ab:20:24:52:80:40:3c:6b:3a:bd:54:4c:
04:a7:50:e6:7c:92:19:e0:6f:1d:54:c8:3d:b1:ca:
62:09:d3:d0:84:db:59:4e:c6:d9:e4:96:35:be:a5:
4e:a1:9e:ec:2b:8b:d6:ea:78:81:6d:af:13:a6:cc:
4d:c0:57:9f:d3:9e:cc:46:a6:58:64:31:71:c9:ce:
40:f1:6a:d3:b9:14:1d:50:73:3f:7e:82:8b:73:d3:
cc:63:f5:56:ff:b5:02:3b:e7:a9:17:b3:77:ce:32:
ac:b7:ae:f8:ac:9a:64:9f:26:f9:3b:92:f1:c0:7a:
e3:2b:97:75:b7:02:ef:97:33:02:0b:27:03:4b:3d:
c3:5a:f2:d4:f7:25:25:e7:cb:34:db:6b:14:02:35:
41:30:56:5a:e1:be:dd:28:36:ac:2c:84:e4:49:0e:
71:d0:a3:26:ce:78:40:fc:d2:8a:66:5c:3a:04:3d:
48:a1:46:d2:cf:bd:20:47:24:42:cd:9a:6e:6d:39:
85:ab:10:10:f4:e4:19:22:cb:b2:ba:8d:67:f7:3a:
a3:84:b8:2f:ce:eb:ea:d9:12:1c:1a:0e:6f:80:d7:
8d:03:66:fe:dc:a9:c2:87:7f:b2:8a:25:7c:58:3d:
80:ce:9a:29:fd:14:a1:cb:01:2e:1d:30:30:a0:c4:
3b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5C:BB:50:E2:66:2F:D7:DD:B6:C7:D7:46:56:7F:6F:67:62:15:1B
X509v3 Authority Key Identifier:
keyid:B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/Gly7UOJmL9fdtsfXRlZ_b2diFRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.84.0/22
91.236.140.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:2a:02:5e:52:b1:1f:d5:04:28:16:bb:81:8f:c2:cd:65:b9:
22:ab:83:3f:e1:27:47:94:0b:d7:d2:28:f2:ba:7e:3a:f7:87:
12:bb:57:3b:ed:8a:dd:87:0e:ed:1f:a6:60:eb:ea:d6:5e:13:
5f:59:4b:91:77:53:bd:ea:e1:c5:aa:13:a7:ce:99:e4:4c:bd:
6b:7f:56:1a:ba:d4:f1:d2:08:69:ad:c1:26:37:7e:88:a7:7d:
e0:a9:67:75:34:b3:7a:47:8a:92:e2:2d:27:f2:0c:99:a5:ce:
89:d8:57:2a:4f:89:c1:43:3d:0b:26:17:8e:6b:41:54:38:ec:
08:a9:90:9f:53:17:22:74:3f:0d:ff:d8:27:32:c1:1f:85:b2:
cf:ee:2b:f7:8e:e5:5f:dc:d9:91:a4:59:74:23:c2:47:73:cb:
1c:9f:4e:64:cb:2a:ae:48:18:cc:14:ed:05:cf:62:a7:16:79:
fb:76:93:33:86:72:d3:4b:93:6f:11:1f:88:08:58:c7:3d:18:
b9:a2:98:e4:ef:61:d6:f5:68:67:73:63:ea:60:a3:30:ae:87:
79:f8:34:55:b2:43:35:71:80:77:b5:8b:0e:61:b1:fc:29:4b:
d8:f4:1b:ff:c9:8c:e8:2b:37:ac:45:5f:12:bb:4f:1e:ed:a5:
2d:6b:31:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr8b8TP2brigjA15cyeBhGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NjJhYzcwMWMxNGQzNGJiMmU0NDc1ZWM1MTE1MmE0MGM5
ZDNkM2MwHhcNMjMxMDA0MjA0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTVjYmI1MGUyNjYyZmQ3ZGRiNmM3ZDc0NjU2N2Y2ZjY3NjIxNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIirICRSgEA8azq9VEwEp1DmfJIZ
4G8dVMg9scpiCdPQhNtZTsbZ5JY1vqVOoZ7sK4vW6niBba8TpsxNwFef057MRqZY
ZDFxyc5A8WrTuRQdUHM/foKLc9PMY/VW/7UCO+epF7N3zjKst674rJpknyb5O5Lx
wHrjK5d1twLvlzMCCycDSz3DWvLU9yUl58s022sUAjVBMFZa4b7dKDasLITkSQ5x
0KMmznhA/NKKZlw6BD1IoUbSz70gRyRCzZpubTmFqxAQ9OQZIsuyuo1n9zqjhLgv
zuvq2RIcGg5vgNeNA2b+3KnCh3+yiiV8WD2Azpop/RShywEuHTAwoMQ7sQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpcu1DiZi/X3bbH10ZWf29nYhUbMB8GA1UdIwQY
MBaAFLVirHAcFNNLsuRHXsURUqQMnT08MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTIt
MDk3MzI0ZGQ5ZWM4LzEvR2x5N1VPSm1MOWZkdHNmWFJsWl9iMmRpRlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTItMDk3MzI0ZGQ5ZWM4
LzEvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9pUAwQC
W+yMMA0GCSqGSIb3DQEBCwUAA4IBAQB/KgJeUrEf1QQoFruBj8LNZbkiq4M/4SdH
lAvX0ijyun4694cSu1c77Yrdhw7tH6Zg6+rWXhNfWUuRd1O96uHFqhOnzpnkTL1r
f1YautTx0ghprcEmN36Ip33gqWd1NLN6R4qS4i0n8gyZpc6J2FcqT4nBQz0LJheO
a0FUOOwIqZCfUxcidD8N/9gnMsEfhbLP7iv3juVf3NmRpFl0I8JHc8scn05kyyqu
SBjMFO0Fz2KnFnn7dpMzhnLTS5NvER+ICFjHPRi5opjk72HW9Whnc2PqYKMwrod5
+DRVskM1cYB3tYsOYbH8KUvY9Bv/yYzoKzesRV8Su08e7aUtazEk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:09 2025 by rpki-client