Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/0f9632-8c3d-4f7c-b22a-92f1d7dfc817/1/uNnb2ZxD4XhP59J0BA5kDaR4ogo.roa
File: uNnb2ZxD4XhP59J0BA5kDaR4ogo.roa (raw, json)
Hash identifier: rQZrhFpmSk+YtRbCUlSwPf6fk8CrorWURgA3L1BkAS8=
Subject key identifier: B8:D9:DB:D9:9C:43:E1:78:4F:E7:D2:74:04:0E:64:0D:A4:78:A2:0A
Certificate issuer: /CN=9bd0f8b42045c73870216ce0369cbd1a80bc8995
Certificate serial: 018570B97E233F62CF0592692C691A77F139
Authority key identifier: 9B:D0:F8:B4:20:45:C7:38:70:21:6C:E0:36:9C:BD:1A:80:BC:89:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9D4tCBFxzhwIWzgNpy9GoC8iZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/0f9632-8c3d-4f7c-b22a-92f1d7dfc817/1/uNnb2ZxD4XhP59J0BA5kDaR4ogo.roa
Signing time: Mon 02 Jan 2023 04:24:42 +0000
ROA not before: Mon 02 Jan 2023 04:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199408
IP address blocks: 91.194.0.0/23 maxlen: 23
91.194.14.0/23 maxlen: 23
91.194.14.0/24 maxlen: 24
91.194.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7e:23:3f:62:cf:05:92:69:2c:69:1a:77:f1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd0f8b42045c73870216ce0369cbd1a80bc8995
Validity
Not Before: Jan 2 04:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8d9dbd99c43e1784fe7d274040e640da478a20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4d:63:50:f1:5a:3c:ec:07:eb:f0:3c:a5:61:
e8:0c:e4:d8:64:a8:35:cd:49:e2:35:b5:3b:ca:84:
06:48:c4:dd:6b:1c:0a:d3:59:8f:94:06:d5:fc:0a:
c1:13:17:fe:54:a3:95:24:f1:8b:fc:77:0a:b9:9b:
28:67:95:56:74:d6:0e:eb:4e:e5:22:4c:04:ca:d1:
e6:d1:88:1f:b4:0b:dd:91:0e:1b:dd:a3:85:d3:72:
05:1a:85:66:b7:90:44:70:d1:d3:39:e8:58:c4:35:
3f:0a:76:b7:10:ca:96:e6:85:e4:6b:8e:62:c1:d1:
8f:73:86:e3:e9:4f:08:37:01:49:a5:fd:19:20:42:
a7:df:8d:7b:23:3c:12:c5:40:bf:92:e2:a8:9b:88:
26:19:2c:b7:f9:d2:2e:fa:a3:dc:d7:60:ba:eb:45:
88:2a:f7:e7:db:4d:39:17:b9:b5:ba:db:42:26:7a:
e2:57:13:22:38:79:32:fa:1d:9b:68:23:99:a2:3f:
02:01:64:9e:8f:10:9e:eb:3b:21:78:2c:dd:fa:b9:
36:17:39:ea:39:e8:10:79:1e:19:0e:0a:fe:f3:dc:
d7:7d:9c:c0:de:45:69:b5:db:0a:d5:d4:5c:b7:5e:
35:08:ed:8b:b1:00:34:50:f5:3f:36:ad:d7:f3:ad:
18:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D9:DB:D9:9C:43:E1:78:4F:E7:D2:74:04:0E:64:0D:A4:78:A2:0A
X509v3 Authority Key Identifier:
keyid:9B:D0:F8:B4:20:45:C7:38:70:21:6C:E0:36:9C:BD:1A:80:BC:89:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9D4tCBFxzhwIWzgNpy9GoC8iZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/0f9632-8c3d-4f7c-b22a-92f1d7dfc817/1/uNnb2ZxD4XhP59J0BA5kDaR4ogo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/0f9632-8c3d-4f7c-b22a-92f1d7dfc817/1/m9D4tCBFxzhwIWzgNpy9GoC8iZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.0.0/23
91.194.14.0/23
Signature Algorithm: sha256WithRSAEncryption
71:3d:3e:f0:24:63:45:8c:ab:b5:13:ca:e7:33:be:3f:27:5c:
b6:12:69:86:db:3b:f8:12:bd:8e:5d:af:b9:cb:47:df:ca:e7:
b0:2c:3f:06:06:39:cd:f2:eb:48:2f:a7:23:77:0d:34:1a:61:
0c:17:dc:d8:3a:87:2d:0d:d5:a7:c3:33:b5:b2:5c:51:e8:a8:
02:d0:40:2c:46:f9:d7:d7:38:52:f5:e9:57:8d:59:45:3c:91:
0a:0e:be:2f:1b:3d:eb:92:e0:54:7c:f9:96:a8:36:95:13:61:
a4:59:7d:26:9d:7e:da:6b:8e:02:3e:e6:5a:35:e5:e7:27:53:
5e:f6:92:53:8a:9a:55:9b:58:29:ac:c6:9b:76:b0:1c:00:90:
1e:45:5a:69:14:24:96:13:75:79:78:3f:b6:60:58:6c:65:96:
e6:41:86:f1:e3:02:aa:20:79:2e:e3:3e:37:02:f6:3e:00:e3:
c8:c4:4f:98:44:3d:ee:04:05:e8:87:71:34:2c:7f:49:5b:81:
9d:9d:34:3f:83:5c:d5:b5:2f:87:ae:9d:88:d3:ff:4c:c1:91:
f0:0d:13:16:f9:7d:d3:f0:3b:b8:5b:14:58:9f:45:df:74:73:
a2:d5:55:ed:6f:94:11:6b:d9:af:69:e3:4c:7b:1e:51:52:49:
6d:f1:60:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwuX4jP2LPBZJpLGkad/E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZDBmOGI0MjA0NWM3Mzg3MDIxNmNlMDM2OWNiZDFhODBi
Yzg5OTUwHhcNMjMwMTAyMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ5ZGJkOTljNDNlMTc4NGZlN2QyNzQwNDBlNjQwZGE0NzhhMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm01jUPFaPOwH6/A8pWHoDOTYZKg1
zUniNbU7yoQGSMTdaxwK01mPlAbV/ArBExf+VKOVJPGL/HcKuZsoZ5VWdNYO607l
IkwEytHm0YgftAvdkQ4b3aOF03IFGoVmt5BEcNHTOehYxDU/Cna3EMqW5oXka45i
wdGPc4bj6U8INwFJpf0ZIEKn3417IzwSxUC/kuKom4gmGSy3+dIu+qPc12C660WI
Kvfn2005F7m1uttCJnriVxMiOHky+h2baCOZoj8CAWSejxCe6zsheCzd+rk2Fznq
OegQeR4ZDgr+89zXfZzA3kVptdsK1dRct141CO2LsQA0UPU/Nq3X860YcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLjZ29mcQ+F4T+fSdAQOZA2keKIKMB8GA1UdIwQY
MBaAFJvQ+LQgRcc4cCFs4DacvRqAvImVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTlENHRDQkZ4emh3SVd6Z05weTlHb0M4aVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8wZjk2MzItOGMzZC00ZjdjLWIyMmEt
OTJmMWQ3ZGZjODE3LzEvdU5uYjJaeEQ0WGhQNTlKMEJBNWtEYVI0b2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8wZjk2MzItOGMzZC00ZjdjLWIyMmEtOTJmMWQ3ZGZjODE3
LzEvbTlENHRDQkZ4emh3SVd6Z05weTlHb0M4aVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8IAAwQB
W8IOMA0GCSqGSIb3DQEBCwUAA4IBAQBxPT7wJGNFjKu1E8rnM74/J1y2EmmG2zv4
Er2OXa+5y0ffyuewLD8GBjnN8utIL6cjdw00GmEMF9zYOoctDdWnwzO1slxR6KgC
0EAsRvnX1zhS9elXjVlFPJEKDr4vGz3rkuBUfPmWqDaVE2GkWX0mnX7aa44CPuZa
NeXnJ1Ne9pJTippVm1gprMabdrAcAJAeRVppFCSWE3V5eD+2YFhsZZbmQYbx4wKq
IHku4z43AvY+AOPIxE+YRD3uBAXoh3E0LH9JW4GdnTQ/g1zVtS+Hrp2I0/9MwZHw
DRMW+X3T8Du4WxRYn0XfdHOi1VXtb5QRa9mvaeNMex5RUklt8WBI
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:19:13 2025 by rpki-client