Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6b4386-df3d-4f9c-af1c-c373f453a245/1/nZa7vJLJXmGwXc3jves21sXgeic.roa
File: nZa7vJLJXmGwXc3jves21sXgeic.roa (raw, json)
Hash identifier: 2ZG0BCkQUgSlpXweHyX4ABhl0CkZk5j7OEXYu8QL6fg=
Subject key identifier: 9D:96:BB:BC:92:C9:5E:61:B0:5D:CD:E3:BD:EB:36:D6:C5:E0:7A:27
Certificate issuer: /CN=d3277a239664d245becf4214dde15923042a142f
Certificate serial: 01856BC10EE56EC1B6E282261AD4F43F774D
Authority key identifier: D3:27:7A:23:96:64:D2:45:BE:CF:42:14:DD:E1:59:23:04:2A:14:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0yd6I5Zk0kW-z0IU3eFZIwQqFC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6b4386-df3d-4f9c-af1c-c373f453a245/1/nZa7vJLJXmGwXc3jves21sXgeic.roa
Signing time: Sun 01 Jan 2023 05:14:52 +0000
ROA not before: Sun 01 Jan 2023 05:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197130
IP address blocks: 91.216.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:0e:e5:6e:c1:b6:e2:82:26:1a:d4:f4:3f:77:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3277a239664d245becf4214dde15923042a142f
Validity
Not Before: Jan 1 05:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d96bbbc92c95e61b05dcde3bdeb36d6c5e07a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e9:02:66:3d:f8:f3:8d:41:0e:b2:99:5f:e9:
a3:09:7a:67:0e:5e:54:07:1c:3e:de:b3:98:20:6a:
bf:dd:57:17:44:68:c8:b6:0d:7d:ac:5d:ef:e4:dd:
3d:4b:92:80:b4:ac:bd:37:8f:79:78:4a:1c:11:42:
44:32:23:e1:b5:f0:45:a0:f4:af:44:53:11:bc:3a:
1a:0d:07:01:82:42:ab:ad:c4:cf:76:9b:b0:1c:4d:
bf:61:25:5f:27:65:44:f9:d4:bb:1e:f6:f7:85:40:
a9:5d:11:94:b4:9b:6e:ae:95:fa:e7:91:a5:6b:17:
7c:8d:8c:84:57:11:0a:13:26:b9:07:b2:c4:06:da:
6d:71:41:12:21:4a:25:06:4f:37:14:3c:12:5a:2f:
d5:f8:ae:f8:ba:ca:a4:a8:91:2b:7d:5c:65:79:12:
43:25:16:b5:e1:79:90:c7:4c:a5:22:2e:60:b6:b2:
84:9a:9a:28:75:5b:a1:ad:5b:5c:e1:29:71:09:0a:
50:64:c8:f0:2a:05:b9:d4:57:85:d4:c2:e5:89:a1:
28:3b:79:96:45:90:0f:2b:30:59:08:1c:82:db:84:
fb:f7:3d:e3:fb:d6:d7:c9:73:16:61:8e:c1:47:ac:
9a:51:05:d8:73:61:37:f1:49:33:ff:60:d6:f7:9d:
7d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:96:BB:BC:92:C9:5E:61:B0:5D:CD:E3:BD:EB:36:D6:C5:E0:7A:27
X509v3 Authority Key Identifier:
keyid:D3:27:7A:23:96:64:D2:45:BE:CF:42:14:DD:E1:59:23:04:2A:14:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yd6I5Zk0kW-z0IU3eFZIwQqFC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6b4386-df3d-4f9c-af1c-c373f453a245/1/nZa7vJLJXmGwXc3jves21sXgeic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6b4386-df3d-4f9c-af1c-c373f453a245/1/0yd6I5Zk0kW-z0IU3eFZIwQqFC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.201.0/24
Signature Algorithm: sha256WithRSAEncryption
39:ba:02:6c:56:84:69:1a:66:f9:86:f6:98:f5:e9:e1:0e:79:
c9:81:df:79:bc:e7:d1:a1:60:01:0c:d5:86:d8:87:88:86:1c:
ef:f9:dc:8c:ee:09:7f:80:8c:75:c5:01:94:43:04:0f:a6:e7:
32:6f:a7:e4:d4:38:f7:b0:ad:9d:1b:5d:4b:ea:11:ca:07:ff:
f3:90:54:bb:f1:c4:a7:b2:80:a9:8f:01:65:35:aa:aa:8b:64:
55:48:a8:2f:9e:cb:f9:be:e1:90:75:44:97:6e:eb:8c:6f:a5:
79:17:23:43:50:7b:79:a0:0b:69:c5:93:8f:45:e2:34:2a:25:
d5:40:b9:50:7d:3a:8e:d0:0d:15:5c:bf:7a:8e:db:08:61:82:
31:0b:be:ad:cd:79:b0:ed:af:24:fe:6d:76:03:ab:a0:5f:4b:
81:43:71:89:fa:8d:b3:8e:92:58:75:5e:5f:ec:a8:dd:69:9a:
43:3a:26:44:c1:54:cb:74:80:c4:89:3e:33:db:a8:80:eb:2e:
02:8c:fa:c9:d8:f9:58:d5:9c:20:68:7d:1f:1e:3a:e1:93:bb:
c8:31:2b:c8:e5:21:97:f0:52:53:07:a7:49:aa:b9:26:f9:35:
4c:e1:dd:5d:27:6f:70:e9:16:a0:41:13:72:5d:9e:9b:73:89:
a6:46:10:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwQ7lbsG24oImGtT0P3dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMjc3YTIzOTY2NGQyNDViZWNmNDIxNGRkZTE1OTIzMDQy
YTE0MmYwHhcNMjMwMTAxMDUxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk2YmJiYzkyYzk1ZTYxYjA1ZGNkZTNiZGViMzZkNmM1ZTA3YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmekCZj34841BDrKZX+mjCXpnDl5U
Bxw+3rOYIGq/3VcXRGjItg19rF3v5N09S5KAtKy9N495eEocEUJEMiPhtfBFoPSv
RFMRvDoaDQcBgkKrrcTPdpuwHE2/YSVfJ2VE+dS7Hvb3hUCpXRGUtJturpX655Gl
axd8jYyEVxEKEya5B7LEBtptcUESIUolBk83FDwSWi/V+K74usqkqJErfVxleRJD
JRa14XmQx0ylIi5gtrKEmpoodVuhrVtc4SlxCQpQZMjwKgW51FeF1MLliaEoO3mW
RZAPKzBZCByC24T79z3j+9bXyXMWYY7BR6yaUQXYc2E38Ukz/2DW9519NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2Wu7ySyV5hsF3N473rNtbF4HonMB8GA1UdIwQY
MBaAFNMneiOWZNJFvs9CFN3hWSMEKhQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHlkNkk1Wmswa1ctejBJVTNlRlpJd1FxRkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YjQzODYtZGYzZC00ZjljLWFmMWMt
YzM3M2Y0NTNhMjQ1LzEvblphN3ZKTEpYbUd3WGMzanZlczIxc1hnZWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YjQzODYtZGYzZC00ZjljLWFmMWMtYzM3M2Y0NTNhMjQ1
LzEvMHlkNkk1Wmswa1ctejBJVTNlRlpJd1FxRkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9jJMA0G
CSqGSIb3DQEBCwUAA4IBAQA5ugJsVoRpGmb5hvaY9enhDnnJgd95vOfRoWABDNWG
2IeIhhzv+dyM7gl/gIx1xQGUQwQPpucyb6fk1Dj3sK2dG11L6hHKB//zkFS78cSn
soCpjwFlNaqqi2RVSKgvnsv5vuGQdUSXbuuMb6V5FyNDUHt5oAtpxZOPReI0KiXV
QLlQfTqO0A0VXL96jtsIYYIxC76tzXmw7a8k/m12A6ugX0uBQ3GJ+o2zjpJYdV5f
7KjdaZpDOiZEwVTLdIDEiT4z26iA6y4CjPrJ2PlY1ZwgaH0fHjrhk7vIMSvI5SGX
8FJTB6dJqrkm+TVM4d1dJ29w6RagQRNyXZ6bc4mmRhA8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:47 2025 by rpki-client