Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/Kx8nNIHHvp_cbgQQiOJGT9opKRQ.roa
File: Kx8nNIHHvp_cbgQQiOJGT9opKRQ.roa (raw, json)
Hash identifier: wJis05d/KFRV+7KQ6+HNnq8+IPaH9gvHVI2DP+w9kK8=
Subject key identifier: 2B:1F:27:34:81:C7:BE:9F:DC:6E:04:10:88:E2:46:4F:DA:29:29:14
Certificate issuer: /CN=6081fcf9eb70ab0e1fdcac09c7f9bb5e014c9dbd
Certificate serial: 01856CC16BF44BC9C268FE9373214C530317
Authority key identifier: 60:81:FC:F9:EB:70:AB:0E:1F:DC:AC:09:C7:F9:BB:5E:01:4C:9D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YIH8-etwqw4f3KwJx_m7XgFMnb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/Kx8nNIHHvp_cbgQQiOJGT9opKRQ.roa
Signing time: Sun 01 Jan 2023 09:54:53 +0000
ROA not before: Sun 01 Jan 2023 09:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59500
IP address blocks: 91.200.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:6b:f4:4b:c9:c2:68:fe:93:73:21:4c:53:03:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6081fcf9eb70ab0e1fdcac09c7f9bb5e014c9dbd
Validity
Not Before: Jan 1 09:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b1f273481c7be9fdc6e041088e2464fda292914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:74:ac:89:b9:57:fe:39:08:d7:65:e7:7b:
11:ef:0a:26:d0:12:8e:1c:43:69:e4:85:aa:44:c0:
ab:4f:2e:14:ef:0f:d9:d9:f8:fc:de:1d:7c:69:76:
93:73:d0:fc:33:67:bc:26:0f:aa:31:9c:6b:d5:76:
e3:40:1e:ec:14:fd:c2:dd:5f:f5:e9:38:19:0c:9c:
ab:95:4f:a5:0d:44:bb:bf:13:b7:8c:86:4c:1a:44:
90:6d:1b:b2:b6:c5:53:57:f0:e8:27:16:73:b7:5e:
10:90:9c:e5:a9:b6:10:d3:0f:f7:23:5f:8b:16:0c:
5b:5b:c4:11:e6:d1:33:b1:d1:c5:f3:cb:72:1d:c4:
f7:35:0d:16:43:14:f5:c2:29:ec:b8:7f:02:14:5e:
d7:00:74:80:7f:3c:5c:a6:54:ad:71:08:6d:ff:4c:
62:ba:41:2e:64:6d:a6:9b:05:89:f9:f8:69:a0:4f:
95:6e:18:b2:c2:0b:11:73:37:5b:bd:83:14:2e:fc:
17:2c:09:52:28:dd:fd:7e:7c:02:c0:88:b2:67:8d:
6c:22:42:12:52:80:e4:28:2e:c5:20:6c:43:6d:a9:
75:11:79:f9:e2:b7:eb:31:f6:ef:24:db:de:5c:8d:
49:a2:6f:f5:52:f8:df:bc:d8:4b:b4:3e:ed:e3:17:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1F:27:34:81:C7:BE:9F:DC:6E:04:10:88:E2:46:4F:DA:29:29:14
X509v3 Authority Key Identifier:
keyid:60:81:FC:F9:EB:70:AB:0E:1F:DC:AC:09:C7:F9:BB:5E:01:4C:9D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YIH8-etwqw4f3KwJx_m7XgFMnb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/Kx8nNIHHvp_cbgQQiOJGT9opKRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/YIH8-etwqw4f3KwJx_m7XgFMnb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.60.0/24
Signature Algorithm: sha256WithRSAEncryption
24:6f:f0:ae:64:d7:53:eb:bc:41:67:65:38:8a:9e:00:09:6f:
a6:bd:5c:a2:e2:98:b5:3b:83:19:19:e1:a9:56:9d:84:b8:e4:
0b:a1:c8:82:93:7b:79:f2:62:8c:d4:2d:df:66:dc:ab:24:92:
02:97:3d:18:50:3b:19:1f:ff:57:30:2a:b6:62:96:e0:7b:b9:
85:d2:bc:d9:3c:f1:c8:bb:c5:fe:26:24:17:96:05:b1:03:f7:
5e:c2:54:09:cf:df:8a:51:68:0e:ba:a3:ad:1e:51:45:db:3e:
a3:4a:a4:8b:b3:f2:07:d1:5f:87:08:ec:af:48:d7:55:c3:79:
28:37:d0:31:d6:55:25:3c:2d:84:c4:1e:3c:5d:6d:d5:39:af:
52:eb:b8:f5:b2:f5:9c:b4:6e:35:3d:8e:9c:7e:0e:c3:03:a0:
a4:c4:a3:48:68:a7:03:e8:75:22:58:1c:bc:1e:25:d5:c7:a2:
ca:54:a9:bf:aa:23:42:4f:7d:fc:bc:36:70:68:63:d3:b6:7a:
49:4e:dc:5e:d8:0c:b4:72:f4:32:16:ac:84:db:7d:45:11:22:
52:15:ec:82:2f:8e:57:a3:58:37:ec:76:01:7e:c9:42:c3:09:
5c:cf:7f:31:0f:b6:c0:5a:d1:3e:10:58:9f:8d:95:e7:9a:63:
3a:6c:d6:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswWv0S8nCaP6TcyFMUwMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwODFmY2Y5ZWI3MGFiMGUxZmRjYWMwOWM3ZjliYjVlMDE0
YzlkYmQwHhcNMjMwMTAxMDk1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFmMjczNDgxYzdiZTlmZGM2ZTA0MTA4OGUyNDY0ZmRhMjkyOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUJ0rIm5V/45CNdl53sR7wom0BKO
HENp5IWqRMCrTy4U7w/Z2fj83h18aXaTc9D8M2e8Jg+qMZxr1XbjQB7sFP3C3V/1
6TgZDJyrlU+lDUS7vxO3jIZMGkSQbRuytsVTV/DoJxZzt14QkJzlqbYQ0w/3I1+L
FgxbW8QR5tEzsdHF88tyHcT3NQ0WQxT1winsuH8CFF7XAHSAfzxcplStcQht/0xi
ukEuZG2mmwWJ+fhpoE+VbhiywgsRczdbvYMULvwXLAlSKN39fnwCwIiyZ41sIkIS
UoDkKC7FIGxDbal1EXn54rfrMfbvJNveXI1Jom/1UvjfvNhLtD7t4xcfZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsfJzSBx76f3G4EEIjiRk/aKSkUMB8GA1UdIwQY
MBaAFGCB/PnrcKsOH9ysCcf5u14BTJ29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUlIOC1ldHdxdzRmM0t3SnhfbTdYZ0ZNbmIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9mZmQxZWQtNjliMS00OTMyLThmZDAt
NzdmOWVkMTE5NWQ1LzEvS3g4bk5JSEh2cF9jYmdRUWlPSkdUOW9wS1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9mZmQxZWQtNjliMS00OTMyLThmZDAtNzdmOWVkMTE5NWQ1
LzEvWUlIOC1ldHdxdzRmM0t3SnhfbTdYZ0ZNbmIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8g8MA0G
CSqGSIb3DQEBCwUAA4IBAQAkb/CuZNdT67xBZ2U4ip4ACW+mvVyi4pi1O4MZGeGp
Vp2EuOQLociCk3t58mKM1C3fZtyrJJIClz0YUDsZH/9XMCq2Ypbge7mF0rzZPPHI
u8X+JiQXlgWxA/dewlQJz9+KUWgOuqOtHlFF2z6jSqSLs/IH0V+HCOyvSNdVw3ko
N9Ax1lUlPC2ExB48XW3VOa9S67j1svWctG41PY6cfg7DA6CkxKNIaKcD6HUiWBy8
HiXVx6LKVKm/qiNCT338vDZwaGPTtnpJTtxe2Ay0cvQyFqyE231FESJSFeyCL45X
o1g37HYBfslCwwlcz38xD7bAWtE+EFifjZXnmmM6bNYy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:17 2025 by rpki-client