Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/jDRmLyKh33tG_yHOp8XiQHKYaYw.roa
File: jDRmLyKh33tG_yHOp8XiQHKYaYw.roa (raw, json)
Hash identifier: 6PxjCzhjH2LpdDPrcLJZuKPppkuthC6N+9pVCP7d5Ig=
Subject key identifier: 8C:34:66:2F:22:A1:DF:7B:46:FF:21:CE:A7:C5:E2:40:72:98:69:8C
Certificate issuer: /CN=ab45364e49dc3a15beff269c3a32b3c0541c8b66
Certificate serial: 01856DE65A2A49D6B3E21B56AAC0BE12D322
Authority key identifier: AB:45:36:4E:49:DC:3A:15:BE:FF:26:9C:3A:32:B3:C0:54:1C:8B:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q0U2TkncOhW-_yacOjKzwFQci2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/jDRmLyKh33tG_yHOp8XiQHKYaYw.roa
Signing time: Sun 01 Jan 2023 15:14:50 +0000
ROA not before: Sun 01 Jan 2023 15:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56513
IP address blocks: 91.224.172.0/23 maxlen: 23
2001:67c:548::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:5a:2a:49:d6:b3:e2:1b:56:aa:c0:be:12:d3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab45364e49dc3a15beff269c3a32b3c0541c8b66
Validity
Not Before: Jan 1 15:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c34662f22a1df7b46ff21cea7c5e2407298698c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:70:d4:d4:0e:96:52:dd:a8:bc:f7:ea:7e:3c:
9d:2f:8b:11:e9:4b:ab:2a:a2:f3:11:b3:a9:86:ab:
75:8c:6d:72:ec:07:65:e0:00:41:ce:01:4d:42:bd:
d5:51:4e:1a:ba:2d:3f:78:f3:42:60:74:90:75:87:
b5:e4:20:9c:c1:f6:95:64:5d:5b:75:95:4a:70:26:
db:0c:55:a8:46:be:52:85:94:66:a2:11:bd:16:e7:
f5:e4:52:56:82:c6:72:22:f3:1c:4b:f4:9a:d9:c0:
aa:7a:21:1a:0c:de:f6:c9:39:c0:85:13:96:85:24:
a3:b7:1f:50:d5:91:5a:a7:48:93:a2:60:b8:6d:45:
74:20:f3:26:12:3b:6e:10:05:75:c2:8e:10:95:a1:
2e:31:21:85:b3:c3:ed:92:49:29:9a:7f:c2:7f:2e:
13:00:58:e8:b2:5f:4e:8d:0b:19:fd:f6:ce:4f:38:
e5:bb:0b:8b:cf:97:67:58:d3:a8:36:24:5b:c1:26:
74:31:e3:f3:c9:d2:ad:fb:73:88:ed:c0:24:f6:8c:
a8:b3:7f:e2:2d:db:96:30:8b:c7:11:b7:b2:03:69:
82:95:cb:14:11:38:79:28:bd:97:c2:73:d0:2d:06:
70:6a:9a:96:d6:11:5a:f2:17:15:c8:f4:7b:fd:14:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:34:66:2F:22:A1:DF:7B:46:FF:21:CE:A7:C5:E2:40:72:98:69:8C
X509v3 Authority Key Identifier:
keyid:AB:45:36:4E:49:DC:3A:15:BE:FF:26:9C:3A:32:B3:C0:54:1C:8B:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q0U2TkncOhW-_yacOjKzwFQci2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/jDRmLyKh33tG_yHOp8XiQHKYaYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.172.0/23
IPv6:
2001:67c:548::/48
Signature Algorithm: sha256WithRSAEncryption
69:bc:bf:d1:e2:c7:b2:56:04:7e:2f:fc:4c:7a:af:67:40:c2:
4b:c4:e2:e7:c3:04:1e:1d:37:29:32:95:54:73:cf:ab:97:03:
f0:d7:bf:88:ba:3c:74:ad:61:eb:e7:75:b3:fd:dc:f9:16:9d:
0c:e2:fa:8c:66:4d:3e:d8:02:0a:2c:8e:0a:93:55:2f:cb:9c:
60:95:6c:e2:ab:11:25:1e:25:e5:60:2e:4f:b6:80:62:33:4d:
74:d9:a0:b2:c2:16:de:7d:70:e9:94:1d:52:59:ea:70:1c:16:
9f:10:f1:91:2c:f0:dd:68:a0:a4:9a:da:ba:e6:ef:47:49:81:
ff:7d:30:99:c0:79:74:2d:06:ee:8a:43:56:cd:e3:5e:8f:c9:
41:a5:9c:60:48:43:05:9f:3f:d4:f7:e8:a8:88:a4:2c:ad:30:
9c:bb:09:ab:36:04:38:a2:8c:57:e2:3a:4b:8b:48:69:db:32:
4d:c8:c9:63:0b:8c:3e:14:34:cd:cd:3e:cf:a6:28:e3:11:36:
28:b9:ef:b8:63:0e:44:34:81:f0:17:43:2c:e8:71:eb:a0:b2:
7f:35:ab:c5:57:de:dd:5d:93:17:a0:24:50:5a:82:a8:df:bd:
d1:5f:25:49:72:a1:30:5a:6e:ab:74:3a:3b:61:c2:32:e3:2f:
8d:ec:c1:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVt5loqSdaz4htWqsC+EtMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNDUzNjRlNDlkYzNhMTViZWZmMjY5YzNhMzJiM2MwNTQx
YzhiNjYwHhcNMjMwMTAxMTUxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzM0NjYyZjIyYTFkZjdiNDZmZjIxY2VhN2M1ZTI0MDcyOTg2OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHDU1A6WUt2ovPfqfjydL4sR6Uur
KqLzEbOphqt1jG1y7Adl4ABBzgFNQr3VUU4aui0/ePNCYHSQdYe15CCcwfaVZF1b
dZVKcCbbDFWoRr5ShZRmohG9Fuf15FJWgsZyIvMcS/Sa2cCqeiEaDN72yTnAhROW
hSSjtx9Q1ZFap0iTomC4bUV0IPMmEjtuEAV1wo4QlaEuMSGFs8Ptkkkpmn/Cfy4T
AFjosl9OjQsZ/fbOTzjluwuLz5dnWNOoNiRbwSZ0MePzydKt+3OI7cAk9oyos3/i
LduWMIvHEbeyA2mClcsUETh5KL2XwnPQLQZwapqW1hFa8hcVyPR7/RTHbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIw0Zi8iod97Rv8hzqfF4kBymGmMMB8GA1UdIwQY
MBaAFKtFNk5J3DoVvv8mnDoys8BUHItmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTBVMlRrbmNPaFctX3lhY09qS3p3RlFjaTJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny81YWFmMjUtOTc0OC00NTkyLWE0OTct
ZjhiZDI1MDQ1NGViLzEvakRSbUx5S2gzM3RHX3lIT3A4WGlRSEtZYVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny81YWFmMjUtOTc0OC00NTkyLWE0OTctZjhiZDI1MDQ1NGVi
LzEvcTBVMlRrbmNPaFctX3lhY09qS3p3RlFjaTJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+CsMA8E
AgACMAkDBwAgAQZ8BUgwDQYJKoZIhvcNAQELBQADggEBAGm8v9Hix7JWBH4v/Ex6
r2dAwkvE4ufDBB4dNykylVRzz6uXA/DXv4i6PHStYevndbP93PkWnQzi+oxmTT7Y
AgosjgqTVS/LnGCVbOKrESUeJeVgLk+2gGIzTXTZoLLCFt59cOmUHVJZ6nAcFp8Q
8ZEs8N1ooKSa2rrm70dJgf99MJnAeXQtBu6KQ1bN416PyUGlnGBIQwWfP9T36KiI
pCytMJy7Cas2BDiijFfiOkuLSGnbMk3IyWMLjD4UNM3NPs+mKOMRNii577hjDkQ0
gfAXQyzoceugsn81q8VX3t1dkxegJFBagqjfvdFfJUlyoTBabqt0OjthwjLjL43s
wXY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:48 2025 by rpki-client