Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/534kmiyWbfvg8MTJ6qWUCr6JvcQ.roa
File: 534kmiyWbfvg8MTJ6qWUCr6JvcQ.roa (raw, json)
Hash identifier: rqa7rTUL5wn25I2VurLYF/GRHMAY5de2Bol1vohw6MU=
Subject key identifier: E7:7E:24:9A:2C:96:6D:FB:E0:F0:C4:C9:EA:A5:94:0A:BE:89:BD:C4
Certificate issuer: /CN=b2d0a0c68a2039ff0ca514024115271c8a046608
Certificate serial: 0187BDBAFE39C647F0106C79723467FC63EE
Authority key identifier: B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/534kmiyWbfvg8MTJ6qWUCr6JvcQ.roa
Signing time: Wed 26 Apr 2023 13:22:41 +0000
ROA not before: Wed 26 Apr 2023 13:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 91.240.78.0/24 maxlen: 24
91.240.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:ba:fe:39:c6:47:f0:10:6c:79:72:34:67:fc:63:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d0a0c68a2039ff0ca514024115271c8a046608
Validity
Not Before: Apr 26 13:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e77e249a2c966dfbe0f0c4c9eaa5940abe89bdc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c4:1c:ce:2e:57:ce:9b:36:95:b7:cf:47:c5:
1c:16:01:80:eb:7d:ca:ca:e3:9a:57:88:ab:80:fd:
27:bf:6f:15:6c:27:10:cc:62:fb:d8:02:cb:59:aa:
5e:6e:d2:bd:24:c2:9b:51:b9:2c:f2:c2:ce:19:6a:
29:d9:9e:76:38:f4:fc:08:48:f4:50:38:1e:fb:a6:
98:47:43:e9:b6:f8:39:69:3c:f4:01:55:52:8a:24:
ac:6d:6d:1a:99:91:0a:f9:43:80:b4:83:a0:cd:1a:
b2:8b:e8:03:bc:60:2c:6a:60:be:8f:8e:f5:14:49:
56:38:97:c9:19:79:e3:07:1a:f2:83:86:36:45:e8:
6f:24:7e:e0:ba:8d:2c:3d:7e:fd:f1:a1:60:6f:50:
e5:ee:c9:5e:9d:ea:6e:eb:05:d9:10:8c:e1:84:b3:
7b:b7:19:5d:6c:f8:b2:ba:24:b9:c6:14:4e:29:aa:
8c:13:bb:79:b0:d6:40:20:4f:4f:fb:66:d3:47:af:
d1:cc:e7:89:31:48:99:8b:e7:e6:ca:e1:26:14:a5:
3b:0e:87:5f:5c:0f:9e:a1:e2:91:81:cd:5f:ca:84:
0a:07:7e:a1:b4:08:35:b5:da:ec:10:cd:1b:03:e4:
a7:8e:77:8e:12:93:f1:27:ef:d0:a9:14:35:3d:f8:
3d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7E:24:9A:2C:96:6D:FB:E0:F0:C4:C9:EA:A5:94:0A:BE:89:BD:C4
X509v3 Authority Key Identifier:
keyid:B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/534kmiyWbfvg8MTJ6qWUCr6JvcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.78.0/23
Signature Algorithm: sha256WithRSAEncryption
42:8e:4f:c0:53:4b:ff:26:13:0d:33:0a:94:a2:07:97:b1:1b:
72:f3:82:22:bc:b8:4b:fa:34:c2:ea:5e:65:a7:e8:32:f1:12:
ad:55:45:3f:e8:59:c4:2c:d3:31:e1:30:12:26:2c:ed:29:87:
30:b8:86:f9:42:eb:fe:e9:54:df:aa:53:5a:ca:7c:7b:90:47:
3c:4d:a1:46:f7:2f:c7:2f:ad:10:84:07:ab:fe:f8:09:c0:22:
a8:0c:ff:5c:22:45:30:f4:fb:ba:3f:61:14:dc:37:81:15:2e:
1b:2e:13:15:18:1f:6d:6e:2d:7f:04:dc:d4:04:58:25:51:80:
1a:dd:24:85:f2:a5:ef:93:d7:de:78:17:af:02:b3:61:da:30:
a5:0c:6b:01:f3:3e:c2:a3:ec:e4:c4:f4:d3:c2:40:99:73:fa:
4d:dc:f8:89:1d:5d:7b:f9:52:31:13:69:99:13:e9:41:a8:b5:
f9:2d:eb:f5:2f:ae:64:d2:fd:dd:e7:b7:c1:d7:cc:93:2b:0c:
b4:71:87:f6:1a:11:fc:40:82:2a:bf:fe:b6:17:08:17:36:59:
60:5a:76:19:74:15:0a:ad:b1:48:07:fd:d6:af:01:ea:6f:e7:
23:8f:86:ee:90:6e:28:dd:1b:7c:29:d3:ff:52:77:7b:f9:2b:
0d:76:49:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9uv45xkfwEGx5cjRn/GPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDBhMGM2OGEyMDM5ZmYwY2E1MTQwMjQxMTUyNzFjOGEw
NDY2MDgwHhcNMjMwNDI2MTMyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzdlMjQ5YTJjOTY2ZGZiZTBmMGM0YzllYWE1OTQwYWJlODliZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Qczi5Xzps2lbfPR8UcFgGA633K
yuOaV4irgP0nv28VbCcQzGL72ALLWapebtK9JMKbUbks8sLOGWop2Z52OPT8CEj0
UDge+6aYR0Pptvg5aTz0AVVSiiSsbW0amZEK+UOAtIOgzRqyi+gDvGAsamC+j471
FElWOJfJGXnjBxryg4Y2RehvJH7guo0sPX798aFgb1Dl7slenepu6wXZEIzhhLN7
txldbPiyuiS5xhROKaqME7t5sNZAIE9P+2bTR6/RzOeJMUiZi+fmyuEmFKU7Dodf
XA+eoeKRgc1fyoQKB36htAg1tdrsEM0bA+SnjneOEpPxJ+/QqRQ1Pfg9kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOd+JJoslm374PDEyeqllAq+ib3EMB8GA1UdIwQY
MBaAFLLQoMaKIDn/DKUUAkEVJxyKBGYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQt
NDFhYjdjODcyZmVhLzEvNTM0a21peVdiZnZnOE1USjZxV1VDcjZKdmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQtNDFhYjdjODcyZmVh
LzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/BOMA0G
CSqGSIb3DQEBCwUAA4IBAQBCjk/AU0v/JhMNMwqUogeXsRty84IivLhL+jTC6l5l
p+gy8RKtVUU/6FnELNMx4TASJiztKYcwuIb5Quv+6VTfqlNaynx7kEc8TaFG9y/H
L60QhAer/vgJwCKoDP9cIkUw9Pu6P2EU3DeBFS4bLhMVGB9tbi1/BNzUBFglUYAa
3SSF8qXvk9feeBevArNh2jClDGsB8z7Co+zkxPTTwkCZc/pN3PiJHV17+VIxE2mZ
E+lBqLX5Lev1L65k0v3d57fB18yTKwy0cYf2GhH8QIIqv/62FwgXNllgWnYZdBUK
rbFIB/3WrwHqb+cjj4bukG4o3Rt8KdP/Und7+SsNdkmH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:13 2025 by rpki-client