Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/dhYH4EWgg4b8x8HoTl0HxItPyik.roa
File: dhYH4EWgg4b8x8HoTl0HxItPyik.roa (raw, json)
Hash identifier: 8atCmogrLstA1fTaI74D4qO7GvyNT6a+yh9B3qH4ChU=
Subject key identifier: 76:16:07:E0:45:A0:83:86:FC:C7:C1:E8:4E:5D:07:C4:8B:4F:CA:29
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01874BA988D4250438E355B22FF246845BDC
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/dhYH4EWgg4b8x8HoTl0HxItPyik.roa
Signing time: Tue 04 Apr 2023 09:46:54 +0000
ROA not before: Tue 04 Apr 2023 09:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21343
IP address blocks: 91.223.19.0/24 maxlen: 24
2a02:2278:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:a9:88:d4:25:04:38:e3:55:b2:2f:f2:46:84:5b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Apr 4 09:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=761607e045a08386fcc7c1e84e5d07c48b4fca29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6a:6d:2f:4b:dd:fb:59:7b:80:7b:21:72:23:
ef:b7:38:6c:4d:63:49:75:91:7b:25:49:1d:f8:f5:
06:32:e3:49:9b:80:a1:76:39:90:4f:21:47:e9:23:
cb:31:00:13:52:d4:90:70:ca:3e:fe:5a:98:52:20:
f7:3e:d0:e0:bb:d1:f5:de:02:e6:21:02:33:dd:9a:
b0:54:4b:30:f6:63:9d:87:50:f5:d2:83:02:2c:c8:
d1:de:89:30:c6:0b:7d:f4:8d:d0:e1:a5:f2:57:80:
2b:92:c9:24:dc:cd:85:c0:4c:54:2c:f4:5b:24:93:
b7:aa:ee:71:65:42:bb:70:98:f0:b7:bd:c5:68:25:
af:bc:89:64:7b:fd:c6:a2:ad:f0:1a:be:14:ce:cd:
ea:28:ff:52:75:96:f4:20:df:8d:1c:cd:99:d1:5f:
81:52:f5:6a:8c:a0:26:1f:05:ab:8b:ba:e0:dd:18:
24:d4:bb:5c:b2:0a:43:40:6b:5f:84:5d:66:13:ed:
cd:43:f8:cf:1c:e2:9c:0d:9c:90:9e:8e:1c:29:c8:
cb:19:8d:ae:01:78:40:a0:73:dc:2d:66:5e:20:71:
d8:56:51:bb:06:7a:ca:09:f2:de:35:57:1d:ae:bb:
5f:5c:26:ac:c9:77:9e:a5:09:d1:b7:43:23:4a:3f:
4e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:16:07:E0:45:A0:83:86:FC:C7:C1:E8:4E:5D:07:C4:8B:4F:CA:29
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/dhYH4EWgg4b8x8HoTl0HxItPyik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.19.0/24
IPv6:
2a02:2278:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
53:c2:aa:ed:5c:3e:09:07:5e:11:6e:f2:47:c5:cc:b0:44:ae:
cd:9d:e7:cb:d6:40:cc:29:c6:53:e0:18:5e:7d:6c:b8:a0:66:
0a:08:af:8f:23:6c:86:b8:41:82:e6:08:1f:e3:eb:f6:ef:bf:
00:7d:ed:51:34:13:d4:72:d3:d2:e4:39:d6:7d:2e:00:dc:f2:
2b:c8:70:58:e6:81:0e:4b:5c:47:9d:e6:32:e7:30:ff:fd:5c:
0b:2a:7c:31:6d:4d:56:f5:fd:f3:f9:c5:61:d6:62:21:87:41:
28:21:2a:02:10:c3:67:a5:c3:95:ff:51:54:3e:11:33:f2:91:
3c:98:f5:37:17:9c:1c:c7:26:eb:d9:76:13:a2:0c:9d:18:48:
3c:b0:c0:b3:b6:07:26:7b:67:76:c9:23:e6:c7:1c:bd:e4:a9:
d4:13:00:76:da:f9:d7:fb:e9:fe:b4:cc:07:a1:4f:1c:9b:a1:
34:62:0f:94:ac:59:80:f7:b8:a0:bd:dc:ce:9c:4c:12:2f:24:
d1:92:32:4d:6d:77:b8:d1:2d:0f:1b:4f:cc:57:fa:b1:e2:4a:
c3:06:a0:55:5a:73:75:ad:98:ea:83:a2:61:ef:ac:6a:fc:9d:
dc:c9:1b:7a:9e:50:5a:76:79:b0:b1:87:78:6f:14:56:da:a3:
ab:f8:26:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdLqYjUJQQ441WyL/JGhFvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwNDA0MDk0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE2MDdlMDQ1YTA4Mzg2ZmNjN2MxZTg0ZTVkMDdjNDhiNGZjYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWptL0vd+1l7gHshciPvtzhsTWNJ
dZF7JUkd+PUGMuNJm4ChdjmQTyFH6SPLMQATUtSQcMo+/lqYUiD3PtDgu9H13gLm
IQIz3ZqwVEsw9mOdh1D10oMCLMjR3okwxgt99I3Q4aXyV4Arkskk3M2FwExULPRb
JJO3qu5xZUK7cJjwt73FaCWvvIlke/3Goq3wGr4Uzs3qKP9SdZb0IN+NHM2Z0V+B
UvVqjKAmHwWri7rg3Rgk1LtcsgpDQGtfhF1mE+3NQ/jPHOKcDZyQno4cKcjLGY2u
AXhAoHPcLWZeIHHYVlG7BnrKCfLeNVcdrrtfXCasyXeepQnRt0MjSj9OIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHYWB+BFoIOG/MfB6E5dB8SLT8opMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvZGhZSDRFV2dnNGI4eDhIb1RsMEh4SXRQeWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW98TMA8E
AgACMAkDBwAqAiJ4//8wDQYJKoZIhvcNAQELBQADggEBAFPCqu1cPgkHXhFu8kfF
zLBErs2d58vWQMwpxlPgGF59bLigZgoIr48jbIa4QYLmCB/j6/bvvwB97VE0E9Ry
09LkOdZ9LgDc8ivIcFjmgQ5LXEed5jLnMP/9XAsqfDFtTVb1/fP5xWHWYiGHQSgh
KgIQw2elw5X/UVQ+ETPykTyY9TcXnBzHJuvZdhOiDJ0YSDywwLO2ByZ7Z3bJI+bH
HL3kqdQTAHba+df76f60zAehTxyboTRiD5SsWYD3uKC93M6cTBIvJNGSMk1td7jR
LQ8bT8xX+rHiSsMGoFVac3WtmOqDomHvrGr8ndzJG3qeUFp2ebCxh3hvFFbao6v4
JmE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:20 2025 by rpki-client