Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/_ch952VpYAK-X8GEdAlcOr-RO2A.roa
File: _ch952VpYAK-X8GEdAlcOr-RO2A.roa (raw, json)
Hash identifier: +B0djcN0stbgdlXVyenn8wxatwaofOL+u4ESs5Cdnbs=
Subject key identifier: FD:C8:7D:E7:65:69:60:02:BE:5F:C1:84:74:09:5C:3A:BF:91:3B:60
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 01874D65906427EDF243F0EDEDDA98376B4B
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/_ch952VpYAK-X8GEdAlcOr-RO2A.roa
Signing time: Tue 04 Apr 2023 17:51:54 +0000
ROA not before: Tue 04 Apr 2023 17:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.232.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:65:90:64:27:ed:f2:43:f0:ed:ed:da:98:37:6b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Apr 4 17:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdc87de765696002be5fc18474095c3abf913b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ab:60:69:dd:58:53:de:72:bb:89:64:27:bf:
73:7b:89:2b:43:f6:dc:70:23:ad:d6:7c:fc:58:45:
f3:9d:73:c6:a2:d3:c3:c0:c2:a1:45:a1:34:1b:a1:
a9:34:23:b2:30:47:29:28:c7:3c:a7:3a:e4:c3:0a:
f7:ca:6b:cc:b3:a3:da:2f:9d:9f:07:c2:20:37:26:
cc:94:0f:28:67:e8:56:bb:68:78:7f:33:b7:f6:1e:
10:02:e6:cc:33:ff:aa:43:45:b8:d8:45:4e:69:30:
a1:8f:71:58:fb:d9:f0:96:dc:ba:f3:18:80:25:a8:
19:18:8d:af:81:5b:72:9b:7f:2b:d0:85:cd:a0:73:
c6:ea:dd:a8:2c:1f:dd:50:a5:64:93:16:6b:8d:3b:
5b:3f:ab:c1:e0:c1:9e:05:3e:4c:6e:a0:08:a5:6a:
a2:0c:6e:77:d0:eb:f4:36:71:82:56:e1:e0:7a:e8:
e3:d8:ba:35:66:55:e8:4e:d0:a8:5a:50:30:e4:e5:
c0:c5:e1:8f:39:e8:ed:b9:9c:bc:b9:b2:7e:3f:8f:
0a:a5:46:10:70:68:5d:fa:a1:fc:fa:52:8f:a2:6a:
91:cb:39:38:74:d6:18:52:a2:ea:00:2a:3b:85:8d:
54:03:e2:48:c4:25:56:a9:79:e6:fc:16:56:4a:c5:
90:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C8:7D:E7:65:69:60:02:BE:5F:C1:84:74:09:5C:3A:BF:91:3B:60
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/_ch952VpYAK-X8GEdAlcOr-RO2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.103.0/24
Signature Algorithm: sha256WithRSAEncryption
78:45:73:a1:8d:50:a7:b6:5c:14:d1:15:cb:a2:6c:e7:50:e0:
63:ef:c1:41:a4:a4:92:44:0d:4a:1d:14:d4:8d:90:44:cf:fd:
5e:13:74:1e:2d:31:39:22:d8:3a:98:8c:72:59:01:25:1d:aa:
b3:df:72:23:f3:b5:82:03:67:c6:e5:1d:40:90:60:67:5d:29:
c4:80:66:b2:95:27:f4:ae:6c:29:62:49:15:9a:89:b6:22:18:
aa:5c:0d:f8:30:10:b6:b2:18:39:93:5d:9c:24:08:6d:89:f8:
9d:67:1c:5d:c3:ac:7c:bc:6c:e1:cd:0b:b8:cb:6a:d4:51:f6:
47:ad:64:9a:0d:c7:68:88:ed:ed:ea:15:f9:39:f1:7f:2e:08:
36:3c:e7:3c:d5:d7:82:f7:77:83:2f:a0:e7:e0:58:21:05:36:
f7:36:14:16:53:99:6e:9f:93:c2:5d:8e:52:37:b8:11:85:a5:
a1:cd:2b:d3:e7:b5:12:67:7b:09:b9:05:ac:e0:ac:85:fd:f6:
6a:e4:ff:72:1d:5a:7e:28:c0:34:5a:6f:7b:ec:97:66:98:9d:
f6:03:0c:6b:c0:28:4b:98:68:37:90:00:68:d4:23:f7:d3:6e:
0e:85:63:7e:9f:30:b8:0c:91:aa:f1:dd:2c:f0:77:88:4e:7b:
36:7c:ea:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdNZZBkJ+3yQ/Dt7dqYN2tLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjMwNDA0MTc1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM4N2RlNzY1Njk2MDAyYmU1ZmMxODQ3NDA5NWMzYWJmOTEzYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKtgad1YU95yu4lkJ79ze4krQ/bc
cCOt1nz8WEXznXPGotPDwMKhRaE0G6GpNCOyMEcpKMc8pzrkwwr3ymvMs6PaL52f
B8IgNybMlA8oZ+hWu2h4fzO39h4QAubMM/+qQ0W42EVOaTChj3FY+9nwlty68xiA
JagZGI2vgVtym38r0IXNoHPG6t2oLB/dUKVkkxZrjTtbP6vB4MGeBT5MbqAIpWqi
DG530Ov0NnGCVuHgeujj2Lo1ZlXoTtCoWlAw5OXAxeGPOejtuZy8ubJ+P48KpUYQ
cGhd+qH8+lKPomqRyzk4dNYYUqLqACo7hY1UA+JIxCVWqXnm/BZWSsWQPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3IfedlaWACvl/BhHQJXDq/kTtgMB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvX2NoOTUyVnBZQUstWDhHRWRBbGNPci1STzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hnMA0G
CSqGSIb3DQEBCwUAA4IBAQB4RXOhjVCntlwU0RXLomznUOBj78FBpKSSRA1KHRTU
jZBEz/1eE3QeLTE5Itg6mIxyWQElHaqz33Ij87WCA2fG5R1AkGBnXSnEgGaylSf0
rmwpYkkVmom2IhiqXA34MBC2shg5k12cJAhtifidZxxdw6x8vGzhzQu4y2rUUfZH
rWSaDcdoiO3t6hX5OfF/Lgg2POc81deC93eDL6Dn4FghBTb3NhQWU5lun5PCXY5S
N7gRhaWhzSvT57USZ3sJuQWs4KyF/fZq5P9yHVp+KMA0Wm977JdmmJ32AwxrwChL
mGg3kABo1CP3024OhWN+nzC4DJGq8d0s8HeITns2fOrB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:11 2025 by rpki-client