Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/zy770RSvC3l-DxBPoJVzG1SV4C0.roa
File: zy770RSvC3l-DxBPoJVzG1SV4C0.roa (raw, json)
Hash identifier: 5NkrmG8TeXXyeMezQOzuSqpzUHCw6PiZdSlya+LNDS4=
Subject key identifier: CF:2E:FB:D1:14:AF:0B:79:7E:0F:10:4F:A0:95:73:1B:54:95:E0:2D
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 0188148486A01CEE1B25CD906CE7CC50C89F
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/zy770RSvC3l-DxBPoJVzG1SV4C0.roa
Signing time: Sat 13 May 2023 09:50:09 +0000
ROA not before: Sat 13 May 2023 09:50:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.232.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:14:84:86:a0:1c:ee:1b:25:cd:90:6c:e7:cc:50:c8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: May 13 09:50:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf2efbd114af0b797e0f104fa095731b5495e02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e2:ca:8b:49:13:58:4d:9f:15:f2:1a:da:ed:
84:20:30:48:71:86:a6:65:8d:16:2a:80:9c:b0:90:
34:43:a6:44:32:78:d4:45:bb:df:7b:18:23:6d:e6:
ad:4a:59:df:55:c4:a5:03:34:7e:20:9f:39:da:58:
fe:a4:3e:9b:a9:b2:70:c0:bc:cb:0a:f0:57:a2:d9:
38:59:7e:47:ad:dd:6c:e9:5b:1a:53:36:77:a9:73:
ce:36:3c:e1:7d:7d:de:8f:00:73:b0:c9:d9:18:0c:
85:be:f1:cd:c8:3c:44:6e:47:4b:25:2d:e1:a3:22:
59:28:73:66:75:9c:ec:71:3c:69:8d:dd:fe:49:c3:
2e:a2:1c:d4:52:8e:be:f9:41:38:01:2b:6c:d4:e2:
14:4c:1a:a3:a0:5c:d0:fb:5e:58:73:57:b3:45:4a:
c5:4a:4b:32:e5:e2:a7:5d:f3:11:96:dd:14:94:d2:
52:6e:92:74:8d:9d:c6:6b:02:1d:66:a7:0b:c1:9a:
2e:e3:33:32:8b:46:ce:95:8c:c2:33:39:1b:64:41:
21:b6:c7:1b:2d:82:3f:fa:87:85:7a:98:92:c4:cf:
a0:bf:86:56:d1:40:82:85:f5:19:1c:28:33:e7:7d:
73:f3:56:b7:9d:c2:3f:58:03:9d:ad:6d:64:8f:67:
62:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2E:FB:D1:14:AF:0B:79:7E:0F:10:4F:A0:95:73:1B:54:95:E0:2D
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/zy770RSvC3l-DxBPoJVzG1SV4C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.103.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a9:f6:04:0c:bc:dd:df:9e:d3:47:ad:53:f9:83:26:bb:0f:
7d:de:00:64:f2:f7:a1:09:c2:a0:bf:80:64:a8:21:fe:86:d3:
42:b4:b9:ba:fc:eb:af:99:81:e7:1d:78:3a:ce:ba:b8:2a:a8:
7b:10:80:3c:de:e9:b8:b9:72:ad:d5:81:47:8a:09:6a:f6:7d:
54:c7:10:7b:0e:46:75:d4:45:04:08:44:48:31:9c:53:53:49:
a2:7c:d9:72:78:a0:6c:27:55:c8:d6:52:53:80:fc:bd:b2:43:
05:3a:b1:26:b6:1e:d8:de:2c:a2:07:62:ae:1c:9c:59:9c:9c:
ef:5c:9c:4d:52:fa:64:f1:db:c2:35:4f:84:d7:ab:45:75:06:
9e:af:73:9d:86:86:e4:76:ca:1b:18:13:c3:d6:de:a4:13:3f:
eb:2c:ec:54:b0:e0:e2:59:96:90:d9:b1:4b:41:0c:ed:b7:29:
17:75:67:c2:9f:32:ae:29:bd:a2:d7:4e:1f:95:b7:e8:99:ac:
d4:0e:e3:5a:c4:36:e6:a7:eb:b8:65:3f:b8:65:88:47:8e:2a:
e3:74:84:c7:fc:ff:1b:d7:35:18:de:5a:07:49:bd:16:fe:e0:
d9:1d:ac:87:56:db:66:24:b0:f6:22:12:2e:c3:56:12:65:fe:
8c:d8:db:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgUhIagHO4bJc2QbOfMUMifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjMwNTEzMDk1MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJlZmJkMTE0YWYwYjc5N2UwZjEwNGZhMDk1NzMxYjU0OTVlMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeLKi0kTWE2fFfIa2u2EIDBIcYam
ZY0WKoCcsJA0Q6ZEMnjURbvfexgjbeatSlnfVcSlAzR+IJ852lj+pD6bqbJwwLzL
CvBXotk4WX5Hrd1s6VsaUzZ3qXPONjzhfX3ejwBzsMnZGAyFvvHNyDxEbkdLJS3h
oyJZKHNmdZzscTxpjd3+ScMuohzUUo6++UE4ASts1OIUTBqjoFzQ+15Yc1ezRUrF
Sksy5eKnXfMRlt0UlNJSbpJ0jZ3GawIdZqcLwZou4zMyi0bOlYzCMzkbZEEhtscb
LYI/+oeFepiSxM+gv4ZW0UCChfUZHCgz531z81a3ncI/WAOdrW1kj2dixwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8u+9EUrwt5fg8QT6CVcxtUleAtMB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvenk3NzBSU3ZDM2wtRHhCUG9KVnpHMVNWNEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hnMA0G
CSqGSIb3DQEBCwUAA4IBAQBzqfYEDLzd357TR61T+YMmuw993gBk8vehCcKgv4Bk
qCH+htNCtLm6/OuvmYHnHXg6zrq4Kqh7EIA83um4uXKt1YFHiglq9n1UxxB7DkZ1
1EUECERIMZxTU0mifNlyeKBsJ1XI1lJTgPy9skMFOrEmth7Y3iyiB2KuHJxZnJzv
XJxNUvpk8dvCNU+E16tFdQaer3OdhobkdsobGBPD1t6kEz/rLOxUsODiWZaQ2bFL
QQzttykXdWfCnzKuKb2i104flbfomazUDuNaxDbmp+u4ZT+4ZYhHjirjdITH/P8b
1zUY3loHSb0W/uDZHayHVttmJLD2IhIuw1YSZf6M2Nuj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:52 2025 by rpki-client