Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/96184d-5981-4702-9d32-6cc0daf341c4/1/JoC9YOgNXULgFeuI6qXVdkWeqeE.roa
File: JoC9YOgNXULgFeuI6qXVdkWeqeE.roa (raw, json)
Hash identifier: QAwyemxKLy96kHOcB8e2BJSJGuxZ8fa5BOklM4LqkkQ=
Subject key identifier: 26:80:BD:60:E8:0D:5D:42:E0:15:EB:88:EA:A5:D5:76:45:9E:A9:E1
Certificate issuer: /CN=0ffe0011ebe4f216c58d3ab42812b98402be0b2c
Certificate serial: 01856F0B47CB032713690CE766CCB38D3D40
Authority key identifier: 0F:FE:00:11:EB:E4:F2:16:C5:8D:3A:B4:28:12:B9:84:02:BE:0B:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_4AEevk8hbFjTq0KBK5hAK-Cyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/96184d-5981-4702-9d32-6cc0daf341c4/1/JoC9YOgNXULgFeuI6qXVdkWeqeE.roa
Signing time: Sun 01 Jan 2023 20:34:48 +0000
ROA not before: Sun 01 Jan 2023 20:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 91.216.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:47:cb:03:27:13:69:0c:e7:66:cc:b3:8d:3d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ffe0011ebe4f216c58d3ab42812b98402be0b2c
Validity
Not Before: Jan 1 20:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2680bd60e80d5d42e015eb88eaa5d576459ea9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:c4:bd:05:84:00:8c:3f:74:fc:ed:99:62:
a0:03:45:23:98:74:74:03:66:af:78:2b:4d:51:23:
1f:1a:69:b1:6c:88:a9:01:16:f7:f7:91:8c:ce:6b:
2b:85:37:7a:7b:49:45:fc:c7:42:60:20:6d:ea:a6:
87:3b:5f:63:40:17:e0:df:3a:3f:84:6a:95:08:03:
cd:ae:84:5d:27:0f:77:5f:d2:2f:8d:1b:cd:e6:94:
88:ba:bd:f2:a4:ad:49:ce:7c:71:89:10:ae:16:51:
f4:40:b0:03:4d:00:d7:7c:e8:ce:19:6a:11:1e:f8:
e5:a4:87:9f:19:23:de:87:8f:e1:e4:e2:ee:41:d9:
91:27:00:b8:fe:80:c2:70:d0:63:2a:62:27:6b:61:
15:cf:36:2a:6a:47:3a:c3:27:ad:50:62:bc:a4:73:
ae:18:16:6e:09:4e:c7:8b:17:d8:0b:99:fb:98:81:
8b:c7:2e:2e:ac:85:01:34:f0:c9:5c:32:c5:53:72:
30:d0:f8:7e:b9:ea:23:d3:23:e2:ec:dd:0f:d0:9f:
8f:5b:a4:ac:22:aa:13:2c:80:80:f3:27:bd:ba:5e:
a1:7c:5d:30:a3:52:01:f2:86:0e:75:94:a2:3e:b3:
a7:d5:6d:f1:e3:78:f1:bd:c2:04:0f:51:9c:85:bd:
5b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:80:BD:60:E8:0D:5D:42:E0:15:EB:88:EA:A5:D5:76:45:9E:A9:E1
X509v3 Authority Key Identifier:
keyid:0F:FE:00:11:EB:E4:F2:16:C5:8D:3A:B4:28:12:B9:84:02:BE:0B:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_4AEevk8hbFjTq0KBK5hAK-Cyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/96184d-5981-4702-9d32-6cc0daf341c4/1/JoC9YOgNXULgFeuI6qXVdkWeqeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/96184d-5981-4702-9d32-6cc0daf341c4/1/D_4AEevk8hbFjTq0KBK5hAK-Cyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.179.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:ea:6c:ea:5a:35:f8:29:a4:28:be:26:1b:9a:0b:61:53:78:
66:a6:aa:78:73:c9:2d:b2:c6:b3:9c:69:ae:57:f2:24:a2:11:
f0:9d:55:33:dd:aa:8a:1e:7a:fa:ab:10:7f:01:4e:e1:ea:ea:
13:ed:91:2c:8c:ff:d5:05:ef:ab:27:c3:6c:4b:56:85:1c:c0:
32:01:6c:1b:9b:13:d8:a1:e4:23:8c:e1:f3:66:f3:03:61:b9:
1d:ab:2a:31:bf:fa:71:79:e3:34:ad:d3:dd:44:72:42:00:96:
a5:f0:e9:61:40:94:15:bb:6a:ab:90:a6:97:78:9a:0b:e8:de:
70:20:38:08:1e:04:1e:d6:59:82:32:36:3b:13:a3:0c:72:b4:
20:8a:4b:62:b5:10:fd:12:c3:99:6a:f9:2b:7a:0d:02:f8:66:
ea:c9:25:9c:43:76:91:a8:04:5d:c6:1f:5b:27:15:52:c3:3b:
81:82:46:4a:23:24:ed:af:72:65:8e:20:df:1d:9c:16:33:86:
67:fb:9b:5f:1a:9a:52:47:0b:a5:71:ee:cb:39:09:b3:87:d9:
b4:b6:dd:22:4c:ee:1d:b3:b6:d9:da:74:ae:10:b5:59:3e:3d:
47:3f:17:71:d4:59:b1:6d:7d:6d:be:bb:b2:5d:f6:44:ae:b4:
41:a7:4f:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC0fLAycTaQznZsyzjT1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZmUwMDExZWJlNGYyMTZjNThkM2FiNDI4MTJiOTg0MDJi
ZTBiMmMwHhcNMjMwMTAxMjAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgwYmQ2MGU4MGQ1ZDQyZTAxNWViODhlYWE1ZDU3NjQ1OWVhOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliXEvQWEAIw/dPztmWKgA0UjmHR0
A2aveCtNUSMfGmmxbIipARb395GMzmsrhTd6e0lF/MdCYCBt6qaHO19jQBfg3zo/
hGqVCAPNroRdJw93X9IvjRvN5pSIur3ypK1JznxxiRCuFlH0QLADTQDXfOjOGWoR
HvjlpIefGSPeh4/h5OLuQdmRJwC4/oDCcNBjKmIna2EVzzYqakc6wyetUGK8pHOu
GBZuCU7HixfYC5n7mIGLxy4urIUBNPDJXDLFU3Iw0Ph+ueoj0yPi7N0P0J+PW6Ss
IqoTLICA8ye9ul6hfF0wo1IB8oYOdZSiPrOn1W3x43jxvcIED1Gchb1bEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCaAvWDoDV1C4BXriOql1XZFnqnhMB8GA1UdIwQY
MBaAFA/+ABHr5PIWxY06tCgSuYQCvgssMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF80QUVldms4aGJGalRxMEtCSzVoQUstQ3l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS85NjE4NGQtNTk4MS00NzAyLTlkMzIt
NmNjMGRhZjM0MWM0LzEvSm9DOVlPZ05YVUxnRmV1STZxWFZka1dlcWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS85NjE4NGQtNTk4MS00NzAyLTlkMzItNmNjMGRhZjM0MWM0
LzEvRF80QUVldms4aGJGalRxMEtCSzVoQUstQ3l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9izMA0G
CSqGSIb3DQEBCwUAA4IBAQC06mzqWjX4KaQoviYbmgthU3hmpqp4c8ktssaznGmu
V/IkohHwnVUz3aqKHnr6qxB/AU7h6uoT7ZEsjP/VBe+rJ8NsS1aFHMAyAWwbmxPY
oeQjjOHzZvMDYbkdqyoxv/pxeeM0rdPdRHJCAJal8OlhQJQVu2qrkKaXeJoL6N5w
IDgIHgQe1lmCMjY7E6MMcrQgiktitRD9EsOZavkreg0C+GbqySWcQ3aRqARdxh9b
JxVSwzuBgkZKIyTtr3JljiDfHZwWM4Zn+5tfGppSRwulce7LOQmzh9m0tt0iTO4d
s7bZ2nSuELVZPj1HPxdx1FmxbX1tvruyXfZErrRBp0+n
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:04:41 2025 by rpki-client