Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/ajiCODeVSi2whCuJknxAtbtj44I.roa
File: ajiCODeVSi2whCuJknxAtbtj44I.roa (raw, json)
Hash identifier: jC+VoXI88hjY3V5dyWqxHkrVyUofU9rodNRbSzi+Flo=
Subject key identifier: 6A:38:82:38:37:95:4A:2D:B0:84:2B:89:92:7C:40:B5:BB:63:E3:82
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 01857246DE47F4C4F9E8B841C0270B8175A9
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/ajiCODeVSi2whCuJknxAtbtj44I.roa
Signing time: Mon 02 Jan 2023 11:38:44 +0000
ROA not before: Mon 02 Jan 2023 11:38:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47682
IP address blocks: 91.205.8.0/22 maxlen: 22
2001:67c:18c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:de:47:f4:c4:f9:e8:b8:41:c0:27:0b:81:75:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: Jan 2 11:38:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a38823837954a2db0842b89927c40b5bb63e382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:01:b7:0a:0d:1a:f8:2c:09:63:55:a7:53:
5d:21:4b:ac:8c:d5:fd:2d:2e:36:4b:c8:78:c7:32:
94:c6:0c:e0:1e:17:c2:44:37:10:3b:a4:4b:1e:10:
6d:3f:34:66:79:03:22:6f:95:d7:8b:45:ae:65:c0:
f0:de:72:3f:0a:e3:7d:fd:0d:0b:22:83:bc:5d:34:
98:c2:2a:25:74:90:5d:a5:94:a2:44:8c:17:18:f6:
d1:a9:a8:96:a7:d4:31:51:98:49:86:aa:3c:81:aa:
02:65:72:91:fe:80:7e:88:1b:e6:85:73:70:e5:8f:
04:6a:d8:3f:b7:8c:c1:5a:9a:92:41:aa:c3:74:7a:
ce:e1:cc:15:3a:1d:0f:5c:44:a9:97:14:fe:c7:ab:
aa:c4:b2:2b:bf:bc:a5:96:10:b7:a0:a1:fe:9f:f4:
57:d4:44:ae:30:d5:f8:ef:72:7b:d5:55:dd:44:5a:
de:53:95:98:0c:8c:99:73:34:b0:65:3f:40:ae:d7:
65:ad:72:36:39:8e:bb:4e:09:c9:2a:c1:51:d5:64:
86:6d:56:fb:a9:f7:57:0d:14:b7:7b:56:31:bd:c4:
ff:1e:4c:9e:72:3e:39:32:70:0e:f2:fe:18:cd:77:
bf:5a:1f:8b:cf:8d:97:63:57:aa:3e:88:b7:10:64:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:38:82:38:37:95:4A:2D:B0:84:2B:89:92:7C:40:B5:BB:63:E3:82
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/ajiCODeVSi2whCuJknxAtbtj44I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.8.0/22
IPv6:
2001:67c:18c::/48
Signature Algorithm: sha256WithRSAEncryption
bc:de:f9:93:70:3e:30:4c:ac:8b:5b:82:d3:76:45:b8:95:44:
5f:5f:87:63:b9:92:1f:37:78:fc:58:61:94:f6:df:c8:7c:ca:
dd:15:f0:31:94:f8:23:be:86:47:0c:86:7e:0b:46:d9:dc:78:
e5:5a:de:47:f2:9a:26:af:28:5a:53:c3:31:23:dc:45:7a:6e:
72:3f:42:c8:55:36:9f:f5:83:46:df:d8:ed:ce:17:14:3f:3c:
44:8c:ac:ce:ab:e9:21:12:a5:55:c8:d6:41:9e:cc:71:b3:69:
cf:45:fd:61:d5:e0:8a:ba:5d:17:6b:35:16:ea:0d:03:a7:23:
cb:da:17:24:0f:d8:78:66:10:f9:6d:21:5c:b4:72:50:2c:4e:
2f:30:6f:c7:2e:01:65:38:ae:b8:3e:f3:f3:fd:0f:78:2f:6d:
d7:cc:68:21:b2:7a:2e:cc:86:be:e7:25:ac:2f:10:9b:5d:69:
1f:a0:f0:fc:fc:a3:e7:eb:14:91:91:69:aa:b5:3d:d2:98:9b:
34:a7:cc:21:76:48:65:cc:94:22:73:c3:4f:b5:ab:52:b1:52:
37:a8:6d:21:99:73:89:a9:53:55:14:96:ab:a3:cc:63:21:a4:
48:fa:af:0e:0a:34:d9:2e:7f:1e:23:34:16:83:fe:ab:ae:f4:
fd:33:ef:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyRt5H9MT56LhBwCcLgXWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYTc3NDI3YzAzNzA5YjMzOWE5NWIwYWQ5YTRhYzlkMmM5
MmM5MDMwHhcNMjMwMTAyMTEzODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM4ODIzODM3OTU0YTJkYjA4NDJiODk5MjdjNDBiNWJiNjNlMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysYBtwoNGvgsCWNVp1NdIUusjNX9
LS42S8h4xzKUxgzgHhfCRDcQO6RLHhBtPzRmeQMib5XXi0WuZcDw3nI/CuN9/Q0L
IoO8XTSYwioldJBdpZSiRIwXGPbRqaiWp9QxUZhJhqo8gaoCZXKR/oB+iBvmhXNw
5Y8Eatg/t4zBWpqSQarDdHrO4cwVOh0PXESplxT+x6uqxLIrv7yllhC3oKH+n/RX
1ESuMNX473J71VXdRFreU5WYDIyZczSwZT9ArtdlrXI2OY67TgnJKsFR1WSGbVb7
qfdXDRS3e1YxvcT/Hkyecj45MnAO8v4YzXe/Wh+Lz42XY1eqPoi3EGQoiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGo4gjg3lUotsIQriZJ8QLW7Y+OCMB8GA1UdIwQY
MBaAFDKndCfANwmzOalbCtmkrJ0skskDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmIt
N2Q0MGI3YzhmYjAxLzEvYWppQ09EZVZTaTJ3aEN1SmtueEF0YnRqNDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmItN2Q0MGI3YzhmYjAx
LzEvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW80IMA8E
AgACMAkDBwAgAQZ8AYwwDQYJKoZIhvcNAQELBQADggEBALze+ZNwPjBMrItbgtN2
RbiVRF9fh2O5kh83ePxYYZT238h8yt0V8DGU+CO+hkcMhn4LRtnceOVa3kfymiav
KFpTwzEj3EV6bnI/QshVNp/1g0bf2O3OFxQ/PESMrM6r6SESpVXI1kGezHGzac9F
/WHV4Iq6XRdrNRbqDQOnI8vaFyQP2HhmEPltIVy0clAsTi8wb8cuAWU4rrg+8/P9
D3gvbdfMaCGyei7Mhr7nJawvEJtdaR+g8Pz8o+frFJGRaaq1PdKYmzSnzCF2SGXM
lCJzw0+1q1KxUjeobSGZc4mpU1UUlqujzGMhpEj6rw4KNNkufx4jNBaD/quu9P0z
7/Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:55 2025 by rpki-client