Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a3bfe9-dc56-4c1f-97a7-6b31a7360f0f/1/Z47kWSTtLji8vDde0wyGtvBdEtg.roa
File: Z47kWSTtLji8vDde0wyGtvBdEtg.roa (raw, json)
Hash identifier: 2oH+XlWP7fOy9jO9ta/k7BjNtm3g83JCCk2zCSJeUy4=
Subject key identifier: 67:8E:E4:59:24:ED:2E:38:BC:BC:37:5E:D3:0C:86:B6:F0:5D:12:D8
Certificate issuer: /CN=1b3029634ea8ed54681ba84d14990b00b864ddb8
Certificate serial: 01856D41B6A87DDE5CEC320225321161D0A2
Authority key identifier: 1B:30:29:63:4E:A8:ED:54:68:1B:A8:4D:14:99:0B:00:B8:64:DD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzApY06o7VRoG6hNFJkLALhk3bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a3bfe9-dc56-4c1f-97a7-6b31a7360f0f/1/Z47kWSTtLji8vDde0wyGtvBdEtg.roa
Signing time: Sun 01 Jan 2023 12:15:01 +0000
ROA not before: Sun 01 Jan 2023 12:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51776
IP address blocks: 91.199.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:b6:a8:7d:de:5c:ec:32:02:25:32:11:61:d0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b3029634ea8ed54681ba84d14990b00b864ddb8
Validity
Not Before: Jan 1 12:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=678ee45924ed2e38bcbc375ed30c86b6f05d12d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:d4:f3:24:0f:c5:9b:51:b0:f3:8f:a0:51:
11:07:31:2d:8d:25:76:0c:91:79:94:52:4c:0d:d7:
e6:2f:10:39:be:a4:fd:6f:52:40:01:db:88:8f:67:
9e:34:b2:ed:1e:cb:0e:25:1f:59:6d:23:e6:c3:7b:
9a:d4:a7:a4:53:f4:2a:56:81:e2:8e:f5:cd:38:c2:
c4:a2:80:1b:5c:7d:5b:8b:6a:03:5d:9a:81:b7:8d:
c9:37:3b:82:be:a7:ca:2b:5d:fd:52:1f:e0:e5:09:
ce:22:a0:6f:be:e3:95:c8:1b:1e:8d:26:ae:d3:af:
ba:19:b7:ee:c4:b7:2f:a7:98:e9:08:bc:c7:ff:cb:
3e:25:79:bf:b4:2b:8c:3a:34:16:6a:02:09:6a:4f:
05:aa:8d:08:f7:67:4a:34:45:2e:40:ff:47:26:38:
a8:12:db:88:4e:4c:78:3e:6f:a9:45:84:e8:a8:ad:
6b:66:3c:f8:96:81:b1:b0:40:9c:96:92:45:17:d9:
76:57:2a:d2:ee:d3:47:c1:e7:6a:3e:9a:1c:35:c0:
0e:d4:30:1c:b1:10:0d:35:ee:62:f9:89:e7:e3:b5:
4c:40:69:74:70:5c:8a:a3:4b:74:58:be:8e:9e:62:
d8:53:09:5f:06:dd:23:e6:e7:2e:0e:42:ab:20:87:
b4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8E:E4:59:24:ED:2E:38:BC:BC:37:5E:D3:0C:86:B6:F0:5D:12:D8
X509v3 Authority Key Identifier:
keyid:1B:30:29:63:4E:A8:ED:54:68:1B:A8:4D:14:99:0B:00:B8:64:DD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzApY06o7VRoG6hNFJkLALhk3bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a3bfe9-dc56-4c1f-97a7-6b31a7360f0f/1/Z47kWSTtLji8vDde0wyGtvBdEtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a3bfe9-dc56-4c1f-97a7-6b31a7360f0f/1/GzApY06o7VRoG6hNFJkLALhk3bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.175.0/24
Signature Algorithm: sha256WithRSAEncryption
60:37:ad:57:18:7a:e9:cb:3b:83:0a:6e:ff:1c:32:c1:77:ca:
23:df:96:80:08:ad:95:c1:f7:ce:ca:89:8b:70:35:99:37:40:
f9:f8:5a:d4:0e:0f:2f:75:43:2b:48:bb:1b:5a:9d:48:0f:24:
82:37:b0:50:8e:84:62:b2:ad:04:b7:9c:3a:fa:e3:f9:5c:1d:
6e:e7:9d:b7:72:0c:91:2a:5b:23:b5:19:2c:8c:7d:41:7f:5a:
16:aa:08:12:52:69:21:a8:49:25:a0:84:6f:f2:96:dc:c7:7b:
3a:ed:45:e3:79:d7:ea:74:48:48:ec:63:2e:d3:50:6e:95:cc:
b0:77:47:a0:7c:40:38:a2:e1:8d:94:d5:a5:c3:98:cb:57:55:
19:2c:d2:24:ff:9a:c9:03:8c:d0:cc:de:63:db:8f:49:41:9d:
41:67:74:98:40:60:16:cd:0e:f1:e3:ba:f6:66:6f:47:f4:7c:
1f:d3:14:29:ff:e8:e1:79:18:2b:8f:de:d7:a0:62:05:b0:1f:
e5:34:fd:1e:3e:51:3d:33:00:a7:44:ee:8a:f1:16:5b:da:02:
6d:ca:11:fb:7c:81:11:01:6c:5d:27:c1:6e:3a:1f:a1:ce:6a:
a7:06:c2:0e:01:8c:9a:29:91:d1:8b:e2:29:b4:0a:40:c2:67:
8d:bd:05:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQbaofd5c7DICJTIRYdCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzAyOTYzNGVhOGVkNTQ2ODFiYTg0ZDE0OTkwYjAwYjg2
NGRkYjgwHhcNMjMwMTAxMTIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhlZTQ1OTI0ZWQyZTM4YmNiYzM3NWVkMzBjODZiNmYwNWQxMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKjU8yQPxZtRsPOPoFERBzEtjSV2
DJF5lFJMDdfmLxA5vqT9b1JAAduIj2eeNLLtHssOJR9ZbSPmw3ua1KekU/QqVoHi
jvXNOMLEooAbXH1bi2oDXZqBt43JNzuCvqfKK139Uh/g5QnOIqBvvuOVyBsejSau
06+6GbfuxLcvp5jpCLzH/8s+JXm/tCuMOjQWagIJak8Fqo0I92dKNEUuQP9HJjio
EtuITkx4Pm+pRYToqK1rZjz4loGxsECclpJFF9l2VyrS7tNHwedqPpocNcAO1DAc
sRANNe5i+Ynn47VMQGl0cFyKo0t0WL6OnmLYUwlfBt0j5ucuDkKrIIe0uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeO5Fkk7S44vLw3XtMMhrbwXRLYMB8GA1UdIwQY
MBaAFBswKWNOqO1UaBuoTRSZCwC4ZN24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3pBcFkwNm83VlJvRzZoTkZKa0xBTGhrM2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hM2JmZTktZGM1Ni00YzFmLTk3YTct
NmIzMWE3MzYwZjBmLzEvWjQ3a1dTVHRMamk4dkRkZTB3eUd0dkJkRXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hM2JmZTktZGM1Ni00YzFmLTk3YTctNmIzMWE3MzYwZjBm
LzEvR3pBcFkwNm83VlJvRzZoTkZKa0xBTGhrM2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8evMA0G
CSqGSIb3DQEBCwUAA4IBAQBgN61XGHrpyzuDCm7/HDLBd8oj35aACK2VwffOyomL
cDWZN0D5+FrUDg8vdUMrSLsbWp1IDySCN7BQjoRisq0Et5w6+uP5XB1u5523cgyR
KlsjtRksjH1Bf1oWqggSUmkhqEkloIRv8pbcx3s67UXjedfqdEhI7GMu01Bulcyw
d0egfEA4ouGNlNWlw5jLV1UZLNIk/5rJA4zQzN5j249JQZ1BZ3SYQGAWzQ7x47r2
Zm9H9Hwf0xQp/+jheRgrj97XoGIFsB/lNP0ePlE9MwCnRO6K8RZb2gJtyhH7fIER
AWxdJ8FuOh+hzmqnBsIOAYyaKZHRi+IptApAwmeNvQXo
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:29:59 2025 by rpki-client