Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/bn7-zqCddCeIfDjpPrAFrX0txCo.roa
File: bn7-zqCddCeIfDjpPrAFrX0txCo.roa (raw, json)
Hash identifier: GBNBrCttPYbV0EoCDyeuYJ2I/utdP6K5hwkxmvqVnIE=
Subject key identifier: 6E:7E:FE:CE:A0:9D:74:27:88:7C:38:E9:3E:B0:05:AD:7D:2D:C4:2A
Certificate issuer: /CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Certificate serial: 018C43781E3ADC0CF583CEE19811865EF935
Authority key identifier: 29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/bn7-zqCddCeIfDjpPrAFrX0txCo.roa
Signing time: Thu 07 Dec 2023 08:49:54 +0000
ROA not before: Thu 07 Dec 2023 08:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210579
IP address blocks: 91.227.138.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:78:1e:3a:dc:0c:f5:83:ce:e1:98:11:86:5e:f9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Validity
Not Before: Dec 7 08:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e7efecea09d7427887c38e93eb005ad7d2dc42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:38:8e:c1:66:c9:ba:86:d0:eb:e0:18:fe:bd:
eb:6b:9d:95:15:7e:89:9b:fe:36:d0:ce:24:1a:06:
3b:2d:64:a5:31:5e:5c:f9:4e:02:8a:8e:28:87:dc:
35:81:b4:4a:77:50:a6:48:f3:29:7f:b4:97:59:5f:
a5:90:96:b4:9e:f2:c5:20:11:e9:e7:e0:99:8f:d0:
82:3b:69:12:c4:56:59:38:02:5f:3d:d4:f1:b4:6e:
0d:b9:b8:fb:50:b5:10:96:6e:63:a6:c4:ce:15:30:
ab:41:e3:f4:b0:c9:18:10:ab:e0:5b:17:55:db:e9:
76:ab:47:e1:94:24:c2:c4:67:46:10:8e:82:d4:8d:
25:5b:3d:95:f4:aa:58:3b:93:d8:6f:ff:2b:24:3c:
6f:23:be:54:39:84:f5:a4:0f:0f:f0:ed:e4:ff:1b:
0b:7b:92:31:8d:01:8a:92:6d:eb:bb:28:45:0b:dc:
ef:a0:20:cc:b0:d7:59:ab:18:a3:d5:59:e7:3a:a6:
88:5e:36:dd:d0:91:e2:d9:99:82:18:1f:47:73:38:
91:d6:6c:aa:2d:12:d0:a1:77:34:ac:18:c8:88:20:
cb:6e:0b:0a:ae:41:04:43:4b:62:a3:d3:f7:cb:ad:
12:6e:11:a0:1f:b9:87:59:d4:00:42:f6:9d:1b:9d:
ce:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7E:FE:CE:A0:9D:74:27:88:7C:38:E9:3E:B0:05:AD:7D:2D:C4:2A
X509v3 Authority Key Identifier:
keyid:29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/bn7-zqCddCeIfDjpPrAFrX0txCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KQzE0K1dr8J6pONC-oDjSBToRcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.138.0/23
Signature Algorithm: sha256WithRSAEncryption
93:a9:c9:95:62:ac:fc:81:72:d7:1c:ae:19:2f:9f:63:fb:10:
b9:90:1f:d5:a6:75:1b:e2:ed:51:b4:7b:31:a4:6e:4f:1c:b6:
48:99:4b:5f:86:36:57:c7:11:6f:5a:c9:a1:60:7a:8b:b6:38:
ac:59:0c:2a:5b:03:03:07:99:f5:46:4a:f6:0c:01:42:8a:87:
58:92:f7:9b:0c:f0:f9:2f:fe:94:53:ff:4e:07:a1:2f:2d:a5:
25:2c:0e:5a:2b:32:6d:16:8a:33:c7:ad:7a:56:b4:14:3d:2a:
7f:4c:f9:71:5b:71:35:09:05:e1:77:f1:f1:62:08:18:db:3e:
57:45:43:b0:2d:8e:ea:4a:49:5e:fe:a7:82:15:26:12:a4:38:
2f:a9:d3:e0:04:91:8e:93:f1:e4:e6:a2:8f:e2:5c:77:d4:01:
14:de:f9:87:9d:34:78:45:4e:6b:82:f8:e1:e2:42:51:c1:b2:
84:08:93:6f:49:57:d5:18:fa:b7:65:63:fd:53:72:ba:18:0e:
cc:74:6d:0d:39:c6:47:e3:f2:cd:0e:f4:74:a5:84:ea:f2:96:
6e:0e:78:ea:68:fb:0c:b3:ba:8f:13:1a:e2:c8:44:41:fe:e0:
10:99:64:22:df:99:4a:9e:27:32:ab:09:97:bc:8e:6e:af:85:
5b:ce:71:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxDeB463Az1g87hmBGGXvk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGNjNGQwYWQ1ZGFmYzI3YWE0ZTM0MmZhODBlMzQ4MTRl
ODQ1YzMwHhcNMjMxMjA3MDg0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdlZmVjZWEwOWQ3NDI3ODg3YzM4ZTkzZWIwMDVhZDdkMmRjNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ziOwWbJuobQ6+AY/r3ra52VFX6J
m/420M4kGgY7LWSlMV5c+U4Cio4oh9w1gbRKd1CmSPMpf7SXWV+lkJa0nvLFIBHp
5+CZj9CCO2kSxFZZOAJfPdTxtG4Nubj7ULUQlm5jpsTOFTCrQeP0sMkYEKvgWxdV
2+l2q0fhlCTCxGdGEI6C1I0lWz2V9KpYO5PYb/8rJDxvI75UOYT1pA8P8O3k/xsL
e5IxjQGKkm3ruyhFC9zvoCDMsNdZqxij1VnnOqaIXjbd0JHi2ZmCGB9HcziR1myq
LRLQoXc0rBjIiCDLbgsKrkEEQ0tio9P3y60SbhGgH7mHWdQAQvadG53O9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5+/s6gnXQniHw46T6wBa19LcQqMB8GA1UdIwQY
MBaAFCkMxNCtXa/CeqTjQvqA40gU6EXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYt
MmUwMDc4Y2VlMTgyLzEvYm43LXpxQ2RkQ2VJZkRqcFByQUZyWDB0eENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYtMmUwMDc4Y2VlMTgy
LzEvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+OKMA0G
CSqGSIb3DQEBCwUAA4IBAQCTqcmVYqz8gXLXHK4ZL59j+xC5kB/VpnUb4u1RtHsx
pG5PHLZImUtfhjZXxxFvWsmhYHqLtjisWQwqWwMDB5n1Rkr2DAFCiodYkvebDPD5
L/6UU/9OB6EvLaUlLA5aKzJtFoozx616VrQUPSp/TPlxW3E1CQXhd/HxYggY2z5X
RUOwLY7qSkle/qeCFSYSpDgvqdPgBJGOk/Hk5qKP4lx31AEU3vmHnTR4RU5rgvjh
4kJRwbKECJNvSVfVGPq3ZWP9U3K6GA7MdG0NOcZH4/LNDvR0pYTq8pZuDnjqaPsM
s7qPExriyERB/uAQmWQi35lKnicyqwmXvI5ur4VbznFP
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:47 2025 by rpki-client