Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/K1VJDv0ehCUufsPBD0WtnHpaf_o.roa
File: K1VJDv0ehCUufsPBD0WtnHpaf_o.roa (raw, json)
Hash identifier: LAOoe6Top5l6P+w28o9CdugPQvv8BKBr+xeU/B5ongI=
Subject key identifier: 2B:55:49:0E:FD:1E:84:25:2E:7E:C3:C1:0F:45:AD:9C:7A:5A:7F:FA
Certificate issuer: /CN=17ebc86d853f7e3a920153f1fb0b19f7b0e41a7f
Certificate serial: 0503BA30
Authority key identifier: 17:EB:C8:6D:85:3F:7E:3A:92:01:53:F1:FB:0B:19:F7:B0:E4:1A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F-vIbYU_fjqSAVPx-wsZ97DkGn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/K1VJDv0ehCUufsPBD0WtnHpaf_o.roa
Signing time: Sat 01 Jan 2022 14:57:57 +0000
ROA not before: Sat 01 Jan 2022 14:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213095
IP address blocks: 91.239.56.0/24 maxlen: 24
2a07:fb40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84130352 (0x503ba30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17ebc86d853f7e3a920153f1fb0b19f7b0e41a7f
Validity
Not Before: Jan 1 14:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b55490efd1e84252e7ec3c10f45ad9c7a5a7ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:6a:36:a4:23:15:f6:26:bf:5a:b4:f4:a1:
cc:ed:a3:96:58:01:f7:c0:45:81:7e:42:a4:b5:17:
ac:88:74:0a:98:23:7f:2e:b0:c3:8d:07:e0:95:9f:
78:6f:87:48:45:46:fd:af:c6:10:87:1b:3f:2e:63:
6c:8d:92:f2:f3:05:ac:e6:dd:1d:36:1b:b2:af:8f:
08:73:e5:ce:d4:67:05:16:ed:79:47:94:07:2d:71:
85:35:71:f1:d1:a0:60:de:ab:e1:26:ac:45:5c:11:
e7:f8:7b:13:f1:15:30:88:d9:3d:c3:22:e2:e1:a0:
21:a4:14:bd:46:da:1b:59:99:ab:3a:81:78:60:ff:
99:6b:8f:c9:c5:93:ac:f3:26:6d:7f:c7:ac:49:ed:
03:8e:7c:3a:d7:18:2d:8e:01:54:7f:c1:8e:76:61:
9a:c5:d8:5f:b6:df:b6:70:82:68:13:90:72:7e:8e:
3b:9b:7c:67:61:c8:0e:42:b8:0f:4e:9f:62:17:22:
6e:9c:d8:52:16:b7:26:bb:22:e9:9c:a0:70:57:c3:
f0:19:7a:d7:2a:97:69:0d:f5:16:ac:3a:21:1e:64:
34:bf:8f:8d:ad:ea:0f:7f:fb:09:c7:3c:e6:87:ce:
18:a2:12:11:45:8c:b9:7c:5e:8a:79:e5:fa:c4:f5:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:55:49:0E:FD:1E:84:25:2E:7E:C3:C1:0F:45:AD:9C:7A:5A:7F:FA
X509v3 Authority Key Identifier:
keyid:17:EB:C8:6D:85:3F:7E:3A:92:01:53:F1:FB:0B:19:F7:B0:E4:1A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F-vIbYU_fjqSAVPx-wsZ97DkGn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/K1VJDv0ehCUufsPBD0WtnHpaf_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/F-vIbYU_fjqSAVPx-wsZ97DkGn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.56.0/24
IPv6:
2a07:fb40::/29
Signature Algorithm: sha256WithRSAEncryption
16:00:cb:0c:0e:8e:37:e6:2f:83:86:a5:f4:5d:c5:b6:e7:4d:
1b:57:b8:54:82:7e:a6:1d:16:53:3e:e6:89:a4:ab:d5:46:40:
45:a5:22:d6:72:c4:da:fa:70:5b:7b:b5:03:27:2e:4a:b8:9d:
bc:6e:df:1d:5e:92:7e:f3:e6:46:18:52:4f:3d:f0:30:a7:86:
62:c9:29:e5:20:a2:6f:14:05:24:5f:bf:59:f8:1b:36:10:cc:
43:f2:a8:b2:86:9a:8a:24:3b:42:41:20:d5:f6:8f:6f:a9:b1:
6d:e7:ad:c2:c4:e5:0d:d4:cd:99:c4:8b:9f:5e:f3:86:8b:12:
50:bb:77:6b:c2:31:45:84:87:6b:69:1e:cc:d9:fd:38:1c:2f:
a5:35:a4:06:47:18:13:d4:fa:e4:91:48:ab:41:35:59:7a:60:
ee:7d:28:49:b7:ce:08:db:a5:d9:19:a4:04:b6:98:86:31:85:
d7:d2:35:0a:fb:5a:06:ef:c6:21:41:5e:3b:b2:ea:63:94:55:
6d:5b:bf:4b:71:52:5a:0b:64:58:92:fc:a5:36:53:69:c0:b3:
0c:19:9b:04:8b:0f:00:fd:ca:e3:ec:25:83:10:39:e2:db:e2:
8f:64:80:18:28:b2:ae:53:8d:65:f5:e0:df:78:f3:7c:68:41:
e1:2e:53:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBQO6MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2ViYzg2ZDg1M2Y3ZTNhOTIwMTUzZjFmYjBiMTlmN2IwZTQxYTdmMB4XDTIyMDEw
MTE0NTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI1NTQ5MGVmZDFl
ODQyNTJlN2VjM2MxMGY0NWFkOWM3YTVhN2ZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUcajakIxX2Jr9atPShzO2jllgB98BFgX5CpLUXrIh0Cpgj
fy6ww40H4JWfeG+HSEVG/a/GEIcbPy5jbI2S8vMFrObdHTYbsq+PCHPlztRnBRbt
eUeUBy1xhTVx8dGgYN6r4SasRVwR5/h7E/EVMIjZPcMi4uGgIaQUvUbaG1mZqzqB
eGD/mWuPycWTrPMmbX/HrEntA458OtcYLY4BVH/BjnZhmsXYX7bftnCCaBOQcn6O
O5t8Z2HIDkK4D06fYhcibpzYUha3Jrsi6ZygcFfD8Bl61yqXaQ31Fqw6IR5kNL+P
ja3qD3/7Ccc85ofOGKISEUWMuXxeinnl+sT1HWUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQrVUkO/R6EJS5+w8EPRa2celp/+jAfBgNVHSMEGDAWgBQX68hthT9+OpIB
U/H7Cxn3sOQafzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YtdkliWVVfZmpxU0FWUHgtd3NaOTdEa0duOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvZWVlOGI1LWI0NTEtNDFkNy1hZDEyLWY3NTYxOGJlNjJkNy8x
L0sxVkpEdjBlaENVdWZzUEJEMFd0bkhwYWZfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
ZWVlOGI1LWI0NTEtNDFkNy1hZDEyLWY3NTYxOGJlNjJkNy8xL0YtdkliWVVfZmpx
U0FWUHgtd3NaOTdEa0duOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvvODANBAIAAjAHAwUDKgf7QDAN
BgkqhkiG9w0BAQsFAAOCAQEAFgDLDA6ON+Yvg4al9F3FtudNG1e4VIJ+ph0WUz7m
iaSr1UZARaUi1nLE2vpwW3u1AycuSridvG7fHV6SfvPmRhhSTz3wMKeGYskp5SCi
bxQFJF+/WfgbNhDMQ/KosoaaiiQ7QkEg1faPb6mxbeetwsTlDdTNmcSLn17zhosS
ULt3a8IxRYSHa2kezNn9OBwvpTWkBkcYE9T65JFIq0E1WXpg7n0oSbfOCNul2Rmk
BLaYhjGF19I1CvtaBu/GIUFeO7LqY5RVbVu/S3FSWgtkWJL8pTZTacCzDBmbBIsP
AP3K4+wlgxA54tvij2SAGCiyrlONZfXg33jzfGhB4S5T3Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:45 2025 by rpki-client