Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/7605ec-6f34-4589-9237-f80a48ad0a2c/1/B_Nezn8wTFCj8yaf2ngB0c5htmE.roa
File: B_Nezn8wTFCj8yaf2ngB0c5htmE.roa (raw, json)
Hash identifier: 5ecT5Gs3QVhej1J5JZPdbtWJCxphWY4nNMXkF9ozAaw=
Subject key identifier: 07:F3:5E:CE:7F:30:4C:50:A3:F3:26:9F:DA:78:01:D1:CE:61:B6:61
Certificate issuer: /CN=9b054fec255d0cdc6ba3aba96ab2603663272db3
Certificate serial: 018C45BD67C17386DFCC71E7A16252732B65
Authority key identifier: 9B:05:4F:EC:25:5D:0C:DC:6B:A3:AB:A9:6A:B2:60:36:63:27:2D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwVP7CVdDNxro6uparJgNmMnLbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/7605ec-6f34-4589-9237-f80a48ad0a2c/1/B_Nezn8wTFCj8yaf2ngB0c5htmE.roa
Signing time: Thu 07 Dec 2023 19:24:49 +0000
ROA not before: Thu 07 Dec 2023 19:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29226
IP address blocks: 91.240.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:bd:67:c1:73:86:df:cc:71:e7:a1:62:52:73:2b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b054fec255d0cdc6ba3aba96ab2603663272db3
Validity
Not Before: Dec 7 19:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07f35ece7f304c50a3f3269fda7801d1ce61b661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:87:4c:91:b5:68:72:71:e6:e4:5f:b6:14:
34:aa:6d:30:fc:7a:04:49:7b:a4:8e:29:22:27:43:
3b:9d:85:35:3a:f7:5f:0f:8b:1c:57:a7:31:49:c5:
db:20:c8:ba:bd:ff:67:b5:a0:0d:9a:9d:64:f7:28:
aa:5c:2b:65:35:74:98:7e:fc:41:b3:67:66:55:01:
85:2b:1d:2b:e2:a2:73:bd:57:f6:b2:5f:6b:49:46:
19:d3:f5:e1:c7:a2:ad:ea:5e:54:d4:7a:77:15:90:
1e:75:48:87:8b:d0:bd:e4:64:76:b1:16:a3:09:7d:
b2:41:c9:51:42:16:ff:a2:4e:55:02:b5:11:52:41:
89:25:a6:bd:30:0d:74:b0:c3:a7:92:59:b5:15:55:
f9:aa:bb:fb:2b:06:87:cb:f5:bf:6c:1f:db:03:cd:
09:d8:1b:8c:60:f3:0c:5a:c6:1d:f2:a7:88:da:ac:
6c:5f:a0:75:3e:c3:64:a9:eb:b3:9d:0b:11:3f:5d:
83:2a:ea:1c:71:aa:78:0a:c0:e9:d6:cb:1a:72:d3:
fc:b7:df:03:f3:1e:a1:ea:ce:68:16:c7:71:6d:99:
55:ee:a9:0b:ff:a5:94:e2:95:28:d0:0e:d1:bb:1d:
84:72:8d:9f:8f:f1:26:1e:8a:9b:20:64:92:54:6c:
f9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F3:5E:CE:7F:30:4C:50:A3:F3:26:9F:DA:78:01:D1:CE:61:B6:61
X509v3 Authority Key Identifier:
keyid:9B:05:4F:EC:25:5D:0C:DC:6B:A3:AB:A9:6A:B2:60:36:63:27:2D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwVP7CVdDNxro6uparJgNmMnLbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/7605ec-6f34-4589-9237-f80a48ad0a2c/1/B_Nezn8wTFCj8yaf2ngB0c5htmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/7605ec-6f34-4589-9237-f80a48ad0a2c/1/mwVP7CVdDNxro6uparJgNmMnLbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.242.0/24
Signature Algorithm: sha256WithRSAEncryption
53:f1:6b:a2:b4:1d:4a:bd:35:81:1f:5b:97:8c:39:df:d6:fe:
55:38:c8:36:99:b2:b6:96:66:aa:b2:a7:10:e8:d7:00:bb:c3:
cb:bf:fb:4f:9f:e2:a2:97:12:cb:03:91:6f:fd:aa:46:70:ee:
81:d0:e4:da:fe:08:46:c5:27:cf:a0:55:e4:64:13:c9:c5:05:
b9:44:68:be:4d:66:aa:0b:d5:3a:db:48:3b:4b:35:68:4f:b1:
3f:27:a8:da:6c:e7:4c:64:a4:5c:bb:56:ed:f2:d6:5a:24:dc:
fb:17:cd:0c:7c:49:5e:5f:4e:db:eb:cc:63:e6:ae:b5:a8:d4:
69:42:b4:f2:5e:e1:06:a9:e1:1e:cc:4f:66:d0:f3:98:8f:80:
84:e9:1c:08:03:21:c3:f1:29:7e:d2:57:fe:01:d8:8b:6c:a3:
b5:3e:81:b0:12:6c:f4:fb:c1:eb:20:b0:99:bd:38:7c:26:94:
ce:57:16:5a:98:ec:ec:48:e3:5f:f9:58:6e:10:2b:33:91:65:
b1:f5:c7:6a:50:57:f4:6f:94:99:8d:8f:13:3b:33:40:00:4b:
b8:27:d1:32:25:af:0a:ad:7b:28:8b:46:6e:91:9e:7a:68:73:
9a:b7:f0:91:63:5d:bf:b7:08:66:99:a3:79:1b:cf:bb:2e:db:
da:43:f6:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxFvWfBc4bfzHHnoWJScytlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMDU0ZmVjMjU1ZDBjZGM2YmEzYWJhOTZhYjI2MDM2NjMy
NzJkYjMwHhcNMjMxMjA3MTkyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2YzNWVjZTdmMzA0YzUwYTNmMzI2OWZkYTc4MDFkMWNlNjFiNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt86HTJG1aHJx5uRfthQ0qm0w/HoE
SXukjikiJ0M7nYU1OvdfD4scV6cxScXbIMi6vf9ntaANmp1k9yiqXCtlNXSYfvxB
s2dmVQGFKx0r4qJzvVf2sl9rSUYZ0/Xhx6Kt6l5U1Hp3FZAedUiHi9C95GR2sRaj
CX2yQclRQhb/ok5VArURUkGJJaa9MA10sMOnklm1FVX5qrv7KwaHy/W/bB/bA80J
2BuMYPMMWsYd8qeI2qxsX6B1PsNkqeuznQsRP12DKuoccap4CsDp1ssactP8t98D
8x6h6s5oFsdxbZlV7qkL/6WU4pUo0A7Rux2Eco2fj/EmHoqbIGSSVGz5lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfzXs5/MExQo/Mmn9p4AdHOYbZhMB8GA1UdIwQY
MBaAFJsFT+wlXQzca6OrqWqyYDZjJy2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXdWUDdDVmRETnhybzZ1cGFySmdObU1uTGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS83NjA1ZWMtNmYzNC00NTg5LTkyMzct
ZjgwYTQ4YWQwYTJjLzEvQl9OZXpuOHdURkNqOHlhZjJuZ0IwYzVodG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS83NjA1ZWMtNmYzNC00NTg5LTkyMzctZjgwYTQ4YWQwYTJj
LzEvbXdWUDdDVmRETnhybzZ1cGFySmdObU1uTGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DyMA0G
CSqGSIb3DQEBCwUAA4IBAQBT8WuitB1KvTWBH1uXjDnf1v5VOMg2mbK2lmaqsqcQ
6NcAu8PLv/tPn+KilxLLA5Fv/apGcO6B0OTa/ghGxSfPoFXkZBPJxQW5RGi+TWaq
C9U620g7SzVoT7E/J6jabOdMZKRcu1bt8tZaJNz7F80MfEleX07b68xj5q61qNRp
QrTyXuEGqeEezE9m0POYj4CE6RwIAyHD8Sl+0lf+AdiLbKO1PoGwEmz0+8HrILCZ
vTh8JpTOVxZamOzsSONf+VhuECszkWWx9cdqUFf0b5SZjY8TOzNAAEu4J9EyJa8K
rXsoi0ZukZ56aHOat/CRY12/twhmmaN5G8+7LtvaQ/bD
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:08:28 2025 by rpki-client