Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/0f6920-2770-4cbe-a64f-2a6bc3832a0a/1/kxsioQ14XK9SYR-Y9dr85xITS3g.roa
File: kxsioQ14XK9SYR-Y9dr85xITS3g.roa (raw, json)
Hash identifier: 9IscsImuwrtZgj+ad7fF4xe527HsIPS1XANwPC97Bjg=
Subject key identifier: 93:1B:22:A1:0D:78:5C:AF:52:61:1F:98:F5:DA:FC:E7:12:13:4B:78
Certificate issuer: /CN=c97dc6d8df5d084e923063488d37d3ae0114777b
Certificate serial: 018572311893877CE7D796214822FBE4E0FD
Authority key identifier: C9:7D:C6:D8:DF:5D:08:4E:92:30:63:48:8D:37:D3:AE:01:14:77:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yX3G2N9dCE6SMGNIjTfTrgEUd3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/0f6920-2770-4cbe-a64f-2a6bc3832a0a/1/kxsioQ14XK9SYR-Y9dr85xITS3g.roa
Signing time: Mon 02 Jan 2023 11:14:58 +0000
ROA not before: Mon 02 Jan 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 91.226.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:18:93:87:7c:e7:d7:96:21:48:22:fb:e4:e0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c97dc6d8df5d084e923063488d37d3ae0114777b
Validity
Not Before: Jan 2 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=931b22a10d785caf52611f98f5dafce712134b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:46:a2:1e:60:8e:08:58:8b:30:c6:6e:7a:b2:
ba:ca:a1:b1:b7:92:14:1f:b6:52:d3:6d:46:c8:56:
58:93:93:bc:c0:82:d3:e9:f6:e9:e0:4a:a3:dc:e1:
42:a7:88:bc:aa:df:5a:ce:48:be:56:a6:47:a3:29:
cb:1b:b4:00:89:ac:de:22:7f:64:1d:91:a2:e5:40:
91:4b:3e:0b:bb:fd:8e:00:99:f6:f4:ff:9b:4b:1c:
55:eb:17:45:bd:da:16:db:71:ea:61:fe:c1:49:96:
f7:00:90:6d:35:c2:50:77:f2:ea:fa:03:79:c3:d5:
5a:ae:40:a4:89:81:5c:63:ec:0f:5f:c4:76:79:75:
38:0d:11:51:7d:d8:47:54:2c:7e:76:14:37:b7:58:
cd:53:7b:1d:4e:4a:5c:3c:d6:a1:b3:bf:4a:0f:e7:
6a:1e:b5:9f:76:b0:af:24:fe:df:a0:16:06:2d:db:
f7:9a:8f:bb:e1:b9:e0:7e:2c:eb:40:0a:02:12:86:
09:55:94:05:3a:0d:96:36:83:20:87:05:72:cb:fa:
7e:2c:d5:49:4a:e2:63:20:8e:a7:43:22:c7:0a:ca:
9e:2b:06:0a:e6:99:7f:98:bc:78:ae:ff:5b:13:ee:
aa:9b:27:52:c7:b4:c9:40:cf:fa:19:2f:e7:75:45:
de:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1B:22:A1:0D:78:5C:AF:52:61:1F:98:F5:DA:FC:E7:12:13:4B:78
X509v3 Authority Key Identifier:
keyid:C9:7D:C6:D8:DF:5D:08:4E:92:30:63:48:8D:37:D3:AE:01:14:77:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yX3G2N9dCE6SMGNIjTfTrgEUd3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/0f6920-2770-4cbe-a64f-2a6bc3832a0a/1/kxsioQ14XK9SYR-Y9dr85xITS3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/0f6920-2770-4cbe-a64f-2a6bc3832a0a/1/yX3G2N9dCE6SMGNIjTfTrgEUd3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.18.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:bf:62:da:e5:3b:ac:d7:11:84:67:e8:0b:1f:53:09:32:10:
d8:ae:e9:4b:c4:7c:25:ed:36:61:4e:41:af:5c:95:60:0a:3a:
f4:c1:ce:a4:42:56:17:42:ba:3a:a7:1a:d8:97:4b:96:23:61:
04:ab:2d:bc:8b:f0:6f:d8:f3:97:9e:87:93:d9:50:58:cb:6c:
a7:28:d9:58:ab:e5:7d:eb:fd:97:68:67:53:de:f3:10:ca:ca:
ad:e2:ab:1d:73:e1:da:e0:f7:33:05:f8:d5:3a:90:d6:47:21:
cd:a5:10:48:6a:6f:65:09:39:b2:96:d0:6d:0e:5b:4f:04:f8:
2e:08:39:a8:ec:6d:25:a3:db:1f:58:ac:87:b3:21:55:46:11:
63:31:d5:e6:b4:f0:f5:fa:07:62:70:e6:2d:b2:e4:49:be:89:
97:57:a2:7d:64:23:c4:be:5e:17:d4:e2:81:9d:9d:d2:ce:e5:
f0:bc:61:9b:fc:36:00:3a:10:7d:50:0f:df:bf:16:3e:7d:dc:
2c:d0:40:d3:a0:eb:c6:a6:25:b0:2b:59:b4:81:4c:de:fb:9b:
f2:2f:19:71:3d:9a:7c:3d:bc:33:58:7a:6a:9a:69:6c:b2:14:
25:9b:66:21:de:c3:92:2d:d9:02:cc:09:fd:8a:30:cd:61:be:
9c:21:92:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMRiTh3zn15YhSCL75OD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5N2RjNmQ4ZGY1ZDA4NGU5MjMwNjM0ODhkMzdkM2FlMDEx
NDc3N2IwHhcNMjMwMTAyMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzFiMjJhMTBkNzg1Y2FmNTI2MTFmOThmNWRhZmNlNzEyMTM0Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEaiHmCOCFiLMMZuerK6yqGxt5IU
H7ZS021GyFZYk5O8wILT6fbp4Eqj3OFCp4i8qt9azki+VqZHoynLG7QAiazeIn9k
HZGi5UCRSz4Lu/2OAJn29P+bSxxV6xdFvdoW23HqYf7BSZb3AJBtNcJQd/Lq+gN5
w9VarkCkiYFcY+wPX8R2eXU4DRFRfdhHVCx+dhQ3t1jNU3sdTkpcPNahs79KD+dq
HrWfdrCvJP7foBYGLdv3mo+74bngfizrQAoCEoYJVZQFOg2WNoMghwVyy/p+LNVJ
SuJjII6nQyLHCsqeKwYK5pl/mLx4rv9bE+6qmydSx7TJQM/6GS/ndUXedQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMbIqENeFyvUmEfmPXa/OcSE0t4MB8GA1UdIwQY
MBaAFMl9xtjfXQhOkjBjSI03064BFHd7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVgzRzJOOWRDRTZTTUdOSWpUZlRyZ0VVZDNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wZjY5MjAtMjc3MC00Y2JlLWE2NGYt
MmE2YmMzODMyYTBhLzEva3hzaW9RMTRYSzlTWVItWTlkcjg1eElUUzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8wZjY5MjAtMjc3MC00Y2JlLWE2NGYtMmE2YmMzODMyYTBh
LzEveVgzRzJOOWRDRTZTTUdOSWpUZlRyZ0VVZDNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+ISMA0G
CSqGSIb3DQEBCwUAA4IBAQA/v2La5Tus1xGEZ+gLH1MJMhDYrulLxHwl7TZhTkGv
XJVgCjr0wc6kQlYXQro6pxrYl0uWI2EEqy28i/Bv2POXnoeT2VBYy2ynKNlYq+V9
6/2XaGdT3vMQysqt4qsdc+Ha4PczBfjVOpDWRyHNpRBIam9lCTmyltBtDltPBPgu
CDmo7G0lo9sfWKyHsyFVRhFjMdXmtPD1+gdicOYtsuRJvomXV6J9ZCPEvl4X1OKB
nZ3SzuXwvGGb/DYAOhB9UA/fvxY+fdws0EDToOvGpiWwK1m0gUze+5vyLxlxPZp8
PbwzWHpqmmlsshQlm2Yh3sOSLdkCzAn9ijDNYb6cIZKT
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:46:18 2025 by rpki-client