Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/jZHU-C_lIPGYWEU10wCah-1qemU.roa
File: jZHU-C_lIPGYWEU10wCah-1qemU.roa (raw, json)
Hash identifier: gggJRtmhfxw1PqZNj3Vbe3PNWtH4mgVMHY1QrnHMqwQ=
Subject key identifier: 8D:91:D4:F8:2F:E5:20:F1:98:58:45:35:D3:00:9A:87:ED:6A:7A:65
Certificate issuer: /CN=29ff15581bb904f1b90538742118b01f9efaa662
Certificate serial: 0185718C0F238A5ACBF4F32B29A385730180
Authority key identifier: 29:FF:15:58:1B:B9:04:F1:B9:05:38:74:21:18:B0:1F:9E:FA:A6:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/jZHU-C_lIPGYWEU10wCah-1qemU.roa
Signing time: Mon 02 Jan 2023 08:14:42 +0000
ROA not before: Mon 02 Jan 2023 08:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50931
IP address blocks: 91.223.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:0f:23:8a:5a:cb:f4:f3:2b:29:a3:85:73:01:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ff15581bb904f1b90538742118b01f9efaa662
Validity
Not Before: Jan 2 08:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d91d4f82fe520f198584535d3009a87ed6a7a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:93:57:45:a4:43:21:df:70:f1:e0:ae:da:
ff:1d:b4:30:0d:bf:f8:f6:cd:89:90:d4:95:07:50:
fa:92:9e:4a:88:3d:55:c5:44:46:99:e2:c3:c8:79:
d2:5f:01:d7:77:73:59:1d:be:b3:f7:da:38:36:01:
65:6e:9b:fe:16:f9:4a:3d:cc:d5:af:61:cc:c9:c7:
3e:fe:ea:52:91:7e:57:6b:0a:0b:85:ef:ef:80:5d:
4a:59:a0:0e:47:d4:1f:62:c3:1a:bf:eb:2d:2d:c5:
42:f1:53:3f:99:f0:c8:21:eb:92:5f:ba:10:d3:4e:
60:df:5a:c8:18:e0:dc:27:6c:33:a0:7b:05:6c:81:
b7:7a:76:65:67:c1:7d:f2:7f:ac:2b:1b:79:40:b6:
e0:9d:d1:be:b5:05:fc:02:32:fc:b1:56:1a:f5:c3:
73:92:60:14:0a:dd:53:53:4b:6c:e2:6a:ef:72:75:
8f:25:14:2a:00:2f:7c:37:c4:50:05:a1:4b:68:97:
92:6a:82:2f:22:7a:c8:ce:78:bd:66:48:c0:9d:0f:
61:c6:19:29:32:b3:96:d6:b6:4d:a6:59:96:16:15:
48:45:e4:05:ec:7f:87:8f:11:39:b8:c6:63:8b:3d:
b2:48:a7:29:0d:4d:79:a1:be:6d:4f:07:a7:21:ca:
ca:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:91:D4:F8:2F:E5:20:F1:98:58:45:35:D3:00:9A:87:ED:6A:7A:65
X509v3 Authority Key Identifier:
keyid:29:FF:15:58:1B:B9:04:F1:B9:05:38:74:21:18:B0:1F:9E:FA:A6:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/jZHU-C_lIPGYWEU10wCah-1qemU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Kf8VWBu5BPG5BTh0IRiwH576pmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.91.0/24
Signature Algorithm: sha256WithRSAEncryption
71:4d:30:27:06:1a:fc:a0:93:66:16:08:53:a0:cd:5d:4d:df:
82:97:8c:43:98:82:13:43:e8:19:23:9c:1b:f0:53:c6:6a:22:
78:6a:30:fe:9b:00:d8:27:3d:f9:69:4d:38:e5:52:ac:28:f4:
84:90:de:dd:61:86:d9:86:83:f8:09:64:20:72:2e:8e:f6:f7:
72:05:de:42:3e:9f:f8:66:ad:62:83:b2:70:be:c1:0c:a1:38:
36:59:89:0f:57:f0:15:67:95:42:2c:fd:81:25:0e:b3:2b:b6:
a4:3a:c0:3b:e3:05:5f:2e:44:bb:0f:30:b8:6b:1c:21:62:96:
4b:f2:76:2d:98:d9:0a:e2:47:0d:35:b1:99:e0:50:cc:33:ce:
da:0c:e8:0b:43:df:0e:5b:61:21:dd:3f:10:c4:6b:a3:7b:81:
4b:e2:00:aa:07:85:80:ce:37:9d:c4:69:1c:f8:41:18:88:b4:
65:19:a1:c4:3f:2e:53:44:1a:fb:15:8c:b8:b2:31:c1:ab:b9:
f7:cf:bb:46:14:2e:7b:9e:3a:d9:09:57:51:78:d4:10:90:f3:
e3:4b:f5:69:2a:55:17:35:0b:7f:c4:89:c4:72:2f:99:ec:78:
a0:40:91:1b:45:07:f6:c1:55:b2:5a:87:a3:26:5b:43:fa:13:
81:9b:f2:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjA8jilrL9PMrKaOFcwGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmYxNTU4MWJiOTA0ZjFiOTA1Mzg3NDIxMThiMDFmOWVm
YWE2NjIwHhcNMjMwMTAyMDgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDkxZDRmODJmZTUyMGYxOTg1ODQ1MzVkMzAwOWE4N2VkNmE3YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhKTV0WkQyHfcPHgrtr/HbQwDb/4
9s2JkNSVB1D6kp5KiD1VxURGmeLDyHnSXwHXd3NZHb6z99o4NgFlbpv+FvlKPczV
r2HMycc+/upSkX5XawoLhe/vgF1KWaAOR9QfYsMav+stLcVC8VM/mfDIIeuSX7oQ
005g31rIGODcJ2wzoHsFbIG3enZlZ8F98n+sKxt5QLbgndG+tQX8AjL8sVYa9cNz
kmAUCt1TU0ts4mrvcnWPJRQqAC98N8RQBaFLaJeSaoIvInrIzni9ZkjAnQ9hxhkp
MrOW1rZNplmWFhVIReQF7H+HjxE5uMZjiz2ySKcpDU15ob5tTwenIcrK6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2R1Pgv5SDxmFhFNdMAmoftanplMB8GA1UdIwQY
MBaAFCn/FVgbuQTxuQU4dCEYsB+e+qZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y4VldCdTVCUEc1QlRoMElSaXdINTc2cG1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kYjYyMzEtM2E3YS00ODRkLThiZWUt
M2I4ZDhiNzZiN2Y2LzEvalpIVS1DX2xJUEdZV0VVMTB3Q2FoLTFxZW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kYjYyMzEtM2E3YS00ODRkLThiZWUtM2I4ZDhiNzZiN2Y2
LzEvS2Y4VldCdTVCUEc1QlRoMElSaXdINTc2cG1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99bMA0G
CSqGSIb3DQEBCwUAA4IBAQBxTTAnBhr8oJNmFghToM1dTd+Cl4xDmIITQ+gZI5wb
8FPGaiJ4ajD+mwDYJz35aU045VKsKPSEkN7dYYbZhoP4CWQgci6O9vdyBd5CPp/4
Zq1ig7JwvsEMoTg2WYkPV/AVZ5VCLP2BJQ6zK7akOsA74wVfLkS7DzC4axwhYpZL
8nYtmNkK4kcNNbGZ4FDMM87aDOgLQ98OW2Eh3T8QxGuje4FL4gCqB4WAzjedxGkc
+EEYiLRlGaHEPy5TRBr7FYy4sjHBq7n3z7tGFC57njrZCVdReNQQkPPjS/VpKlUX
NQt/xInEci+Z7HigQJEbRQf2wVWyWoejJltD+hOBm/KJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:34 2025 by rpki-client