Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/db8a11-cadd-459c-b59f-9bf37ec98bb0/1/kCWyP3AJ0sHZt_xe9mISCaG758c.roa
File: kCWyP3AJ0sHZt_xe9mISCaG758c.roa (raw, json)
Hash identifier: MWQA1ggltjCby/V4jDZONHf15f4lcjY8dPGMOg6RA9g=
Subject key identifier: 90:25:B2:3F:70:09:D2:C1:D9:B7:FC:5E:F6:62:12:09:A1:BB:E7:C7
Certificate issuer: /CN=14644dd0a81c63073f2c51bc976e11fa9c615c51
Certificate serial: 0185703069FA4ED72E0BD48E672AE47CF246
Authority key identifier: 14:64:4D:D0:A8:1C:63:07:3F:2C:51:BC:97:6E:11:FA:9C:61:5C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FGRN0KgcYwc_LFG8l24R-pxhXFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/db8a11-cadd-459c-b59f-9bf37ec98bb0/1/kCWyP3AJ0sHZt_xe9mISCaG758c.roa
Signing time: Mon 02 Jan 2023 01:54:59 +0000
ROA not before: Mon 02 Jan 2023 01:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61283
IP address blocks: 91.233.83.0/24 maxlen: 24
2001:67c:1530::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:69:fa:4e:d7:2e:0b:d4:8e:67:2a:e4:7c:f2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14644dd0a81c63073f2c51bc976e11fa9c615c51
Validity
Not Before: Jan 2 01:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9025b23f7009d2c1d9b7fc5ef6621209a1bbe7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e5:4a:69:39:2d:48:73:0a:0f:cb:41:17:73:
13:a0:a2:09:f6:8e:fd:25:36:2f:da:e0:74:24:6e:
11:f6:c6:3c:ac:4d:21:1b:5f:98:2a:ab:dd:e5:d2:
e3:37:ea:92:57:dc:3f:a4:1e:3e:66:00:e1:80:4e:
75:bd:3a:de:1f:5b:d2:63:bb:8c:8e:9b:39:c1:7b:
b8:a5:6c:dc:b3:e2:b9:25:c0:a3:1a:70:eb:1d:01:
0b:83:a8:94:89:ea:20:c5:e0:d4:99:8a:07:33:b8:
19:0c:46:32:1c:c8:67:f9:32:69:d4:c6:dd:11:a6:
86:b1:76:94:d3:73:cd:85:62:ba:37:8b:89:7a:38:
4e:fb:cf:34:2b:a5:72:59:f4:24:1b:4b:6e:66:83:
96:1a:37:76:ef:a3:d5:f7:4d:b4:9b:f9:a6:c5:89:
58:3c:e0:87:fe:72:b4:73:cb:b0:b8:64:e9:20:07:
56:ab:34:ce:6d:b7:f6:6b:6e:6d:50:55:e1:35:d1:
29:7a:c9:21:3f:95:49:7e:7b:ae:ad:a4:9f:93:8a:
7d:3c:ef:35:5e:1d:1b:0b:a6:4e:2d:80:1e:11:ed:
58:2b:9a:5b:cb:ca:2e:14:7c:8a:f8:f2:86:b1:5f:
12:be:a7:cb:72:c2:c4:27:f4:4c:d2:a9:a3:0e:3d:
a3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:25:B2:3F:70:09:D2:C1:D9:B7:FC:5E:F6:62:12:09:A1:BB:E7:C7
X509v3 Authority Key Identifier:
keyid:14:64:4D:D0:A8:1C:63:07:3F:2C:51:BC:97:6E:11:FA:9C:61:5C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FGRN0KgcYwc_LFG8l24R-pxhXFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db8a11-cadd-459c-b59f-9bf37ec98bb0/1/kCWyP3AJ0sHZt_xe9mISCaG758c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db8a11-cadd-459c-b59f-9bf37ec98bb0/1/FGRN0KgcYwc_LFG8l24R-pxhXFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.83.0/24
IPv6:
2001:67c:1530::/48
Signature Algorithm: sha256WithRSAEncryption
a2:0d:c0:00:27:a6:9b:64:80:f1:d4:91:3b:67:be:b1:6c:d9:
39:bb:b1:a7:69:e1:6e:2d:17:9b:6e:78:1b:b0:6b:f0:44:f7:
31:68:65:9d:90:5e:c7:f9:46:c4:af:4d:d7:f6:73:29:cf:9f:
f0:f7:d6:51:1c:09:b5:4b:4a:26:67:0f:90:01:2b:ad:0b:88:
be:60:ed:18:6f:14:bb:af:b6:07:cd:30:33:93:10:3d:79:55:
13:3a:e5:2a:18:2d:5c:bc:e6:16:ce:76:bc:6f:22:95:50:01:
26:1a:2d:17:6a:8d:ce:f5:51:8f:48:ff:59:a0:b6:c9:bf:44:
02:1f:48:8b:d2:9d:89:cd:86:7a:15:bc:2f:e9:ed:c9:a5:07:
34:65:c3:8e:82:26:ab:4d:b5:79:05:b7:2f:84:76:39:a4:d8:
3e:2e:73:5a:ef:a5:09:f6:fe:df:b4:d7:61:d2:46:53:8a:07:
06:8e:0c:a5:c0:0c:f8:72:c7:3e:a3:84:f8:0f:08:63:d0:79:
df:da:a6:02:f1:c1:29:89:de:65:2a:96:8b:53:da:cb:f1:3c:
45:ba:7c:c5:1f:01:ad:42:94:f4:43:f2:49:66:4c:3d:fa:00:
03:69:82:ad:f6:82:b7:24:ff:44:45:5b:3c:de:40:08:6c:19:
23:b1:59:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwMGn6TtcuC9SOZyrkfPJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NjQ0ZGQwYTgxYzYzMDczZjJjNTFiYzk3NmUxMWZhOWM2
MTVjNTEwHhcNMjMwMTAyMDE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDI1YjIzZjcwMDlkMmMxZDliN2ZjNWVmNjYyMTIwOWExYmJlN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteVKaTktSHMKD8tBF3MToKIJ9o79
JTYv2uB0JG4R9sY8rE0hG1+YKqvd5dLjN+qSV9w/pB4+ZgDhgE51vTreH1vSY7uM
jps5wXu4pWzcs+K5JcCjGnDrHQELg6iUieogxeDUmYoHM7gZDEYyHMhn+TJp1Mbd
EaaGsXaU03PNhWK6N4uJejhO+880K6VyWfQkG0tuZoOWGjd276PV9020m/mmxYlY
POCH/nK0c8uwuGTpIAdWqzTObbf2a25tUFXhNdEpeskhP5VJfnuuraSfk4p9PO81
Xh0bC6ZOLYAeEe1YK5pby8ouFHyK+PKGsV8SvqfLcsLEJ/RM0qmjDj2jcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJAlsj9wCdLB2bf8XvZiEgmhu+fHMB8GA1UdIwQY
MBaAFBRkTdCoHGMHPyxRvJduEfqcYVxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkdSTjBLZ2NZd2NfTEZHOGwyNFItcHhoWEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kYjhhMTEtY2FkZC00NTljLWI1OWYt
OWJmMzdlYzk4YmIwLzEva0NXeVAzQUowc0hadF94ZTltSVNDYUc3NThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kYjhhMTEtY2FkZC00NTljLWI1OWYtOWJmMzdlYzk4YmIw
LzEvRkdSTjBLZ2NZd2NfTEZHOGwyNFItcHhoWEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+lTMA8E
AgACMAkDBwAgAQZ8FTAwDQYJKoZIhvcNAQELBQADggEBAKINwAAnpptkgPHUkTtn
vrFs2Tm7sadp4W4tF5tueBuwa/BE9zFoZZ2QXsf5RsSvTdf2cynPn/D31lEcCbVL
SiZnD5ABK60LiL5g7RhvFLuvtgfNMDOTED15VRM65SoYLVy85hbOdrxvIpVQASYa
LRdqjc71UY9I/1mgtsm/RAIfSIvSnYnNhnoVvC/p7cmlBzRlw46CJqtNtXkFty+E
djmk2D4uc1rvpQn2/t+012HSRlOKBwaODKXADPhyxz6jhPgPCGPQed/apgLxwSmJ
3mUqlotT2svxPEW6fMUfAa1ClPRD8klmTD36AANpgq32grck/0RFWzzeQAhsGSOx
WdY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:49 2025 by rpki-client