Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/efGw2QGd6k7xWv12scOhvhKwrnE.roa
File: efGw2QGd6k7xWv12scOhvhKwrnE.roa (raw, json)
Hash identifier: Kuo3FuMthbiXAOC2aXHOXtVqQkmhoeJ2bY/iFOfN9ok=
Subject key identifier: 79:F1:B0:D9:01:9D:EA:4E:F1:5A:FD:76:B1:C3:A1:BE:12:B0:AE:71
Certificate issuer: /CN=ae3cc567febfe34878aeb913861cf0600a283903
Certificate serial: 018570DE4600D1AE5FD154EC01F3A6AA4675
Authority key identifier: AE:3C:C5:67:FE:BF:E3:48:78:AE:B9:13:86:1C:F0:60:0A:28:39:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjzFZ_6_40h4rrkThhzwYAooOQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/efGw2QGd6k7xWv12scOhvhKwrnE.roa
Signing time: Mon 02 Jan 2023 05:04:53 +0000
ROA not before: Mon 02 Jan 2023 05:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51881
IP address blocks: 91.220.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:46:00:d1:ae:5f:d1:54:ec:01:f3:a6:aa:46:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae3cc567febfe34878aeb913861cf0600a283903
Validity
Not Before: Jan 2 05:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79f1b0d9019dea4ef15afd76b1c3a1be12b0ae71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fd:00:b1:b0:fb:fc:0a:bd:84:dc:c5:68:0b:
4c:6a:7b:4e:e2:cb:21:a0:ec:50:da:5e:a3:93:a0:
ec:18:58:6a:e3:fd:b1:57:4f:4d:bc:a0:5d:65:47:
bc:7f:e3:65:14:13:28:1f:bb:fb:73:d6:a8:6d:e2:
7b:1f:b7:83:c6:d2:35:f3:96:f3:7c:74:2f:8a:09:
5b:ae:3c:25:18:ef:9a:64:2a:99:fa:bc:67:c5:9e:
10:8a:60:05:94:41:c3:14:65:74:73:86:03:da:0c:
85:46:c6:66:0c:5f:ad:9d:fd:cf:6a:a4:e8:be:40:
11:21:82:81:b5:71:7f:79:35:41:09:46:a3:8b:ef:
6c:ee:0c:36:69:24:2a:09:3d:74:de:db:b8:40:0e:
7f:a0:00:8b:a2:78:4d:88:c1:ca:ce:21:c1:ce:6e:
60:57:aa:63:48:60:a9:4f:b6:df:92:08:8d:49:35:
4b:ad:77:32:cd:cb:4e:70:53:20:e2:4c:c9:f5:14:
1a:e6:96:8b:95:de:7b:eb:eb:40:74:bb:3c:30:40:
39:40:ca:05:06:87:7e:c9:d6:0e:ce:51:9b:8c:f8:
c7:c2:36:3d:1b:27:31:ad:f5:d3:44:c5:a8:c2:b5:
e2:64:5b:e8:99:58:ec:9c:0a:31:31:ba:cd:1e:c2:
79:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F1:B0:D9:01:9D:EA:4E:F1:5A:FD:76:B1:C3:A1:BE:12:B0:AE:71
X509v3 Authority Key Identifier:
keyid:AE:3C:C5:67:FE:BF:E3:48:78:AE:B9:13:86:1C:F0:60:0A:28:39:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjzFZ_6_40h4rrkThhzwYAooOQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/efGw2QGd6k7xWv12scOhvhKwrnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/rjzFZ_6_40h4rrkThhzwYAooOQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.167.0/24
Signature Algorithm: sha256WithRSAEncryption
07:c7:e0:69:88:68:8e:5d:ed:24:f6:b0:f3:86:33:fe:c2:11:
f6:da:d7:e0:03:a3:32:eb:76:b1:b3:de:a5:f1:dc:95:96:06:
52:10:c7:9c:60:77:6a:87:30:e3:a2:af:d0:dc:01:62:a2:64:
98:d6:a0:f9:db:32:ea:83:a2:43:b8:16:ab:43:d3:0b:9d:81:
c7:83:7c:11:86:d6:cb:66:05:76:f3:a3:a9:ef:24:0b:df:62:
9c:df:80:ce:ec:be:7f:2d:91:e3:ce:80:f2:4d:30:7e:32:35:
09:ef:58:d0:90:2e:a1:44:fa:6a:74:5b:40:e6:33:02:f5:1a:
5d:b3:67:1c:50:f5:54:ef:e9:40:89:31:5d:c9:9f:9b:92:4f:
43:e8:03:70:4a:fe:a9:b9:9c:66:26:0a:f4:00:f4:bd:c8:37:
7f:61:67:5a:21:69:7e:3d:ca:2c:85:07:fe:78:18:89:83:1d:
f4:d4:30:3f:a1:92:2d:37:e2:23:4b:bc:55:90:37:a5:fe:cd:
7b:00:73:2c:29:80:bd:6c:37:25:2f:15:43:36:19:df:7a:5c:
eb:9a:46:05:d8:6c:75:92:86:f0:a6:55:b8:6e:4d:0a:e9:6f:
4e:23:8f:d0:12:b9:df:94:b5:01:5d:7f:13:1a:de:99:da:af:
e7:ff:c1:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3kYA0a5f0VTsAfOmqkZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlM2NjNTY3ZmViZmUzNDg3OGFlYjkxMzg2MWNmMDYwMGEy
ODM5MDMwHhcNMjMwMTAyMDUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWYxYjBkOTAxOWRlYTRlZjE1YWZkNzZiMWMzYTFiZTEyYjBhZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv0AsbD7/Aq9hNzFaAtMantO4ssh
oOxQ2l6jk6DsGFhq4/2xV09NvKBdZUe8f+NlFBMoH7v7c9aobeJ7H7eDxtI185bz
fHQviglbrjwlGO+aZCqZ+rxnxZ4QimAFlEHDFGV0c4YD2gyFRsZmDF+tnf3PaqTo
vkARIYKBtXF/eTVBCUaji+9s7gw2aSQqCT103tu4QA5/oACLonhNiMHKziHBzm5g
V6pjSGCpT7bfkgiNSTVLrXcyzctOcFMg4kzJ9RQa5paLld576+tAdLs8MEA5QMoF
Bod+ydYOzlGbjPjHwjY9GycxrfXTRMWowrXiZFvomVjsnAoxMbrNHsJ5ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHnxsNkBnepO8Vr9drHDob4SsK5xMB8GA1UdIwQY
MBaAFK48xWf+v+NIeK65E4Yc8GAKKDkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmp6RlpfNl80MGg0cnJrVGhoendZQW9vT1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yOTkyNzgtYzU3Yy00MzU0LWI5NjYt
OWZiMjI0YmU4YjA4LzEvZWZHdzJRR2Q2azd4V3YxMnNjT2h2aEt3cm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yOTkyNzgtYzU3Yy00MzU0LWI5NjYtOWZiMjI0YmU4YjA4
LzEvcmp6RlpfNl80MGg0cnJrVGhoendZQW9vT1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ynMA0G
CSqGSIb3DQEBCwUAA4IBAQAHx+BpiGiOXe0k9rDzhjP+whH22tfgA6My63axs96l
8dyVlgZSEMecYHdqhzDjoq/Q3AFiomSY1qD52zLqg6JDuBarQ9MLnYHHg3wRhtbL
ZgV286Op7yQL32Kc34DO7L5/LZHjzoDyTTB+MjUJ71jQkC6hRPpqdFtA5jMC9Rpd
s2ccUPVU7+lAiTFdyZ+bkk9D6ANwSv6puZxmJgr0APS9yDd/YWdaIWl+PcoshQf+
eBiJgx301DA/oZItN+IjS7xVkDel/s17AHMsKYC9bDclLxVDNhnfelzrmkYF2Gx1
kobwplW4bk0K6W9OI4/QErnflLUBXX8TGt6Z2q/n/8HM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:57 2025 by rpki-client