Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ab1c11-9d9f-4c58-9993-561d5ff8dc0e/1/r1SSpV78nPt8p9Ls_I-31_fn2vA.roa
File: r1SSpV78nPt8p9Ls_I-31_fn2vA.roa (raw, json)
Hash identifier: uaOYon0eqST9EnyX1ox8CQz4z7q7E6Lahl3z4pVwohk=
Subject key identifier: AF:54:92:A5:5E:FC:9C:FB:7C:A7:D2:EC:FC:8F:B7:D7:F7:E7:DA:F0
Certificate issuer: /CN=7908de202e174cb23746dcbdeea8a9d449580019
Certificate serial: 01856C1C953CB902509661869A510770704B
Authority key identifier: 79:08:DE:20:2E:17:4C:B2:37:46:DC:BD:EE:A8:A9:D4:49:58:00:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eQjeIC4XTLI3Rty97qip1ElYABk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ab1c11-9d9f-4c58-9993-561d5ff8dc0e/1/r1SSpV78nPt8p9Ls_I-31_fn2vA.roa
Signing time: Sun 01 Jan 2023 06:54:50 +0000
ROA not before: Sun 01 Jan 2023 06:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42981
IP address blocks: 91.196.8.0/22 maxlen: 24
185.153.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:95:3c:b9:02:50:96:61:86:9a:51:07:70:70:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7908de202e174cb23746dcbdeea8a9d449580019
Validity
Not Before: Jan 1 06:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af5492a55efc9cfb7ca7d2ecfc8fb7d7f7e7daf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:55:cf:4a:c9:7f:5a:8c:c4:60:d4:c6:d2:e5:
f2:c9:43:2b:f4:84:51:1a:9d:56:d0:e2:96:c2:b2:
08:14:e0:51:4c:a8:2c:5a:63:3e:f2:06:46:34:91:
38:20:bb:88:b6:31:3e:c0:b9:b1:75:5b:c2:8c:96:
45:5b:76:f3:0d:73:8a:9f:b6:0f:8a:05:5e:3a:62:
17:53:23:d1:72:21:e5:d4:59:ec:d5:52:dd:34:dd:
b7:70:0a:77:29:a0:79:60:63:0e:0c:0b:24:73:a8:
bc:15:f6:e9:ca:b7:06:8d:56:39:c3:e0:34:68:85:
df:63:17:9e:9b:42:39:6a:80:33:5f:0f:83:cb:b1:
af:8d:61:4e:f2:ac:14:33:a0:63:80:45:75:51:58:
47:5c:75:56:ff:d0:cf:62:50:10:87:52:48:69:5e:
91:48:d9:cb:ef:dc:20:ec:a3:35:ca:0c:7d:14:c3:
1d:1c:67:2f:7d:30:ea:1a:ff:3c:ed:73:76:73:a0:
c5:99:1c:24:3e:85:77:c2:3b:04:50:44:db:4d:81:
2b:85:d2:81:ba:a6:1f:78:f0:5a:de:bf:1e:68:a6:
3e:76:71:35:8d:5c:af:1f:9c:f5:95:e4:90:76:90:
0b:41:01:32:0c:f3:eb:f4:bf:e9:9c:6b:68:b2:38:
8b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:54:92:A5:5E:FC:9C:FB:7C:A7:D2:EC:FC:8F:B7:D7:F7:E7:DA:F0
X509v3 Authority Key Identifier:
keyid:79:08:DE:20:2E:17:4C:B2:37:46:DC:BD:EE:A8:A9:D4:49:58:00:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQjeIC4XTLI3Rty97qip1ElYABk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ab1c11-9d9f-4c58-9993-561d5ff8dc0e/1/r1SSpV78nPt8p9Ls_I-31_fn2vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ab1c11-9d9f-4c58-9993-561d5ff8dc0e/1/eQjeIC4XTLI3Rty97qip1ElYABk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.8.0/22
185.153.36.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:7c:1e:f9:3c:30:7b:00:74:85:a0:b1:f0:31:e1:7d:25:3a:
92:6d:9e:e2:b3:84:56:d0:00:48:b4:5b:4a:91:5b:06:8c:76:
71:73:40:4d:37:34:f4:b3:92:c2:6c:a5:74:22:d3:3b:95:ad:
c3:9a:41:6e:ee:b9:5f:fe:5a:f0:b7:d8:df:87:5a:9a:cc:de:
83:5f:a9:42:51:a9:fb:1c:2b:e6:44:4c:9e:c3:44:1f:dc:ec:
df:03:85:ef:04:4c:8c:c3:37:08:b9:e4:05:1c:10:a1:85:21:
9f:ab:e9:61:42:c5:56:d9:6e:ed:18:1e:fd:92:70:d6:cb:de:
14:04:0e:97:c1:ab:c5:08:fc:f5:a1:66:54:19:bf:0c:4f:f2:
26:86:0b:14:87:66:2b:81:f0:99:6a:d6:f4:7e:ee:54:0b:3e:
5e:a4:e3:bc:84:5f:26:94:3b:f6:b2:6c:3c:07:23:ec:bf:66:
a7:24:12:f7:2a:d2:97:db:e5:ee:1f:0e:1f:65:4a:07:e2:af:
d5:6b:19:91:25:ea:42:2b:e4:8d:d9:e7:ca:32:45:51:f0:d7:
07:54:64:ed:00:26:ae:b9:e8:ce:46:29:73:9c:4b:b7:a8:0b:
92:5f:5d:42:b7:f4:45:5a:19:9c:de:fe:48:db:d7:f1:16:98:
2a:8c:df:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsHJU8uQJQlmGGmlEHcHBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MDhkZTIwMmUxNzRjYjIzNzQ2ZGNiZGVlYThhOWQ0NDk1
ODAwMTkwHhcNMjMwMTAxMDY1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU0OTJhNTVlZmM5Y2ZiN2NhN2QyZWNmYzhmYjdkN2Y3ZTdkYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1XPSsl/WozEYNTG0uXyyUMr9IRR
Gp1W0OKWwrIIFOBRTKgsWmM+8gZGNJE4ILuItjE+wLmxdVvCjJZFW3bzDXOKn7YP
igVeOmIXUyPRciHl1Fns1VLdNN23cAp3KaB5YGMODAskc6i8FfbpyrcGjVY5w+A0
aIXfYxeem0I5aoAzXw+Dy7GvjWFO8qwUM6BjgEV1UVhHXHVW/9DPYlAQh1JIaV6R
SNnL79wg7KM1ygx9FMMdHGcvfTDqGv887XN2c6DFmRwkPoV3wjsEUETbTYErhdKB
uqYfePBa3r8eaKY+dnE1jVyvH5z1leSQdpALQQEyDPPr9L/pnGtosjiLXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9UkqVe/Jz7fKfS7PyPt9f359rwMB8GA1UdIwQY
MBaAFHkI3iAuF0yyN0bcve6oqdRJWAAZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVFqZUlDNFhUTEkzUnR5OTdxaXAxRWxZQUJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9hYjFjMTEtOWQ5Zi00YzU4LTk5OTMt
NTYxZDVmZjhkYzBlLzEvcjFTU3BWNzhuUHQ4cDlMc19JLTMxX2ZuMnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9hYjFjMTEtOWQ5Zi00YzU4LTk5OTMtNTYxZDVmZjhkYzBl
LzEvZVFqZUlDNFhUTEkzUnR5OTdxaXAxRWxZQUJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8QIAwQC
uZkkMA0GCSqGSIb3DQEBCwUAA4IBAQA7fB75PDB7AHSFoLHwMeF9JTqSbZ7is4RW
0ABItFtKkVsGjHZxc0BNNzT0s5LCbKV0ItM7la3DmkFu7rlf/lrwt9jfh1qazN6D
X6lCUan7HCvmREyew0Qf3OzfA4XvBEyMwzcIueQFHBChhSGfq+lhQsVW2W7tGB79
knDWy94UBA6XwavFCPz1oWZUGb8MT/ImhgsUh2YrgfCZatb0fu5UCz5epOO8hF8m
lDv2smw8ByPsv2anJBL3KtKX2+XuHw4fZUoH4q/VaxmRJepCK+SN2efKMkVR8NcH
VGTtACauuejORilznEu3qAuSX11Ct/RFWhmc3v5I29fxFpgqjN8y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:11 2025 by rpki-client