Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/Ma9zstXJVAA530VcGe72cb3D-5c.roa
File: Ma9zstXJVAA530VcGe72cb3D-5c.roa (raw, json)
Hash identifier: 2C3RL0lTW0TXEkcojdAdnsVP5GcPxLHTa68KH7D9kE8=
Subject key identifier: 31:AF:73:B2:D5:C9:54:00:39:DF:45:5C:19:EE:F6:71:BD:C3:FB:97
Certificate issuer: /CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Certificate serial: 06BFBC8A
Authority key identifier: 65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/Ma9zstXJVAA530VcGe72cb3D-5c.roa
Signing time: Sat 01 Jan 2022 12:03:48 +0000
ROA not before: Sat 01 Jan 2022 12:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 91.208.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113228938 (0x6bfbc8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Validity
Not Before: Jan 1 12:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31af73b2d5c9540039df455c19eef671bdc3fb97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:11:d3:39:20:ec:cc:3e:64:9a:47:6b:ff:47:
2c:37:9a:e0:e7:39:01:e5:06:c6:15:a7:01:b7:e4:
d5:75:43:3a:e0:24:c0:d2:ac:df:7e:ba:5d:ae:7e:
44:ac:f5:73:80:91:3f:97:b7:b6:d9:7a:4a:74:02:
78:57:ba:29:7c:98:f8:f7:a2:ac:94:36:56:ef:b1:
b6:04:bf:af:5b:e5:15:12:b8:67:e6:8a:1b:f8:f6:
c1:f8:95:96:15:91:bf:30:d2:09:b0:a3:76:de:cc:
26:d1:5b:68:cb:c3:65:02:9a:73:4c:9b:09:97:ec:
62:5b:93:0c:b7:e8:3f:f1:8f:c9:10:be:65:d3:3a:
c4:02:14:32:0a:25:90:b4:e1:24:d8:52:a8:e8:9b:
22:bb:35:6e:f9:fd:68:39:27:75:c9:c1:60:0f:2f:
99:d2:94:52:4e:0e:83:3c:26:2a:cd:0e:a1:ce:b3:
52:d1:a4:7f:aa:2a:4a:d9:31:19:cf:4b:20:26:5c:
93:db:df:a6:80:0a:f1:63:c2:26:68:d4:19:3f:f4:
45:ed:cc:4f:7c:1a:57:1e:46:c3:1e:50:3d:0a:f6:
f1:8e:ef:a7:0b:d1:1c:ba:7a:4d:c2:93:7b:dc:0d:
d2:f9:43:3c:2b:d4:3c:15:b6:cf:44:7f:0f:5e:c5:
6b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AF:73:B2:D5:C9:54:00:39:DF:45:5C:19:EE:F6:71:BD:C3:FB:97
X509v3 Authority Key Identifier:
keyid:65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/Ma9zstXJVAA530VcGe72cb3D-5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.105.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:73:d3:52:de:f1:35:ac:7f:a1:ab:17:0f:30:4b:7a:a4:29:
3f:d9:e2:af:fd:bf:f1:a8:a9:93:66:35:be:0e:24:eb:00:d4:
9b:71:ca:e7:a9:9f:a6:50:53:d7:9c:ec:00:cf:43:0f:d3:96:
41:86:61:ef:03:c5:c9:95:a5:bc:75:2c:90:8f:85:f0:f8:6c:
3b:b0:1e:98:05:2c:7c:f5:ea:9e:04:cc:97:6f:aa:1c:af:b1:
37:a1:9d:64:ee:78:f4:ba:91:22:f4:20:b8:bd:de:9c:a1:c6:
62:14:48:38:cd:c7:e4:09:d5:59:0a:06:e3:be:51:93:cb:45:
b2:f1:fa:9d:6c:32:fa:5f:e2:ed:07:15:f2:10:a5:e0:a9:fa:
53:f6:f7:45:5b:6b:3b:84:37:20:39:73:49:8b:44:12:46:c9:
b3:09:dc:b1:9c:11:31:7e:7f:2b:26:8e:2f:ee:2e:2a:76:00:
6f:d3:ab:d8:8f:00:d7:34:9a:0a:2c:24:f7:88:40:8b:cd:b1:
b6:94:d5:12:52:f5:b8:02:ea:e1:07:87:c3:29:3e:db:2b:18:
dc:e8:3f:e4:ef:57:ab:ff:40:cb:f9:08:9d:d6:f5:a2:4f:cc:
ef:b6:e8:84:13:a6:bc:81:17:69:6b:65:21:88:1c:ac:bb:34:
26:b7:e2:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBr+8ijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTZjYzI1MDEyZTNhNGM4YjE2MjZkZDc1N2M3YjA1MTBlNDU3MzQxMB4XDTIyMDEw
MTEyMDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFhZjczYjJkNWM5
NTQwMDM5ZGY0NTVjMTllZWY2NzFiZGMzZmI5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsR0zkg7Mw+ZJpHa/9HLDea4Oc5AeUGxhWnAbfk1XVDOuAk
wNKs3366Xa5+RKz1c4CRP5e3ttl6SnQCeFe6KXyY+PeirJQ2Vu+xtgS/r1vlFRK4
Z+aKG/j2wfiVlhWRvzDSCbCjdt7MJtFbaMvDZQKac0ybCZfsYluTDLfoP/GPyRC+
ZdM6xAIUMgolkLThJNhSqOibIrs1bvn9aDkndcnBYA8vmdKUUk4OgzwmKs0Ooc6z
UtGkf6oqStkxGc9LICZck9vfpoAK8WPCJmjUGT/0Re3MT3waVx5Gwx5QPQr28Y7v
pwvRHLp6TcKTe9wN0vlDPCvUPBW2z0R/D17Fa4kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxr3Oy1clUADnfRVwZ7vZxvcP7lzAfBgNVHSMEGDAWgBRlbMJQEuOkyLFi
bddXx7BRDkVzQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pXekNVQkxqcE1peFltM1hWOGV3VVE1RmMwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNmRiNDZkLWJjMmQtNDVkNy1hMjc5LTgyMDMyNWY1M2NjYi8x
L01hOXpzdFhKVkFBNTMwVmNHZTcyY2IzRC01Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NmRiNDZkLWJjMmQtNDVkNy1hMjc5LTgyMDMyNWY1M2NjYi8xL1pXekNVQkxqcE1p
eFltM1hWOGV3VVE1RmMwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQaTANBgkqhkiG9w0BAQsFAAOC
AQEAvXPTUt7xNax/oasXDzBLeqQpP9nir/2/8aipk2Y1vg4k6wDUm3HK56mfplBT
15zsAM9DD9OWQYZh7wPFyZWlvHUskI+F8PhsO7AemAUsfPXqngTMl2+qHK+xN6Gd
ZO549LqRIvQguL3enKHGYhRIOM3H5AnVWQoG475Rk8tFsvH6nWwy+l/i7QcV8hCl
4Kn6U/b3RVtrO4Q3IDlzSYtEEkbJswncsZwRMX5/KyaOL+4uKnYAb9Or2I8A1zSa
Ciwk94hAi82xtpTVElL1uALq4QeHwyk+2ysY3Og/5O9Xq/9Ay/kIndb1ok/M77bo
hBOmvIEXaWtlIYgcrLs0JrfiRQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:25 2025 by rpki-client