Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/yb1vQt1usa28J5Up5FiJ9v6tQy8.roa
File: yb1vQt1usa28J5Up5FiJ9v6tQy8.roa (raw, json)
Hash identifier: SzC820TESikyU8kKnZvLzkSUreBWxwp3lz7wlu95s7k=
Subject key identifier: C9:BD:6F:42:DD:6E:B1:AD:BC:27:95:29:E4:58:89:F6:FE:AD:43:2F
Certificate issuer: /CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Certificate serial: 01856FE721B59167575F203BCBEB59FED0B8
Authority key identifier: 65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/yb1vQt1usa28J5Up5FiJ9v6tQy8.roa
Signing time: Mon 02 Jan 2023 00:34:56 +0000
ROA not before: Mon 02 Jan 2023 00:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 91.208.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:21:b5:91:67:57:5f:20:3b:cb:eb:59:fe:d0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Validity
Not Before: Jan 2 00:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9bd6f42dd6eb1adbc279529e45889f6fead432f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7c:71:e5:d5:db:ed:32:7e:80:d5:b8:b8:d2:
a1:6a:55:c1:a8:33:dd:2b:de:5a:72:c6:a2:52:b4:
14:7f:c2:d4:72:5c:82:18:e7:eb:e3:36:7d:55:5c:
36:de:7f:36:7d:0a:29:5b:39:00:3d:e6:5c:47:4c:
ff:62:54:ae:c4:e0:ae:49:13:5c:4f:83:25:aa:2e:
50:3a:55:86:f6:c9:71:89:ec:83:8a:ad:75:46:5f:
d2:e6:8c:91:cf:51:7f:37:c9:c5:07:eb:3b:24:96:
f0:c8:5d:f3:dd:45:ae:a9:86:96:4b:ed:08:5d:f7:
c8:6f:eb:5c:dc:94:dd:62:74:77:99:5c:58:cc:2c:
31:ea:69:81:e4:af:b3:5e:16:b9:46:50:08:ae:d5:
c1:77:dc:1b:1e:e0:54:6c:df:52:1c:6f:e1:a5:e6:
1d:46:f3:65:55:46:6b:5c:81:d7:cc:7f:70:f4:67:
cf:e1:d2:60:e4:ed:2d:e7:fc:88:7a:66:f3:dc:87:
b0:2b:2d:54:48:3e:dc:9a:04:17:e5:8d:dd:43:13:
4c:60:32:0b:32:b2:b3:b2:c9:e9:02:63:6b:01:d3:
e6:1b:b3:5c:76:d6:32:47:94:b3:7b:41:f2:0d:16:
7a:bc:f8:aa:ae:a8:d4:af:53:c7:1d:44:79:bd:1c:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BD:6F:42:DD:6E:B1:AD:BC:27:95:29:E4:58:89:F6:FE:AD:43:2F
X509v3 Authority Key Identifier:
keyid:65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/yb1vQt1usa28J5Up5FiJ9v6tQy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.105.0/24
Signature Algorithm: sha256WithRSAEncryption
77:41:0f:2e:b5:9d:70:42:d5:a7:68:99:7c:19:76:70:32:bf:
0f:9e:3e:8d:83:96:f0:63:c0:92:cc:c0:5a:0f:f3:1b:2b:e6:
3b:16:81:df:e9:db:1d:85:1c:9d:e4:53:03:d9:31:de:0a:c9:
bb:85:db:06:77:c9:18:f1:bf:98:54:41:94:cc:f1:40:21:dc:
49:d2:df:99:7f:91:d5:9a:35:69:81:d7:3d:22:fc:ba:29:2f:
7c:2d:8d:ed:77:05:09:9c:bc:07:c4:9b:a8:9a:ed:64:3a:b9:
05:9e:62:5c:a3:27:09:be:25:4e:da:a5:b9:0c:a5:8b:25:c5:
82:61:6d:a8:ca:89:f0:8b:fc:7f:ba:e2:06:58:ee:6d:ab:6a:
96:35:de:4a:00:a8:c3:58:1b:46:1f:b9:87:e0:1d:36:e7:1d:
1d:b9:0c:44:10:96:ed:e4:29:53:75:e3:a7:66:50:2c:5b:34:
1f:d3:81:13:48:84:fb:bf:e4:56:91:c2:cf:9f:54:22:a1:6f:
98:bc:82:9b:39:b8:ab:b3:cb:d8:b2:5a:42:28:d3:b5:25:40:
b5:9e:46:e8:b3:b8:9f:e5:16:6c:b7:c0:2d:f8:2e:62:99:e1:
22:ed:ad:c7:3e:b2:93:c4:30:8f:1d:af:9e:5d:ab:0d:50:38:
94:c2:ac:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5yG1kWdXXyA7y+tZ/tC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmNjMjUwMTJlM2E0YzhiMTYyNmRkNzU3YzdiMDUxMGU0
NTczNDEwHhcNMjMwMTAyMDAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJkNmY0MmRkNmViMWFkYmMyNzk1MjllNDU4ODlmNmZlYWQ0MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3xx5dXb7TJ+gNW4uNKhalXBqDPd
K95acsaiUrQUf8LUclyCGOfr4zZ9VVw23n82fQopWzkAPeZcR0z/YlSuxOCuSRNc
T4Mlqi5QOlWG9slxieyDiq11Rl/S5oyRz1F/N8nFB+s7JJbwyF3z3UWuqYaWS+0I
XffIb+tc3JTdYnR3mVxYzCwx6mmB5K+zXha5RlAIrtXBd9wbHuBUbN9SHG/hpeYd
RvNlVUZrXIHXzH9w9GfP4dJg5O0t5/yIembz3IewKy1USD7cmgQX5Y3dQxNMYDIL
MrKzssnpAmNrAdPmG7NcdtYyR5Sze0HyDRZ6vPiqrqjUr1PHHUR5vRxIHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMm9b0LdbrGtvCeVKeRYifb+rUMvMB8GA1UdIwQY
MBaAFGVswlAS46TIsWJt11fHsFEORXNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzkt
ODIwMzI1ZjUzY2NiLzEveWIxdlF0MXVzYTI4SjVVcDVGaUo5djZ0UXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzktODIwMzI1ZjUzY2Ni
LzEvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BpMA0G
CSqGSIb3DQEBCwUAA4IBAQB3QQ8utZ1wQtWnaJl8GXZwMr8Pnj6Ng5bwY8CSzMBa
D/MbK+Y7FoHf6dsdhRyd5FMD2THeCsm7hdsGd8kY8b+YVEGUzPFAIdxJ0t+Zf5HV
mjVpgdc9Ivy6KS98LY3tdwUJnLwHxJuomu1kOrkFnmJcoycJviVO2qW5DKWLJcWC
YW2oyonwi/x/uuIGWO5tq2qWNd5KAKjDWBtGH7mH4B025x0duQxEEJbt5ClTdeOn
ZlAsWzQf04ETSIT7v+RWkcLPn1QioW+YvIKbObirs8vYslpCKNO1JUC1nkbos7if
5RZst8At+C5imeEi7a3HPrKTxDCPHa+eXasNUDiUwqys
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:01 2025 by rpki-client