Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/yQ2vnoTs4Aox9M3JEZPgLvo_5G4.roa
File: yQ2vnoTs4Aox9M3JEZPgLvo_5G4.roa (raw, json)
Hash identifier: xj0Iz+o2CBFVGTB6EA9BDZY+6EsT8tju46XbQZ9ojxk=
Subject key identifier: C9:0D:AF:9E:84:EC:E0:0A:31:F4:CD:C9:11:93:E0:2E:FA:3F:E4:6E
Certificate issuer: /CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Certificate serial: 018570950018407E1911A9396E4F2990E892
Authority key identifier: 68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/yQ2vnoTs4Aox9M3JEZPgLvo_5G4.roa
Signing time: Mon 02 Jan 2023 03:44:51 +0000
ROA not before: Mon 02 Jan 2023 03:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21473
IP address blocks: 91.198.196.0/24 maxlen: 24
2a0f:8840::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:00:18:40:7e:19:11:a9:39:6e:4f:29:90:e8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Validity
Not Before: Jan 2 03:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c90daf9e84ece00a31f4cdc91193e02efa3fe46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:5e:8f:95:00:7c:04:49:22:ef:5e:37:cb:
cd:c5:af:af:08:b8:92:5c:b6:b5:0f:31:f0:3a:d0:
09:6a:1b:a1:a3:7f:83:4f:f8:4c:0a:42:2b:2c:93:
91:9f:4d:36:6e:a2:3a:3c:66:45:fb:a3:26:40:b1:
28:cd:36:5c:39:5b:6a:04:80:ef:63:bb:45:6b:6f:
de:19:8a:10:17:42:07:03:65:4c:99:7c:e4:2b:22:
6f:19:4a:eb:b4:a5:41:f5:6e:f0:f4:aa:48:9d:b5:
a9:e1:6a:d0:1a:14:17:ef:5d:ae:43:f1:d9:25:e2:
a2:4f:4f:5b:d6:d2:8d:9c:f5:4b:84:65:7b:87:72:
d5:35:dc:00:27:4f:4f:11:73:c2:01:ef:8f:1a:d2:
e2:b1:80:0e:12:18:3b:aa:02:72:ff:a6:12:02:8b:
a9:db:76:9b:4e:c8:e9:f3:d2:0c:76:f7:bf:23:0c:
6f:e9:f2:e7:27:03:8f:d6:fb:ca:ce:34:82:ff:20:
5b:f6:90:3e:89:3e:d6:10:aa:26:c7:b9:1d:36:1e:
42:d0:8e:41:90:51:39:29:db:21:f7:15:79:4c:4f:
4f:a4:b6:42:c5:65:98:d3:09:65:f4:24:80:b8:28:
7f:f8:12:e4:ef:6a:ce:e7:7b:26:13:e9:16:85:bc:
c8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0D:AF:9E:84:EC:E0:0A:31:F4:CD:C9:11:93:E0:2E:FA:3F:E4:6E
X509v3 Authority Key Identifier:
keyid:68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/yQ2vnoTs4Aox9M3JEZPgLvo_5G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.196.0/24
IPv6:
2a0f:8840::/30
Signature Algorithm: sha256WithRSAEncryption
a8:f5:11:56:9c:1c:46:3e:d6:5a:14:67:45:6b:74:3c:9a:92:
e1:8c:54:28:3a:f8:c1:49:42:36:f2:00:2e:83:89:5f:e0:02:
66:0d:3a:7e:64:10:8a:ea:fc:21:24:b4:08:0c:97:2a:0a:d9:
79:55:b8:6e:e9:a8:b6:27:aa:3e:8b:a3:92:8f:a8:1d:92:9e:
b0:d8:05:c5:2e:d7:bb:22:1b:fd:8f:70:63:bf:15:29:2e:52:
65:e9:0f:5d:f1:0e:7b:0a:cd:69:06:2a:cf:96:30:98:43:8a:
fc:3d:eb:bb:52:09:55:e2:c0:6e:41:8e:71:64:23:fa:47:39:
8f:fb:d5:2e:a2:61:1c:57:b9:7f:5e:4d:9a:28:64:62:52:5f:
0f:98:88:10:db:39:c8:c4:2c:56:72:8a:6a:44:8a:53:77:6f:
92:bf:8a:51:75:91:01:bb:f7:7a:79:4a:9d:3d:a4:49:55:fd:
3d:88:a6:4e:67:64:fe:00:7b:5a:33:23:05:0e:38:58:df:b4:
80:fb:05:23:62:41:0d:f4:ef:85:f0:da:ba:8f:c0:f0:0b:86:
38:19:41:24:27:d6:57:e8:b1:53:a9:81:87:07:1b:b7:c1:17:
bd:57:1d:e6:db:28:b9:45:f0:dc:54:46:62:9d:cc:49:6f:84:
4e:e0:cd:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwlQAYQH4ZEak5bk8pkOiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTc5NzIyYzNhMGNiMGMzMzUxYzU5NWRmYTNkN2VhZDgx
ZjE2YmYwHhcNMjMwMTAyMDM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBkYWY5ZTg0ZWNlMDBhMzFmNGNkYzkxMTkzZTAyZWZhM2ZlNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7Rej5UAfARJIu9eN8vNxa+vCLiS
XLa1DzHwOtAJahuho3+DT/hMCkIrLJORn002bqI6PGZF+6MmQLEozTZcOVtqBIDv
Y7tFa2/eGYoQF0IHA2VMmXzkKyJvGUrrtKVB9W7w9KpInbWp4WrQGhQX712uQ/HZ
JeKiT09b1tKNnPVLhGV7h3LVNdwAJ09PEXPCAe+PGtLisYAOEhg7qgJy/6YSAoup
23abTsjp89IMdve/Iwxv6fLnJwOP1vvKzjSC/yBb9pA+iT7WEKomx7kdNh5C0I5B
kFE5Kdsh9xV5TE9PpLZCxWWY0wll9CSAuCh/+BLk72rO53smE+kWhbzIdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMkNr56E7OAKMfTNyRGT4C76P+RuMB8GA1UdIwQY
MBaAFGhXlyLDoMsMM1HFld+j1+rYHxa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgt
OWY1NTk3YjU2Yjc2LzEveVEydm5vVHM0QW94OU0zSkVaUGdMdm9fNUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgtOWY1NTk3YjU2Yjc2
LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8bEMA0E
AgACMAcDBQIqD4hAMA0GCSqGSIb3DQEBCwUAA4IBAQCo9RFWnBxGPtZaFGdFa3Q8
mpLhjFQoOvjBSUI28gAug4lf4AJmDTp+ZBCK6vwhJLQIDJcqCtl5Vbhu6ai2J6o+
i6OSj6gdkp6w2AXFLte7Ihv9j3BjvxUpLlJl6Q9d8Q57Cs1pBirPljCYQ4r8Peu7
UglV4sBuQY5xZCP6RzmP+9UuomEcV7l/Xk2aKGRiUl8PmIgQ2znIxCxWcopqRIpT
d2+Sv4pRdZEBu/d6eUqdPaRJVf09iKZOZ2T+AHtaMyMFDjhY37SA+wUjYkEN9O+F
8Nq6j8DwC4Y4GUEkJ9ZX6LFTqYGHBxu3wRe9Vx3m2yi5RfDcVEZincxJb4RO4M17
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:46 2025 by rpki-client