Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/i91fPrws9EPN7_ESGgpqTKuQ5RQ.roa
File: i91fPrws9EPN7_ESGgpqTKuQ5RQ.roa (raw, json)
Hash identifier: la7eqY12PECKdpzu68ZwnHhBLe3+qOHKsEa6sBIezKY=
Subject key identifier: 8B:DD:5F:3E:BC:2C:F4:43:CD:EF:F1:12:1A:0A:6A:4C:AB:90:E5:14
Certificate issuer: /CN=c9b59f41779e6f2435f59f1a171c080a5a7a44d2
Certificate serial: 01857139B3153FBCD5A1B3A384A648A4A3BB
Authority key identifier: C9:B5:9F:41:77:9E:6F:24:35:F5:9F:1A:17:1C:08:0A:5A:7A:44:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybWfQXeebyQ19Z8aFxwIClp6RNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/i91fPrws9EPN7_ESGgpqTKuQ5RQ.roa
Signing time: Mon 02 Jan 2023 06:44:44 +0000
ROA not before: Mon 02 Jan 2023 06:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210190
IP address blocks: 194.36.44.0/24 maxlen: 24
2a0d:8240::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:b3:15:3f:bc:d5:a1:b3:a3:84:a6:48:a4:a3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b59f41779e6f2435f59f1a171c080a5a7a44d2
Validity
Not Before: Jan 2 06:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bdd5f3ebc2cf443cdeff1121a0a6a4cab90e514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d7:36:25:8a:a2:67:1f:01:27:94:a9:d9:12:
dd:52:0e:d4:66:62:54:fe:dd:fb:5e:2f:c8:0c:f7:
23:f6:47:f4:f0:e3:8a:02:bd:ff:13:17:82:13:61:
88:ca:29:a7:3d:5b:fe:0e:e7:2a:db:86:a3:70:75:
0d:a0:05:6f:e9:1a:cb:3d:e4:a7:97:50:a0:8a:ee:
1a:92:90:b7:5d:eb:f3:1e:4c:c8:97:5d:4f:47:13:
98:cc:69:db:f5:2c:ed:f8:bf:36:46:b8:a0:1f:9e:
07:bb:bb:a6:e5:57:db:73:ea:ba:bf:89:a5:60:c8:
48:71:6f:1a:bf:6f:66:74:73:62:7d:4e:1c:7c:11:
b4:b8:de:c8:6f:bc:0e:0e:e6:c9:f9:4c:2f:09:24:
eb:e7:ca:b5:69:81:80:ca:17:fd:ab:99:6e:e4:69:
f6:54:57:6c:0e:79:d1:be:2c:38:7b:9b:65:81:ee:
b4:5f:09:fb:3f:20:fa:d4:80:13:9f:3e:88:d7:4d:
ed:bc:7a:74:02:6a:ac:eb:1c:0c:91:1b:c7:61:db:
d9:48:ea:0c:da:8b:da:5d:90:04:fc:83:fd:15:9e:
de:c8:73:b7:39:bd:8c:62:86:44:74:fb:99:bf:7d:
da:4f:54:a2:75:0b:83:94:75:b1:0e:b4:d6:56:d9:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DD:5F:3E:BC:2C:F4:43:CD:EF:F1:12:1A:0A:6A:4C:AB:90:E5:14
X509v3 Authority Key Identifier:
keyid:C9:B5:9F:41:77:9E:6F:24:35:F5:9F:1A:17:1C:08:0A:5A:7A:44:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybWfQXeebyQ19Z8aFxwIClp6RNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/i91fPrws9EPN7_ESGgpqTKuQ5RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/ybWfQXeebyQ19Z8aFxwIClp6RNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.44.0/24
IPv6:
2a0d:8240::/29
Signature Algorithm: sha256WithRSAEncryption
8b:5e:38:1d:f1:39:c5:53:90:fb:bb:a5:36:f9:a4:04:a7:f0:
4a:ad:29:4c:20:70:be:db:b2:1e:85:7b:78:d7:cd:e1:37:2d:
9f:e7:9a:44:ac:e4:51:22:dd:e3:54:a5:09:5f:8a:4b:00:55:
c5:17:ba:ce:69:e8:d5:3c:49:93:2f:8d:4e:22:e4:63:9f:98:
59:04:81:28:f7:bb:48:b9:ad:e8:8d:57:c5:ef:99:6d:0d:65:
3c:d1:0c:4e:46:b7:e8:a4:26:71:b7:32:a1:b9:26:75:0b:7f:
88:9e:9a:e3:72:56:30:30:5c:e2:3d:d5:40:a5:94:ca:63:c4:
db:82:0b:77:0d:c5:35:44:a7:59:4b:ec:6d:bd:f6:02:23:d9:
4e:0e:64:4a:e4:5e:e9:ac:ec:94:eb:bd:a2:6e:5e:4d:43:19:
fd:2d:90:f2:45:91:58:53:2d:f4:19:c6:71:48:10:ca:6c:b7:
b2:83:d3:e3:35:ca:d6:15:1a:2e:9e:f8:01:fd:21:f9:fa:2e:
11:a9:53:d7:2f:14:73:1a:51:0a:15:d8:97:9d:d0:0a:a5:6c:
dc:60:09:9b:ea:9a:9a:63:ff:40:37:d9:1a:5e:5a:e0:95:f7:
4d:1c:6e:9b:94:73:7e:ba:c3:13:d1:31:f6:fd:4c:83:de:32:
68:d6:d7:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxObMVP7zVobOjhKZIpKO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjU5ZjQxNzc5ZTZmMjQzNWY1OWYxYTE3MWMwODBhNWE3
YTQ0ZDIwHhcNMjMwMTAyMDY0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRkNWYzZWJjMmNmNDQzY2RlZmYxMTIxYTBhNmE0Y2FiOTBlNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdc2JYqiZx8BJ5Sp2RLdUg7UZmJU
/t37Xi/IDPcj9kf08OOKAr3/ExeCE2GIyimnPVv+Ducq24ajcHUNoAVv6RrLPeSn
l1Cgiu4akpC3XevzHkzIl11PRxOYzGnb9Szt+L82RrigH54Hu7um5Vfbc+q6v4ml
YMhIcW8av29mdHNifU4cfBG0uN7Ib7wODubJ+UwvCSTr58q1aYGAyhf9q5lu5Gn2
VFdsDnnRviw4e5tlge60Xwn7PyD61IATnz6I103tvHp0Amqs6xwMkRvHYdvZSOoM
2ovaXZAE/IP9FZ7eyHO3Ob2MYoZEdPuZv33aT1SidQuDlHWxDrTWVtkGXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIvdXz68LPRDze/xEhoKakyrkOUUMB8GA1UdIwQY
MBaAFMm1n0F3nm8kNfWfGhccCApaekTSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJXZlFYZWVieVExOVo4YUZ4d0lDbHA2Uk5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wMjdjOGItNDAwOS00ZGE2LWFlOTct
NzIzNjdjYmIxOWVmLzEvaTkxZlByd3M5RVBON19FU0dncHFUS3VRNVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wMjdjOGItNDAwOS00ZGE2LWFlOTctNzIzNjdjYmIxOWVm
LzEveWJXZlFYZWVieVExOVo4YUZ4d0lDbHA2Uk5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwiQsMA0E
AgACMAcDBQMqDYJAMA0GCSqGSIb3DQEBCwUAA4IBAQCLXjgd8TnFU5D7u6U2+aQE
p/BKrSlMIHC+27IehXt4183hNy2f55pErORRIt3jVKUJX4pLAFXFF7rOaejVPEmT
L41OIuRjn5hZBIEo97tIua3ojVfF75ltDWU80QxORrfopCZxtzKhuSZ1C3+Inprj
clYwMFziPdVApZTKY8Tbggt3DcU1RKdZS+xtvfYCI9lODmRK5F7prOyU672ibl5N
Qxn9LZDyRZFYUy30GcZxSBDKbLeyg9PjNcrWFRounvgB/SH5+i4RqVPXLxRzGlEK
FdiXndAKpWzcYAmb6pqaY/9AN9kaXlrglfdNHG6blHN+usMT0TH2/UyD3jJo1tfy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:39 2025 by rpki-client