Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/3iElA3R2aGCrnvmzcMfvmzFwvmc.roa
File: 3iElA3R2aGCrnvmzcMfvmzFwvmc.roa (raw, json)
Hash identifier: jpLXlej+Zst2GdXjsPbIiOWScjQEXibmD24E7Yprksk=
Subject key identifier: DE:21:25:03:74:76:68:60:AB:9E:F9:B3:70:C7:EF:9B:31:70:BE:67
Certificate issuer: /CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Certificate serial: 01856FD524A1AB24F55EA3F8E4EEEF795001
Authority key identifier: 95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/3iElA3R2aGCrnvmzcMfvmzFwvmc.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60215
IP address blocks: 91.212.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:24:a1:ab:24:f5:5e:a3:f8:e4:ee:ef:79:50:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de21250374766860ab9ef9b370c7ef9b3170be67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:26:00:19:c2:67:d5:1a:e3:56:ec:05:56:c1:
41:a2:83:f1:fb:f9:82:37:d3:92:0b:65:41:f2:83:
94:cb:4b:a9:69:d4:67:92:dd:0c:20:5d:e1:e8:d7:
bb:54:11:16:df:41:02:41:b1:6a:ae:50:72:d1:5c:
ed:81:02:81:ac:0a:eb:96:9f:d6:79:de:42:51:61:
37:19:68:17:fe:d4:17:31:a1:a3:40:2f:26:94:fc:
f2:8f:be:8e:a7:79:33:19:54:0f:ef:3e:6d:fc:16:
98:2a:2e:92:1d:83:87:77:19:9d:72:34:d7:47:0e:
c9:2c:1f:50:c0:42:82:76:61:99:12:48:50:27:03:
3e:92:c3:0a:ca:10:c2:d9:40:0a:14:96:64:27:ac:
1d:0d:cf:e3:b7:49:b6:ee:7b:3f:f7:87:59:c8:eb:
ad:18:77:4d:ab:81:a3:7f:7c:2c:ad:b4:bb:61:94:
58:d7:a4:0a:e7:41:b5:d0:95:e7:bf:46:f2:c0:01:
26:77:9c:65:cc:dd:97:4f:53:8a:30:0a:87:a3:86:
4c:97:2c:3a:81:65:a3:31:de:8b:98:a3:d9:40:78:
90:7c:50:84:79:b4:45:c4:5f:b2:2f:31:2b:a2:2f:
96:16:6b:f8:eb:a0:54:26:31:3a:7b:6a:96:95:ac:
41:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:21:25:03:74:76:68:60:AB:9E:F9:B3:70:C7:EF:9B:31:70:BE:67
X509v3 Authority Key Identifier:
keyid:95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/3iElA3R2aGCrnvmzcMfvmzFwvmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.24.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a9:01:6c:7e:a7:88:03:da:bb:7f:68:a7:0e:a4:a2:55:93:
05:3f:e9:b2:10:71:3f:cc:5b:c1:88:25:df:4e:c3:7c:fe:c1:
56:5b:e2:10:28:29:53:f4:7b:77:19:7d:94:cf:11:ab:db:74:
96:d2:f6:0a:ed:77:4c:e7:31:47:20:16:5e:22:a5:48:cf:37:
fa:8c:c1:40:3f:5f:2e:3b:6f:59:44:17:c6:94:32:77:82:f6:
d2:50:a5:2d:cc:1e:02:70:2a:00:05:4c:da:7a:d4:29:b3:e5:
dd:b8:c9:db:96:c5:7d:4b:db:5d:9b:bc:c4:fb:a5:64:40:d2:
30:7f:a8:75:ef:a7:b5:67:1a:1e:18:8f:fe:29:69:74:ac:00:
d8:95:c2:cb:1b:2b:f8:ca:ae:52:38:a2:2b:29:54:05:57:50:
d7:d6:ea:cd:69:34:ef:9c:86:a9:2c:bb:17:ff:83:d8:b9:8d:
4d:55:fa:41:8b:69:00:67:74:6c:02:99:ea:ad:db:4e:19:86:
99:0d:6c:3d:1b:6d:c0:08:c3:ef:c6:d6:0a:4e:70:5a:83:ad:
8a:44:55:c3:1c:87:ed:5f:ff:04:07:18:a1:e0:45:58:a4:ea:
42:f9:02:7d:8e:03:53:c1:fd:e7:10:67:a0:29:9d:fb:6c:b9:
9b:1b:12:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1SShqyT1XqP45O7veVABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MGYyODRjZjVjMzlmMjZkZGQyMzUyZTdmMmFkZjdhOGRj
NjBmOGUwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTIxMjUwMzc0NzY2ODYwYWI5ZWY5YjM3MGM3ZWY5YjMxNzBiZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiYAGcJn1RrjVuwFVsFBooPx+/mC
N9OSC2VB8oOUy0upadRnkt0MIF3h6Ne7VBEW30ECQbFqrlBy0VztgQKBrArrlp/W
ed5CUWE3GWgX/tQXMaGjQC8mlPzyj76Op3kzGVQP7z5t/BaYKi6SHYOHdxmdcjTX
Rw7JLB9QwEKCdmGZEkhQJwM+ksMKyhDC2UAKFJZkJ6wdDc/jt0m27ns/94dZyOut
GHdNq4Gjf3wsrbS7YZRY16QK50G10JXnv0bywAEmd5xlzN2XT1OKMAqHo4ZMlyw6
gWWjMd6LmKPZQHiQfFCEebRFxF+yLzEroi+WFmv466BUJjE6e2qWlaxB0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4hJQN0dmhgq575s3DH75sxcL5nMB8GA1UdIwQY
MBaAFJUPKEz1w58m3dI1Ln8q33qNxg+OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTkt
ZmEyZjBkNTRiMWQxLzEvM2lFbEEzUjJhR0NybnZtemNNZnZtekZ3dm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTktZmEyZjBkNTRiMWQx
LzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QYMA0G
CSqGSIb3DQEBCwUAA4IBAQA8qQFsfqeIA9q7f2inDqSiVZMFP+myEHE/zFvBiCXf
TsN8/sFWW+IQKClT9Ht3GX2UzxGr23SW0vYK7XdM5zFHIBZeIqVIzzf6jMFAP18u
O29ZRBfGlDJ3gvbSUKUtzB4CcCoABUzaetQps+XduMnblsV9S9tdm7zE+6VkQNIw
f6h176e1ZxoeGI/+KWl0rADYlcLLGyv4yq5SOKIrKVQFV1DX1urNaTTvnIapLLsX
/4PYuY1NVfpBi2kAZ3RsApnqrdtOGYaZDWw9G23ACMPvxtYKTnBag62KRFXDHIft
X/8EBxih4EVYpOpC+QJ9jgNTwf3nEGegKZ37bLmbGxLv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:40 2025 by rpki-client