Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6bb444-c0ac-4060-80d5-e3d427211a83/1/PTqd6i7JmMTqY8-IqO1wPTYXrSs.roa
File: PTqd6i7JmMTqY8-IqO1wPTYXrSs.roa (raw, json)
Hash identifier: NUi17VJi6/aWgCh1qbOFP+Q/4OuY75MFRLs4EAy8KmM=
Subject key identifier: 3D:3A:9D:EA:2E:C9:98:C4:EA:63:CF:88:A8:ED:70:3D:36:17:AD:2B
Certificate issuer: /CN=039916dc890f08fe55c75bb4439d6016704b7a61
Certificate serial: 01856ECB934F7CAC468EBCB9DD1D56EBECD3
Authority key identifier: 03:99:16:DC:89:0F:08:FE:55:C7:5B:B4:43:9D:60:16:70:4B:7A:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A5kW3IkPCP5Vx1u0Q51gFnBLemE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6bb444-c0ac-4060-80d5-e3d427211a83/1/PTqd6i7JmMTqY8-IqO1wPTYXrSs.roa
Signing time: Sun 01 Jan 2023 19:25:13 +0000
ROA not before: Sun 01 Jan 2023 19:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51232
IP address blocks: 91.216.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:93:4f:7c:ac:46:8e:bc:b9:dd:1d:56:eb:ec:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=039916dc890f08fe55c75bb4439d6016704b7a61
Validity
Not Before: Jan 1 19:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d3a9dea2ec998c4ea63cf88a8ed703d3617ad2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:39:94:03:f5:7b:3f:92:20:30:d5:9f:16:fd:
48:e5:16:42:24:b4:10:67:19:e1:b7:4c:73:89:42:
e3:ae:ef:52:52:87:cd:84:1c:f5:78:87:0b:ab:10:
b0:92:72:00:fc:f1:3c:97:53:ed:a2:c4:72:e8:98:
c1:24:01:24:06:2a:ff:da:1a:ce:56:19:d3:37:4c:
53:2e:0b:45:0a:03:5e:82:8c:8a:a9:f0:1b:41:70:
cd:b6:6f:28:90:78:2d:35:ae:f9:2e:ab:11:11:51:
9d:42:8d:cc:ac:8b:88:d6:ec:15:cd:c6:42:db:26:
1b:3b:d4:60:d5:ed:8b:ae:98:f8:d7:d4:c7:9f:6e:
ed:20:9e:40:61:9e:bc:93:d6:56:5c:37:96:ea:6b:
ba:90:b3:67:bd:d0:3b:62:69:3f:87:3d:1b:67:6d:
c8:f9:92:c3:81:52:85:52:89:a7:cd:e5:9d:ee:42:
ce:35:ef:7c:68:3c:40:ca:e8:b0:53:57:df:20:5b:
a5:50:8e:0f:8e:c8:fc:b9:ae:b4:8c:72:71:19:a1:
6e:e6:6f:80:1d:93:5b:1d:7e:56:27:26:fd:3a:14:
87:9e:a2:db:48:08:cf:e0:b1:d9:77:f2:db:9f:2e:
29:ff:a4:07:3c:25:43:b8:ad:20:ba:8f:eb:dc:7e:
0c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3A:9D:EA:2E:C9:98:C4:EA:63:CF:88:A8:ED:70:3D:36:17:AD:2B
X509v3 Authority Key Identifier:
keyid:03:99:16:DC:89:0F:08:FE:55:C7:5B:B4:43:9D:60:16:70:4B:7A:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5kW3IkPCP5Vx1u0Q51gFnBLemE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6bb444-c0ac-4060-80d5-e3d427211a83/1/PTqd6i7JmMTqY8-IqO1wPTYXrSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6bb444-c0ac-4060-80d5-e3d427211a83/1/A5kW3IkPCP5Vx1u0Q51gFnBLemE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.60.0/24
Signature Algorithm: sha256WithRSAEncryption
50:dc:66:a2:c8:3a:21:14:39:e7:cc:6b:a2:bd:5f:3d:98:41:
15:53:70:c8:c7:65:f8:f7:04:cd:da:c3:69:c8:46:d6:56:32:
01:87:b2:d1:56:3b:8c:e0:b9:4d:2a:26:d7:e8:28:5d:27:ef:
86:f9:9c:4b:68:e3:5d:67:e7:5c:2c:e7:e1:dc:fd:5c:ef:62:
ed:91:34:9a:de:1c:96:e5:d7:62:12:a5:ad:90:c0:1c:51:a9:
9c:67:2e:15:62:1f:f4:f2:fd:56:fd:24:7e:d1:50:ab:92:1b:
2f:39:1d:ba:65:ec:46:7f:a6:91:9f:db:d4:2e:13:ea:17:c2:
02:99:88:01:52:68:b3:39:3d:25:64:cc:17:1b:6b:a2:1f:40:
e5:ae:97:65:28:d7:22:70:a2:34:77:56:5d:d3:38:78:60:51:
2f:2c:9d:ef:f9:a5:a7:71:ef:e1:1e:f2:9d:b0:bd:de:b2:cc:
41:1b:dd:0c:77:40:e0:f8:40:1e:88:53:ed:96:61:1a:a3:7c:
7e:f3:7d:e8:0b:89:2c:5e:a0:ed:3a:4c:41:1b:5f:e5:1c:96:
48:57:27:08:db:b0:9f:19:16:14:f2:aa:a9:55:cc:bf:e9:27:
eb:fc:03:01:2e:24:00:79:b4:77:90:12:be:38:a2:a0:c2:9a:
e2:06:d6:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy5NPfKxGjry53R1W6+zTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOTkxNmRjODkwZjA4ZmU1NWM3NWJiNDQzOWQ2MDE2NzA0
YjdhNjEwHhcNMjMwMTAxMTkyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDNhOWRlYTJlYzk5OGM0ZWE2M2NmODhhOGVkNzAzZDM2MTdhZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojmUA/V7P5IgMNWfFv1I5RZCJLQQ
Zxnht0xziULjru9SUofNhBz1eIcLqxCwknIA/PE8l1PtosRy6JjBJAEkBir/2hrO
VhnTN0xTLgtFCgNegoyKqfAbQXDNtm8okHgtNa75LqsREVGdQo3MrIuI1uwVzcZC
2yYbO9Rg1e2Lrpj419THn27tIJ5AYZ68k9ZWXDeW6mu6kLNnvdA7Ymk/hz0bZ23I
+ZLDgVKFUomnzeWd7kLONe98aDxAyuiwU1ffIFulUI4Pjsj8ua60jHJxGaFu5m+A
HZNbHX5WJyb9OhSHnqLbSAjP4LHZd/Lbny4p/6QHPCVDuK0guo/r3H4MYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD06neouyZjE6mPPiKjtcD02F60rMB8GA1UdIwQY
MBaAFAOZFtyJDwj+VcdbtEOdYBZwS3phMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVrVzNJa1BDUDVWeDF1MFE1MWdGbkJMZW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82YmI0NDQtYzBhYy00MDYwLTgwZDUt
ZTNkNDI3MjExYTgzLzEvUFRxZDZpN0ptTVRxWTgtSXFPMXdQVFlYclNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82YmI0NDQtYzBhYy00MDYwLTgwZDUtZTNkNDI3MjExYTgz
LzEvQTVrVzNJa1BDUDVWeDF1MFE1MWdGbkJMZW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9g8MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ3GaiyDohFDnnzGuivV89mEEVU3DIx2X49wTN2sNp
yEbWVjIBh7LRVjuM4LlNKibX6ChdJ++G+ZxLaONdZ+dcLOfh3P1c72LtkTSa3hyW
5ddiEqWtkMAcUamcZy4VYh/08v1W/SR+0VCrkhsvOR26ZexGf6aRn9vULhPqF8IC
mYgBUmizOT0lZMwXG2uiH0DlrpdlKNcicKI0d1Zd0zh4YFEvLJ3v+aWnce/hHvKd
sL3essxBG90Md0Dg+EAeiFPtlmEao3x+833oC4ksXqDtOkxBG1/lHJZIVycI27Cf
GRYU8qqpVcy/6Sfr/AMBLiQAebR3kBK+OKKgwpriBtaM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:20 2025 by rpki-client