Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/d3BPOlUyzZ5erpXmwTCfZ0UZ984.roa
File: d3BPOlUyzZ5erpXmwTCfZ0UZ984.roa (raw, json)
Hash identifier: wi0ENyTSU+7+neMvSXDxrxu2Grkvci/Rxa/scoS69zI=
Subject key identifier: 77:70:4F:3A:55:32:CD:9E:5E:AE:95:E6:C1:30:9F:67:45:19:F7:CE
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 0183DAED6E7A05301163876736FE446DAEBF
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/d3BPOlUyzZ5erpXmwTCfZ0UZ984.roa
Signing time: Sat 15 Oct 2022 09:15:36 +0000
ROA not before: Sat 15 Oct 2022 09:15:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211895
IP address blocks: 91.218.20.0/24 maxlen: 24
188.239.191.0/24 maxlen: 24
2a07:e040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:da:ed:6e:7a:05:30:11:63:87:67:36:fe:44:6d:ae:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Oct 15 09:15:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77704f3a5532cd9e5eae95e6c1309f674519f7ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ac:2b:ed:b5:9c:8c:17:3f:e9:ab:a8:44:83:
bb:73:03:80:96:8a:ba:e5:07:b5:f8:c1:21:fa:9b:
1e:45:d9:24:e3:37:32:d9:22:0a:d4:a6:6e:96:34:
04:c9:bb:bf:a6:1c:37:22:5d:fc:c3:8a:5e:59:83:
50:be:c9:4d:a3:8c:b3:37:3d:c8:48:83:58:4b:f7:
a3:66:d8:1b:f5:9f:3e:a7:7c:2e:5b:1a:e3:15:43:
80:e3:ab:f7:6e:b1:a4:61:94:17:90:e0:35:bc:77:
ff:7a:b8:53:72:18:98:1c:1d:e1:5d:64:8d:68:be:
ad:4b:81:50:f3:6a:6d:87:11:42:6a:e1:f8:97:4a:
e0:c9:b8:71:f4:a5:ff:68:43:7e:9f:83:a1:d9:02:
b5:a6:0d:7d:d0:0c:74:aa:35:06:9c:50:36:77:59:
2c:e6:fe:be:9d:f9:95:16:42:3f:a7:a0:c2:cd:90:
5b:b7:2f:e9:3f:d1:36:f0:6a:33:7a:ef:0d:c0:e6:
79:38:bf:30:71:3d:ab:e8:85:91:6b:79:44:9d:ef:
5d:0a:f0:78:14:0a:57:c8:6f:62:a2:be:44:61:38:
5a:7e:18:91:72:ae:c5:1a:6a:a5:2e:25:b5:f6:33:
ac:65:2b:06:70:d7:cb:bb:72:3c:4f:41:ca:17:43:
30:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:70:4F:3A:55:32:CD:9E:5E:AE:95:E6:C1:30:9F:67:45:19:F7:CE
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/d3BPOlUyzZ5erpXmwTCfZ0UZ984.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.20.0/24
188.239.191.0/24
IPv6:
2a07:e040::/32
Signature Algorithm: sha256WithRSAEncryption
6d:8c:c9:c3:60:a5:0e:f7:c1:b7:ce:80:2e:52:5d:79:a9:a1:
1d:c8:be:b0:c0:8e:d7:f6:3b:94:70:77:f8:28:30:b3:90:df:
3e:23:c3:52:7c:a1:75:68:c1:ab:06:41:8b:8c:b4:10:ba:4f:
00:49:ce:3c:2b:81:70:d6:a6:fb:ed:7d:e8:8e:13:2a:86:a6:
6f:1c:b3:6a:4f:3f:04:bd:1d:47:25:d6:94:62:52:f7:ee:84:
99:70:aa:32:29:e2:8e:d6:cd:f0:15:86:60:66:8e:e8:4c:cf:
f5:aa:be:60:d6:b5:a2:87:01:2d:34:0f:a4:0e:5a:9e:a4:a7:
7a:06:7e:eb:e6:24:e9:93:94:6c:74:39:a5:b1:e8:96:6b:42:
2a:ae:44:5e:c1:b5:d6:c4:47:95:5b:89:e2:ff:29:5f:08:bc:
fb:b6:13:a8:47:6e:c4:ab:70:c6:e5:18:f2:27:f6:d7:73:56:
fe:20:e3:61:f9:ce:93:9d:b3:1c:66:25:9d:5a:48:76:ef:1e:
64:fa:7a:89:50:2a:92:41:af:81:ab:58:91:0b:24:c2:8e:cd:
27:81:0c:22:db:79:19:2b:a2:9b:6e:89:ee:48:90:12:5c:95:
e6:4d:b2:43:e4:e5:91:6e:f2:6f:b8:18:d6:19:aa:b7:50:0e:
6c:ec:60:b9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYPa7W56BTARY4dnNv5Eba6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjIxMDE1MDkxNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzcwNGYzYTU1MzJjZDllNWVhZTk1ZTZjMTMwOWY2NzQ1MTlmN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKwr7bWcjBc/6auoRIO7cwOAloq6
5Qe1+MEh+pseRdkk4zcy2SIK1KZuljQEybu/phw3Il38w4peWYNQvslNo4yzNz3I
SINYS/ejZtgb9Z8+p3wuWxrjFUOA46v3brGkYZQXkOA1vHf/erhTchiYHB3hXWSN
aL6tS4FQ82pthxFCauH4l0rgybhx9KX/aEN+n4Oh2QK1pg190Ax0qjUGnFA2d1ks
5v6+nfmVFkI/p6DCzZBbty/pP9E28Gozeu8NwOZ5OL8wcT2r6IWRa3lEne9dCvB4
FApXyG9ior5EYThafhiRcq7FGmqlLiW19jOsZSsGcNfLu3I8T0HKF0MwFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHdwTzpVMs2eXq6V5sEwn2dFGffOMB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvZDNCUE9sVXl6WjVlcnBYbXdUQ2ZaMFVaOTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9oUAwQA
vO+/MA0EAgACMAcDBQAqB+BAMA0GCSqGSIb3DQEBCwUAA4IBAQBtjMnDYKUO98G3
zoAuUl15qaEdyL6wwI7X9juUcHf4KDCzkN8+I8NSfKF1aMGrBkGLjLQQuk8ASc48
K4Fw1qb77X3ojhMqhqZvHLNqTz8EvR1HJdaUYlL37oSZcKoyKeKO1s3wFYZgZo7o
TM/1qr5g1rWihwEtNA+kDlqepKd6Bn7r5iTpk5RsdDmlseiWa0IqrkRewbXWxEeV
W4ni/ylfCLz7thOoR27Eq3DG5RjyJ/bXc1b+IONh+c6TnbMcZiWdWkh27x5k+nqJ
UCqSQa+Bq1iRCyTCjs0ngQwi23kZK6KbbonuSJASXJXmTbJD5OWRbvJvuBjWGaq3
UA5s7GC5
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:18 2025 by rpki-client