Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/uT3nUZOmk4p73-yeiD6NeOX9vqw.roa
File: uT3nUZOmk4p73-yeiD6NeOX9vqw.roa (raw, json)
Hash identifier: gyW0IL+S9OtWf6v0uLI3A5eyzkDAWTtRaYNYw4wZVBc=
Subject key identifier: B9:3D:E7:51:93:A6:93:8A:7B:DF:EC:9E:88:3E:8D:78:E5:FD:BE:AC
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 053D3F32
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/uT3nUZOmk4p73-yeiD6NeOX9vqw.roa
Signing time: Sat 01 Jan 2022 14:02:36 +0000
ROA not before: Sat 01 Jan 2022 14:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211895
IP address blocks: 91.218.20.0/24 maxlen: 24
2a07:e040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87899954 (0x53d3f32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Jan 1 14:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b93de75193a6938a7bdfec9e883e8d78e5fdbeac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:14:0c:6c:35:d7:47:1c:e9:5a:61:64:e6:2e:
ed:8b:66:34:0b:76:7c:41:f5:07:23:ac:47:bc:22:
d5:17:f7:ee:3d:87:4d:d2:de:ff:56:e8:df:4a:b0:
46:53:d0:e2:4e:3c:51:f5:79:f0:57:96:f4:ba:3a:
b9:21:95:fa:67:b3:e8:4a:6e:bb:be:e7:5f:b5:cc:
0f:e2:c9:d7:cd:29:30:cc:68:3c:2c:e4:a3:ac:3a:
33:87:e4:eb:f3:dc:24:b6:90:e8:35:21:e8:cf:a1:
96:a6:cf:d3:aa:d4:9e:9e:fd:89:b0:65:7e:52:75:
ee:13:3f:bb:5b:d4:88:31:1f:6c:ab:75:21:c9:7c:
22:5c:c4:1b:53:f4:3b:74:67:b1:74:6c:91:1b:7c:
ff:92:6b:0b:1a:bc:95:9e:e0:de:ba:fa:95:d1:6d:
27:e0:bd:b7:0a:41:6e:7e:05:75:ed:19:e6:0d:1f:
70:d1:42:89:47:0c:91:3b:7c:7f:fa:e8:ab:db:60:
2b:7e:f4:02:75:dd:b2:b2:17:e3:6f:d2:12:86:d8:
b8:67:00:b7:31:dd:be:12:fa:de:26:6f:2e:95:12:
f1:36:fb:e0:88:e7:d6:81:76:7b:50:55:28:99:85:
d2:30:7a:ad:b7:94:e4:98:d9:00:51:c0:a6:1c:17:
c6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3D:E7:51:93:A6:93:8A:7B:DF:EC:9E:88:3E:8D:78:E5:FD:BE:AC
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/uT3nUZOmk4p73-yeiD6NeOX9vqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.20.0/24
IPv6:
2a07:e040::/32
Signature Algorithm: sha256WithRSAEncryption
05:65:a3:13:47:da:02:40:e9:8e:14:bf:5d:a8:51:8f:a3:ba:
ec:ce:47:8c:8c:4e:1e:b4:2c:5d:02:24:27:d5:73:b4:33:d0:
82:55:ac:0c:11:6a:c6:01:68:2e:84:91:97:84:48:55:a4:4e:
06:8e:7f:44:49:25:af:67:e1:5f:e1:cf:e0:dd:76:2e:72:36:
5d:0f:5c:53:cf:94:c5:3e:26:6c:ff:cd:2a:1e:08:cb:60:21:
c3:b2:a7:93:56:2f:86:6c:d9:f8:75:4a:0b:1f:0d:2c:5b:5d:
23:f6:57:19:99:a4:d6:32:65:31:59:ae:55:7b:e5:b2:c0:1b:
70:ab:4d:a0:49:78:03:84:c8:4f:be:c4:f6:cf:f0:1c:ed:e3:
a8:47:50:06:f0:e0:c1:e6:0e:6e:ea:7c:87:5f:71:ec:bc:df:
3c:1e:c6:8c:ac:dd:a1:dd:37:e6:13:e0:33:ff:a1:e4:b4:0b:
b8:64:4a:16:bf:2c:15:30:e4:2b:46:d9:67:2b:3b:77:a5:19:
4c:39:4a:97:c1:48:97:a6:e8:8d:a2:56:76:ca:f9:6b:a2:df:
38:02:cb:35:80:f4:3a:7f:9c:c4:d8:33:4c:95:f4:73:9d:1f:
44:34:e0:77:3c:d7:f9:8e:ea:82:8d:56:58:a2:37:7a:bb:cf:
2f:89:78:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBT0/MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YzI4YTZlZDBmNWNmY2U3NzJkNWNlNWIwM2JiNDI5MzJjOGE2NGQwMB4XDTIyMDEw
MTE0MDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjkzZGU3NTE5M2E2
OTM4YTdiZGZlYzllODgzZThkNzhlNWZkYmVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYUDGw110cc6VphZOYu7YtmNAt2fEH1ByOsR7wi1Rf37j2H
TdLe/1bo30qwRlPQ4k48UfV58FeW9Lo6uSGV+mez6Epuu77nX7XMD+LJ180pMMxo
PCzko6w6M4fk6/PcJLaQ6DUh6M+hlqbP06rUnp79ibBlflJ17hM/u1vUiDEfbKt1
Icl8IlzEG1P0O3RnsXRskRt8/5JrCxq8lZ7g3rr6ldFtJ+C9twpBbn4Fde0Z5g0f
cNFCiUcMkTt8f/roq9tgK370AnXdsrIX42/SEobYuGcAtzHdvhL63iZvLpUS8Tb7
4Ijn1oF2e1BVKJmF0jB6rbeU5JjZAFHAphwXxvcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS5PedRk6aTinvf7J6IPo145f2+rDAfBgNVHSMEGDAWgBScKKbtD1z853LV
zlsDu0KTLIpk0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25DaW03UTljX09keTFjNWJBN3RDa3l5S1pOQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNzNlNTJmLTQyZTMtNGEzMS05NzM2LWE2Yjc2MDA4NzFhNi8x
L3VUM25VWk9tazRwNzMteWVpRDZOZU9YOXZxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
NzNlNTJmLTQyZTMtNGEzMS05NzM2LWE2Yjc2MDA4NzFhNi8xL25DaW03UTljX09k
eTFjNWJBN3RDa3l5S1pOQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvaFDANBAIAAjAHAwUAKgfgQDAN
BgkqhkiG9w0BAQsFAAOCAQEABWWjE0faAkDpjhS/XahRj6O67M5HjIxOHrQsXQIk
J9VztDPQglWsDBFqxgFoLoSRl4RIVaROBo5/REklr2fhX+HP4N12LnI2XQ9cU8+U
xT4mbP/NKh4Iy2Ahw7Knk1YvhmzZ+HVKCx8NLFtdI/ZXGZmk1jJlMVmuVXvlssAb
cKtNoEl4A4TIT77E9s/wHO3jqEdQBvDgweYObup8h19x7LzfPB7GjKzdod035hPg
M/+h5LQLuGRKFr8sFTDkK0bZZys7d6UZTDlKl8FIl6bojaJWdsr5a6LfOALLNYD0
On+cxNgzTJX0c50fRDTgdzzX+Y7qgo1WWKI3ervPL4l4pA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:16 2025 by rpki-client