Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/d8ec03-fb84-444e-a6ef-985231635421/1/iePm7KQMZBKhx5EZYiJwGScZt48.roa
File: iePm7KQMZBKhx5EZYiJwGScZt48.roa (raw, json)
Hash identifier: dEqWWjNhFWVHkDoInVUc408lxYLB2Af4xEhQr9+fjp8=
Subject key identifier: 89:E3:E6:EC:A4:0C:64:12:A1:C7:91:19:62:22:70:19:27:19:B7:8F
Certificate issuer: /CN=673f8874d9731f67682a213e6fe5e0b0df34e6cb
Certificate serial: CEB2
Authority key identifier: 67:3F:88:74:D9:73:1F:67:68:2A:21:3E:6F:E5:E0:B0:DF:34:E6:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zz-IdNlzH2doKiE-b-XgsN805ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/d8ec03-fb84-444e-a6ef-985231635421/1/iePm7KQMZBKhx5EZYiJwGScZt48.roa
Signing time: Wed 06 Apr 2022 12:52:28 +0000
ROA not before: Wed 06 Apr 2022 12:52:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34562
IP address blocks: 91.217.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52914 (0xceb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=673f8874d9731f67682a213e6fe5e0b0df34e6cb
Validity
Not Before: Apr 6 12:52:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89e3e6eca40c6412a1c79119622270192719b78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:91:b7:f9:e9:a6:1a:06:3b:68:49:82:47:b4:
1c:7d:7d:2d:91:cd:33:0c:ef:a9:d7:bd:02:4b:8d:
51:fd:8b:a4:c2:8b:41:16:0b:5a:6f:9d:a5:6f:e1:
cd:94:d9:80:75:d7:97:f1:be:64:c7:7d:53:13:b0:
10:90:ff:11:68:cb:3b:02:e5:f1:91:48:c7:05:af:
22:55:6f:bb:53:a7:c9:43:a4:c0:19:d5:cb:39:d5:
ab:79:10:b8:b2:03:9a:16:5f:d7:2c:7d:b2:5e:d9:
2d:ab:59:5d:54:89:52:97:ae:df:db:5a:51:79:0a:
14:a3:e3:1f:b0:17:07:a1:40:e7:c7:ff:01:a5:00:
c6:30:6d:25:5c:20:8b:6c:ac:c8:25:0d:f8:df:c6:
1d:24:8b:49:99:53:af:98:0b:5c:41:67:85:ac:f6:
52:aa:03:7d:60:a7:67:38:c4:86:5b:93:34:21:05:
2a:dd:c6:62:47:7c:56:4a:ef:33:d2:de:62:eb:56:
a4:02:9c:93:58:c3:de:50:7e:59:71:20:18:f5:01:
37:10:3c:c4:a3:dc:80:41:28:ea:4b:10:4a:2e:29:
1e:c1:a5:a0:6c:7f:f6:b7:42:3c:db:b0:84:49:87:
4d:91:de:21:de:8b:24:e6:02:d4:9d:73:4b:98:0e:
26:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E3:E6:EC:A4:0C:64:12:A1:C7:91:19:62:22:70:19:27:19:B7:8F
X509v3 Authority Key Identifier:
keyid:67:3F:88:74:D9:73:1F:67:68:2A:21:3E:6F:E5:E0:B0:DF:34:E6:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zz-IdNlzH2doKiE-b-XgsN805ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8ec03-fb84-444e-a6ef-985231635421/1/iePm7KQMZBKhx5EZYiJwGScZt48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8ec03-fb84-444e-a6ef-985231635421/1/Zz-IdNlzH2doKiE-b-XgsN805ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.235.0/24
Signature Algorithm: sha256WithRSAEncryption
27:3e:f2:09:92:10:9e:e5:67:6b:54:8c:4c:9d:77:f7:c2:ae:
ae:7d:b9:b2:e0:18:bb:df:3b:d1:45:09:64:1e:48:ce:8d:ed:
28:54:bb:f7:39:90:92:90:4c:bc:30:2f:5f:07:8f:98:48:5c:
f4:53:3a:56:f9:a6:e6:ae:ab:60:82:ca:ab:17:ef:8c:eb:05:
17:de:05:5c:0d:3a:bf:cf:f8:76:8d:0c:79:cf:98:17:11:3c:
36:04:46:bc:ac:73:9d:15:51:e3:64:4d:fb:ac:62:91:6d:7c:
fd:31:b6:77:77:41:df:6c:86:7e:57:8b:7e:25:e7:87:df:f8:
f2:71:9a:ac:06:5f:04:8e:9e:c2:be:f4:2b:f6:a7:73:20:6f:
73:0a:e0:ed:35:89:58:6f:83:9f:fc:61:cf:b9:83:ae:96:f8:
1d:4c:76:34:69:85:6e:84:e0:f4:9b:6e:01:78:68:78:e0:cf:
7d:72:bb:29:07:79:a2:78:d3:77:22:a2:55:c6:86:c4:ae:5a:
a5:21:a1:2a:aa:6e:35:99:64:74:7f:9c:f1:22:41:23:47:3d:
28:7d:dc:5a:9f:af:a7:0d:7f:80:3e:38:72:21:5b:5c:a1:42:
a6:3b:d9:8b:79:0c:ce:91:16:f4:be:ae:2c:b4:06:26:68:ae:
b4:54:5b:20
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAM6yMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY3
M2Y4ODc0ZDk3MzFmNjc2ODJhMjEzZTZmZTVlMGIwZGYzNGU2Y2IwHhcNMjIwNDA2
MTI1MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4OWUzZTZlY2E0MGM2
NDEyYTFjNzkxMTk2MjIyNzAxOTI3MTliNzhmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA55G3+emmGgY7aEmCR7QcfX0tkc0zDO+p170CS41R/YukwotB
Fgtab52lb+HNlNmAddeX8b5kx31TE7AQkP8RaMs7AuXxkUjHBa8iVW+7U6fJQ6TA
GdXLOdWreRC4sgOaFl/XLH2yXtktq1ldVIlSl67f21pReQoUo+MfsBcHoUDnx/8B
pQDGMG0lXCCLbKzIJQ3438YdJItJmVOvmAtcQWeFrPZSqgN9YKdnOMSGW5M0IQUq
3cZiR3xWSu8z0t5i61akApyTWMPeUH5ZcSAY9QE3EDzEo9yAQSjqSxBKLikewaWg
bH/2t0I827CESYdNkd4h3osk5gLUnXNLmA4m5wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFInj5uykDGQSoceRGWIicBknGbePMB8GA1UdIwQYMBaAFGc/iHTZcx9naCoh
Pm/l4LDfNObLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WnotSWRObHpIMmRvS2lFLWItWGdzTjgwNXNzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iMy9kOGVjMDMtZmI4NC00NDRlLWE2ZWYtOTg1MjMxNjM1NDIxLzEv
aWVQbTdLUU1aQktoeDVFWllpSndHU2NadDQ4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9k
OGVjMDMtZmI4NC00NDRlLWE2ZWYtOTg1MjMxNjM1NDIxLzEvWnotSWRObHpIMmRv
S2lFLWItWGdzTjgwNXNzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nrMA0GCSqGSIb3DQEBCwUAA4IB
AQAnPvIJkhCe5WdrVIxMnXf3wq6ufbmy4Bi73zvRRQlkHkjOje0oVLv3OZCSkEy8
MC9fB4+YSFz0UzpW+abmrqtggsqrF++M6wUX3gVcDTq/z/h2jQx5z5gXETw2BEa8
rHOdFVHjZE37rGKRbXz9MbZ3d0HfbIZ+V4t+JeeH3/jycZqsBl8Ejp7CvvQr9qdz
IG9zCuDtNYlYb4Of/GHPuYOulvgdTHY0aYVuhOD0m24BeGh44M99crspB3mieNN3
IqJVxobErlqlIaEqqm41mWR0f5zxIkEjRz0ofdxan6+nDX+APjhyIVtcoUKmO9mL
eQzOkRb0vq4stAYmaK60VFsg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:23 2025 by rpki-client