Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/AwR3UULeuMArb0WvBt-AXRM1i80.roa
File: AwR3UULeuMArb0WvBt-AXRM1i80.roa (raw, json)
Hash identifier: diUJtB2LJzM2/JLvDmyfZsKzotQD8V2+7A3J97AteLQ=
Subject key identifier: 03:04:77:51:42:DE:B8:C0:2B:6F:45:AF:06:DF:80:5D:13:35:8B:CD
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 0185728C773732E1E2705CDC82D4B04267BA
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/AwR3UULeuMArb0WvBt-AXRM1i80.roa
Signing time: Mon 02 Jan 2023 12:54:46 +0000
ROA not before: Mon 02 Jan 2023 12:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 91.228.74.0/24 maxlen: 24
91.228.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:77:37:32:e1:e2:70:5c:dc:82:d4:b0:42:67:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 2 12:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0304775142deb8c02b6f45af06df805d13358bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:04:bf:bf:3b:a7:82:17:2d:17:1d:52:c3:e5:
9a:e7:71:ab:35:1c:a2:c4:20:97:27:19:d3:95:e4:
4d:b7:0e:fb:d5:85:5f:19:6a:a0:c8:45:54:82:74:
c5:dc:11:93:39:a5:2c:5f:0b:ba:66:c6:59:48:3d:
f2:d6:5c:80:17:a2:25:20:e1:57:33:dc:55:9d:c2:
03:b3:42:9b:d5:fb:a3:74:cd:a8:a5:d2:2b:32:e6:
e7:38:16:3d:23:42:d2:bf:61:58:96:fe:a0:bf:d2:
7f:fc:94:3e:e6:63:5e:4a:2c:68:cb:54:d5:a4:e8:
2e:89:3f:ca:b0:60:8d:e3:7a:86:60:a9:f0:dc:a9:
53:17:45:2a:94:ab:6a:f2:52:56:20:18:a0:a4:56:
d2:2f:92:f8:dc:7f:7d:d5:1e:3a:d7:8a:4d:22:80:
4b:f8:c2:db:6a:e7:de:fd:67:aa:44:c7:60:0c:25:
40:8c:53:e8:c6:29:1a:5d:85:09:bd:09:ce:56:41:
dd:5f:a7:67:ed:69:f9:d3:b3:65:70:67:2a:4e:53:
ab:01:c8:b1:6b:5d:31:0d:f9:32:ac:58:fd:8d:05:
f4:14:65:81:21:fb:2b:19:54:9d:60:27:fa:68:d4:
67:20:93:f3:ab:d0:d5:b0:a0:db:56:54:4e:ab:95:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:04:77:51:42:DE:B8:C0:2B:6F:45:AF:06:DF:80:5D:13:35:8B:CD
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/AwR3UULeuMArb0WvBt-AXRM1i80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/24
91.228.74.0/24
Signature Algorithm: sha256WithRSAEncryption
63:24:95:69:67:dc:b7:b3:b9:3d:27:ee:f7:f0:a5:64:4c:4e:
e8:69:77:83:ba:cb:be:ad:70:65:a2:f1:00:22:47:09:3b:e9:
9c:ae:89:f3:08:a8:96:1c:67:0f:2d:3c:30:76:f8:08:c7:75:
b9:92:ef:84:03:31:a0:83:84:40:ff:6d:62:c3:ea:b1:9f:ae:
65:ef:2b:3c:b3:b1:04:e8:f2:ba:cc:37:0b:64:a6:2b:4b:d0:
6d:ee:6f:1d:0f:d1:85:f8:ba:4d:f1:35:7e:93:e3:c8:41:91:
aa:39:a7:f3:fa:0a:bc:53:d6:93:4d:6c:28:ca:53:01:6a:b9:
9e:b8:69:b0:e8:8d:ce:71:98:ef:3b:7e:94:d2:a8:75:76:48:
95:dc:58:05:83:f4:4f:79:b8:a0:04:5a:c2:d8:8b:77:d2:04:
c1:a5:ea:45:1c:84:d3:c2:a6:4c:94:c2:22:60:fc:0d:96:71:
fa:2a:32:48:7f:f1:5f:8a:47:01:02:2c:50:41:f2:26:2e:5d:
8f:ec:b6:96:8c:68:3b:1b:ef:60:9e:a6:12:74:86:06:3f:23:
0d:38:c8:9c:ca:93:f5:5b:56:6d:5d:4c:39:5d:9e:3b:67:94:
32:16:35:91:1a:01:7a:8b:c5:f7:bc:47:50:ec:7d:6f:19:59:
58:e1:90:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyjHc3MuHicFzcgtSwQme6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYmM4NTBkMTdjYTZkM2M3YjRkMDBlNTAxZTJkMzU2ZjA4
YTU4NWUwHhcNMjMwMTAyMTI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA0Nzc1MTQyZGViOGMwMmI2ZjQ1YWYwNmRmODA1ZDEzMzU4YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAS/vzunghctFx1Sw+Wa53GrNRyi
xCCXJxnTleRNtw771YVfGWqgyEVUgnTF3BGTOaUsXwu6ZsZZSD3y1lyAF6IlIOFX
M9xVncIDs0Kb1fujdM2opdIrMubnOBY9I0LSv2FYlv6gv9J//JQ+5mNeSixoy1TV
pOguiT/KsGCN43qGYKnw3KlTF0UqlKtq8lJWIBigpFbSL5L43H991R4614pNIoBL
+MLbaufe/WeqRMdgDCVAjFPoxikaXYUJvQnOVkHdX6dn7Wn507NlcGcqTlOrAcix
a10xDfkyrFj9jQX0FGWBIfsrGVSdYCf6aNRnIJPzq9DVsKDbVlROq5WF0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAMEd1FC3rjAK29FrwbfgF0TNYvNMB8GA1UdIwQY
MBaAFLG8hQ0Xym08e00A5QHi01bwilheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMt
MTdmYjRmZmI5ZmFkLzEvQXdSM1VVTGV1TUFyYjBXdkJ0LUFYUk0xaTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMtMTdmYjRmZmI5ZmFk
LzEvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+RIAwQA
W+RKMA0GCSqGSIb3DQEBCwUAA4IBAQBjJJVpZ9y3s7k9J+738KVkTE7oaXeDusu+
rXBlovEAIkcJO+mcronzCKiWHGcPLTwwdvgIx3W5ku+EAzGgg4RA/21iw+qxn65l
7ys8s7EE6PK6zDcLZKYrS9Bt7m8dD9GF+LpN8TV+k+PIQZGqOafz+gq8U9aTTWwo
ylMBarmeuGmw6I3OcZjvO36U0qh1dkiV3FgFg/RPebigBFrC2It30gTBpepFHITT
wqZMlMIiYPwNlnH6KjJIf/FfikcBAixQQfImLl2P7LaWjGg7G+9gnqYSdIYGPyMN
OMicypP1W1ZtXUw5XZ47Z5QyFjWRGgF6i8X3vEdQ7H1vGVlY4ZBh
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:30:05 2025 by rpki-client