Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/c24rVj0RHjyhJAz4sABpFFiQJpk.roa
File: c24rVj0RHjyhJAz4sABpFFiQJpk.roa (raw, json)
Hash identifier: 2tPdTuyiIk/+bm9JEdXZcQnkFW1+f2zaJ97h0sVAb7E=
Subject key identifier: 73:6E:2B:56:3D:11:1E:3C:A1:24:0C:F8:B0:00:69:14:58:90:26:99
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 0185728C764294F6E27261D7150E933A6601
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/c24rVj0RHjyhJAz4sABpFFiQJpk.roa
Signing time: Mon 02 Jan 2023 12:54:46 +0000
ROA not before: Mon 02 Jan 2023 12:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.228.74.0/24 maxlen: 24
91.228.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:76:42:94:f6:e2:72:61:d7:15:0e:93:3a:66:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 2 12:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=736e2b563d111e3ca1240cf8b000691458902699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:1a:4d:3a:61:3f:dd:7a:97:42:eb:69:1e:
7e:80:8f:9b:b6:b4:07:2b:50:da:0c:b7:30:81:72:
1d:a6:a9:4c:38:6d:4b:bf:96:e3:b6:f4:1e:1e:09:
dd:b5:16:94:ba:a6:b1:48:2f:10:ab:51:b1:cb:2b:
e5:ab:2b:e8:03:35:8c:d1:d9:ba:8f:65:69:fd:40:
57:d0:35:8a:5b:24:1e:52:50:43:99:c6:f0:d9:cb:
f6:1f:c5:18:f3:e9:3a:ba:fe:f8:13:11:cf:94:45:
e1:68:c9:35:58:d0:ef:1e:38:8e:5e:0c:98:da:b0:
6b:49:30:cd:78:97:80:73:28:8a:c7:ee:1b:d8:1a:
79:6a:8a:dd:ee:d7:d8:30:7f:f8:13:ec:1e:da:1f:
20:4a:4d:5b:73:42:72:a4:7e:87:2e:19:c8:b6:78:
b3:0b:84:f1:05:94:27:8c:e1:46:ad:25:e5:69:3a:
7f:65:51:e8:13:57:cc:7c:48:81:69:eb:08:9e:05:
1a:8d:9f:38:8b:38:46:89:69:af:a1:ba:3e:05:6b:
2a:21:94:bb:0f:40:d0:f6:94:2b:e5:f3:26:e1:bc:
06:a0:73:5f:e5:59:bf:60:36:e8:66:ee:05:85:d9:
50:90:b4:aa:53:34:a2:b4:1f:b0:36:29:7e:93:bd:
73:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6E:2B:56:3D:11:1E:3C:A1:24:0C:F8:B0:00:69:14:58:90:26:99
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/c24rVj0RHjyhJAz4sABpFFiQJpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/24
91.228.74.0/24
Signature Algorithm: sha256WithRSAEncryption
47:35:43:21:cd:7b:e0:78:6b:31:6a:b8:68:a5:ff:3d:d4:8a:
f4:21:d7:59:dd:e4:44:1e:ff:8c:32:0d:f2:15:e6:61:38:af:
9e:0d:84:07:82:33:c9:34:8d:3b:db:cf:4c:6f:80:77:29:63:
bb:6b:f6:6e:f3:e4:3f:3d:64:cc:dd:84:61:5c:7e:87:1f:65:
2c:f6:3f:3f:33:c1:e2:f6:17:87:5b:91:56:87:4b:a6:60:28:
c8:f5:4d:69:92:0b:c0:ba:a3:88:9b:5b:04:81:02:b5:ac:1f:
44:89:57:7c:b0:cb:cd:42:2d:c7:97:64:c5:ec:bf:8b:65:f9:
cc:51:55:46:8d:77:11:ab:5e:a4:c6:6f:b7:3c:d4:54:26:c6:
48:1c:43:b8:0e:4a:74:5e:71:8f:d3:7a:2d:ac:86:be:9e:25:
3f:55:3e:d5:13:49:e1:82:6f:ef:9a:4a:dd:4b:d6:8b:84:82:
53:d9:e2:5d:88:1b:46:c8:08:5a:f6:ad:a5:97:f1:60:fc:fa:
97:aa:95:dd:6b:32:cf:10:81:8f:14:c5:27:f0:bf:a8:1b:5c:
7c:ad:89:4e:b8:9b:1a:f0:ac:aa:18:b2:72:37:7e:d5:96:b7:
c5:38:77:49:20:9c:13:63:12:c7:9d:2a:a2:ec:71:2e:69:77:
f8:ec:d8:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyjHZClPbicmHXFQ6TOmYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYmM4NTBkMTdjYTZkM2M3YjRkMDBlNTAxZTJkMzU2ZjA4
YTU4NWUwHhcNMjMwMTAyMTI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZlMmI1NjNkMTExZTNjYTEyNDBjZjhiMDAwNjkxNDU4OTAyNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA0aTTphP916l0LraR5+gI+btrQH
K1DaDLcwgXIdpqlMOG1Lv5bjtvQeHgndtRaUuqaxSC8Qq1GxyyvlqyvoAzWM0dm6
j2Vp/UBX0DWKWyQeUlBDmcbw2cv2H8UY8+k6uv74ExHPlEXhaMk1WNDvHjiOXgyY
2rBrSTDNeJeAcyiKx+4b2Bp5aord7tfYMH/4E+we2h8gSk1bc0JypH6HLhnItniz
C4TxBZQnjOFGrSXlaTp/ZVHoE1fMfEiBaesIngUajZ84izhGiWmvobo+BWsqIZS7
D0DQ9pQr5fMm4bwGoHNf5Vm/YDboZu4FhdlQkLSqUzSitB+wNil+k71zjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHNuK1Y9ER48oSQM+LAAaRRYkCaZMB8GA1UdIwQY
MBaAFLG8hQ0Xym08e00A5QHi01bwilheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMt
MTdmYjRmZmI5ZmFkLzEvYzI0clZqMFJIanloSkF6NHNBQnBGRmlRSnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMtMTdmYjRmZmI5ZmFk
LzEvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+RIAwQA
W+RKMA0GCSqGSIb3DQEBCwUAA4IBAQBHNUMhzXvgeGsxarhopf891Ir0IddZ3eRE
Hv+MMg3yFeZhOK+eDYQHgjPJNI07289Mb4B3KWO7a/Zu8+Q/PWTM3YRhXH6HH2Us
9j8/M8Hi9heHW5FWh0umYCjI9U1pkgvAuqOIm1sEgQK1rB9EiVd8sMvNQi3Hl2TF
7L+LZfnMUVVGjXcRq16kxm+3PNRUJsZIHEO4Dkp0XnGP03otrIa+niU/VT7VE0nh
gm/vmkrdS9aLhIJT2eJdiBtGyAha9q2ll/Fg/PqXqpXdazLPEIGPFMUn8L+oG1x8
rYlOuJsa8KyqGLJyN37VlrfFOHdJIJwTYxLHnSqi7HEuaXf47NjJ
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:07 2025 by rpki-client