Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/aqiaoy-tHEzq0nJGN-88mWcutOU.roa
File: aqiaoy-tHEzq0nJGN-88mWcutOU.roa (raw, json)
Hash identifier: hbodb6uNXihUYKyii42dZ4N1sk6pif0OfivCF5l06N8=
Subject key identifier: 6A:A8:9A:A3:2F:AD:1C:4C:EA:D2:72:46:37:EF:3C:99:67:2E:B4:E5
Certificate issuer: /CN=8466e91742dad1b9f4c796b23b37eb7acd858161
Certificate serial: 01856C0142058ADB6E53833A1276FC32F06E
Authority key identifier: 84:66:E9:17:42:DA:D1:B9:F4:C7:96:B2:3B:37:EB:7A:CD:85:81:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGbpF0La0bn0x5ayOzfres2FgWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/aqiaoy-tHEzq0nJGN-88mWcutOU.roa
Signing time: Sun 01 Jan 2023 06:24:59 +0000
ROA not before: Sun 01 Jan 2023 06:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44709
IP address blocks: 91.198.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:42:05:8a:db:6e:53:83:3a:12:76:fc:32:f0:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8466e91742dad1b9f4c796b23b37eb7acd858161
Validity
Not Before: Jan 1 06:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa89aa32fad1c4cead2724637ef3c99672eb4e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e2:93:e3:34:76:d0:3f:a8:50:3a:be:dc:9d:
c6:3d:52:b2:61:76:aa:24:06:cb:7f:af:21:4b:6d:
9b:f0:02:43:c9:81:fb:3b:3e:c2:5a:15:5a:e5:0f:
89:d1:11:c8:e6:d6:b2:53:f1:92:1c:eb:17:cb:fa:
77:1c:a8:55:de:f0:22:99:de:37:50:3d:24:8f:7b:
24:ee:be:d4:fa:5b:da:b6:dc:11:96:fc:5d:38:75:
c3:ae:54:7d:f2:c3:86:95:cb:b7:8c:5b:cb:e2:ec:
c9:fa:cb:dd:66:4d:76:59:73:78:f8:31:a2:03:d0:
40:84:ff:bc:42:ad:6e:07:90:79:3c:08:da:34:1f:
96:f9:64:49:96:00:15:6e:b9:a1:c5:7b:fc:ff:15:
3f:19:bf:08:46:8d:04:8a:a3:cb:bb:64:fb:52:f5:
d6:24:c7:1e:10:47:c2:b2:eb:43:e4:e4:06:40:65:
f8:d0:06:8b:34:c6:3f:47:a3:21:19:95:78:f6:74:
05:c0:9c:f6:05:dd:0b:37:25:96:54:c8:f9:87:24:
92:dd:c1:e2:a1:dc:72:31:e7:69:33:49:b9:e5:e1:
fa:8a:6e:5c:b7:01:a7:04:24:84:67:9c:4c:7d:4c:
c5:42:1e:d5:c5:97:ce:34:0a:57:b3:4f:36:b6:a0:
cb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A8:9A:A3:2F:AD:1C:4C:EA:D2:72:46:37:EF:3C:99:67:2E:B4:E5
X509v3 Authority Key Identifier:
keyid:84:66:E9:17:42:DA:D1:B9:F4:C7:96:B2:3B:37:EB:7A:CD:85:81:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGbpF0La0bn0x5ayOzfres2FgWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/aqiaoy-tHEzq0nJGN-88mWcutOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.70.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:09:ff:c2:f5:36:7a:43:4e:01:3b:29:01:82:db:f8:a6:98:
12:ec:a8:f0:5e:8a:e4:6f:87:1e:29:4b:c4:d6:c1:b8:07:32:
c5:19:b1:16:46:a3:44:06:24:e2:b3:3b:37:ea:dc:1f:d1:7b:
b3:2a:06:df:db:99:d3:74:08:28:c9:18:a3:60:78:f5:6e:8d:
84:ea:0f:77:f2:2d:47:3c:08:c8:52:58:c2:07:a5:59:a3:32:
f2:2e:a9:91:06:56:33:5c:06:a7:b1:5e:66:bb:cf:9c:e1:82:
68:3d:98:64:c5:c1:31:0b:6f:f8:b4:d7:5b:71:cc:ee:d9:a4:
64:40:08:22:8b:a9:67:4a:47:05:a0:a8:59:64:2b:0d:39:ee:
c0:ba:99:34:59:f0:c9:bb:60:d3:8d:8e:1b:6c:1b:09:3c:73:
d7:05:14:f0:79:5b:70:19:e1:e9:42:f0:c4:d2:38:de:3f:15:
f1:fe:34:7a:90:cd:f5:df:88:18:f9:d5:31:df:b8:75:c1:e6:
da:50:0d:fc:be:61:9a:da:77:0b:d2:18:d3:aa:ec:2d:f8:ef:
2a:62:5b:98:5e:66:ce:f8:48:ca:62:32:54:52:a5:23:6f:45:
7f:0d:db:5e:ea:d4:25:9d:5f:86:6d:32:7c:6d:da:ab:90:2c:
bb:f6:42:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAUIFittuU4M6Enb8MvBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NjZlOTE3NDJkYWQxYjlmNGM3OTZiMjNiMzdlYjdhY2Q4
NTgxNjEwHhcNMjMwMTAxMDYyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE4OWFhMzJmYWQxYzRjZWFkMjcyNDYzN2VmM2M5OTY3MmViNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+KT4zR20D+oUDq+3J3GPVKyYXaq
JAbLf68hS22b8AJDyYH7Oz7CWhVa5Q+J0RHI5tayU/GSHOsXy/p3HKhV3vAimd43
UD0kj3sk7r7U+lvattwRlvxdOHXDrlR98sOGlcu3jFvL4uzJ+svdZk12WXN4+DGi
A9BAhP+8Qq1uB5B5PAjaNB+W+WRJlgAVbrmhxXv8/xU/Gb8IRo0EiqPLu2T7UvXW
JMceEEfCsutD5OQGQGX40AaLNMY/R6MhGZV49nQFwJz2Bd0LNyWWVMj5hySS3cHi
odxyMedpM0m55eH6im5ctwGnBCSEZ5xMfUzFQh7VxZfONApXs082tqDLJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqomqMvrRxM6tJyRjfvPJlnLrTlMB8GA1UdIwQY
MBaAFIRm6RdC2tG59MeWsjs363rNhYFhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdicEYwTGEwYm4weDVheU96ZnJlczJGZ1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hNjY5YjctMDc3OS00NTlhLTkyMjAt
NGUzMmM4YjhlZTM2LzEvYXFpYW95LXRIRXpxMG5KR04tODhtV2N1dE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hNjY5YjctMDc3OS00NTlhLTkyMjAtNGUzMmM4YjhlZTM2
LzEvaEdicEYwTGEwYm4weDVheU96ZnJlczJGZ1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZGMA0G
CSqGSIb3DQEBCwUAA4IBAQDCCf/C9TZ6Q04BOykBgtv4ppgS7KjwXorkb4ceKUvE
1sG4BzLFGbEWRqNEBiTiszs36twf0XuzKgbf25nTdAgoyRijYHj1bo2E6g938i1H
PAjIUljCB6VZozLyLqmRBlYzXAansV5mu8+c4YJoPZhkxcExC2/4tNdbcczu2aRk
QAgii6lnSkcFoKhZZCsNOe7Aupk0WfDJu2DTjY4bbBsJPHPXBRTweVtwGeHpQvDE
0jjePxXx/jR6kM3134gY+dUx37h1webaUA38vmGa2ncL0hjTquwt+O8qYluYXmbO
+EjKYjJUUqUjb0V/Ddte6tQlnV+GbTJ8bdqrkCy79kLn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:14 2025 by rpki-client