Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/PxvobDAEX9k8pdX603OjSYeC2Bg.roa
File: PxvobDAEX9k8pdX603OjSYeC2Bg.roa (raw, json)
Hash identifier: ewMoeJxYW/qJ43C7DtKayH6lo7kSDnY7HDl/TtKo4RY=
Subject key identifier: 3F:1B:E8:6C:30:04:5F:D9:3C:A5:D5:FA:D3:73:A3:49:87:82:D8:18
Certificate issuer: /CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Certificate serial: 0185702701CE92F23FF50B34802B30E36BDE
Authority key identifier: 34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/PxvobDAEX9k8pdX603OjSYeC2Bg.roa
Signing time: Mon 02 Jan 2023 01:44:42 +0000
ROA not before: Mon 02 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29686
IP address blocks: 91.195.150.0/23 maxlen: 23
2001:678:2e0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:27:01:ce:92:f2:3f:f5:0b:34:80:2b:30:e3:6b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Validity
Not Before: Jan 2 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f1be86c30045fd93ca5d5fad373a3498782d818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:71:db:04:e9:41:af:6a:e7:9b:a5:14:91:40:
e7:7d:34:fb:04:6c:bd:d9:45:48:bb:d0:e2:e0:f5:
48:9c:a4:b8:60:58:68:83:23:3d:b5:32:d6:48:6f:
5e:c9:a3:0f:db:d6:0c:5c:52:0b:86:27:73:2b:82:
85:59:ab:36:b3:17:b8:56:5b:c5:65:27:a6:14:76:
c0:78:57:3b:26:04:5a:d2:44:2f:28:fd:0b:4d:a7:
9c:58:49:58:3f:08:4a:86:3d:77:9d:9e:13:33:de:
5e:8d:66:e8:be:c8:6f:35:71:aa:93:55:64:a7:7a:
dc:cc:08:f2:ba:c8:c1:32:8e:a7:24:30:dc:e0:11:
59:d9:b3:6c:1c:00:b3:31:d2:92:c3:a9:75:ef:a4:
25:fb:13:14:bf:f6:3f:0e:15:47:5c:0e:69:bd:68:
a1:b3:7a:93:51:6f:1e:c0:dc:ef:31:f7:04:68:60:
70:98:fb:03:0a:40:11:e1:73:e8:0e:a9:40:81:aa:
06:d1:57:33:77:3c:f3:e4:d7:8a:6a:17:f6:7e:b0:
d5:97:05:85:73:07:92:04:be:71:1d:40:fd:af:a3:
84:58:9c:80:87:5f:b9:5d:19:3c:94:84:d4:35:bc:
a8:3e:fe:22:fe:0b:16:1a:06:20:b9:78:72:88:45:
c0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1B:E8:6C:30:04:5F:D9:3C:A5:D5:FA:D3:73:A3:49:87:82:D8:18
X509v3 Authority Key Identifier:
keyid:34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/PxvobDAEX9k8pdX603OjSYeC2Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.150.0/23
IPv6:
2001:678:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
44:54:90:ac:58:af:59:9c:20:28:b6:1d:53:43:89:a2:1f:1e:
10:95:7e:c0:2d:ba:50:2d:f4:7f:39:b9:77:61:ad:d8:ad:c2:
8c:a1:9b:8c:ec:a1:71:26:bd:2a:b8:b7:d8:b1:8d:20:ce:e2:
5a:51:3b:04:19:8f:a5:26:7f:32:e9:1e:2e:7c:b4:9d:3a:0c:
c6:b5:9e:b0:32:93:9b:9e:99:4b:72:ed:73:9c:a8:6a:ef:8f:
9b:86:b3:f5:78:0c:5c:67:3f:3d:e0:f1:ca:fb:0f:2b:23:6c:
51:7d:9e:5b:eb:46:c3:51:0f:11:ed:85:c8:2f:21:11:7d:91:
c6:94:50:79:f3:17:f2:63:29:41:ef:f9:9c:10:65:b7:66:aa:
c6:b4:36:55:d4:75:59:ae:b1:c9:2d:34:a2:51:1a:38:df:a7:
f2:68:7d:bd:dc:87:ac:db:11:71:99:5c:c8:e2:e9:ee:75:45:
8c:5b:9c:02:63:96:4c:67:c6:f2:09:55:37:f2:b2:c0:61:3b:
2f:ec:9d:4f:42:97:db:d8:e1:ea:50:ef:41:32:c6:e3:cd:be:
49:01:07:33:b7:79:58:15:b0:c6:95:3a:19:67:44:dc:54:9f:
06:bf:85:93:cd:77:cb:08:80:f6:d0:04:6d:37:1e:6b:fc:64:
05:a9:92:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwJwHOkvI/9Qs0gCsw42veMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0Y2I5NTZlYzNhMTRmNmY1ZTRiNzZkNTQzNDJmYTk4ZDU5
Yzc3YTYwHhcNMjMwMTAyMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjFiZTg2YzMwMDQ1ZmQ5M2NhNWQ1ZmFkMzczYTM0OTg3ODJkODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXHbBOlBr2rnm6UUkUDnfTT7BGy9
2UVIu9Di4PVInKS4YFhogyM9tTLWSG9eyaMP29YMXFILhidzK4KFWas2sxe4VlvF
ZSemFHbAeFc7JgRa0kQvKP0LTaecWElYPwhKhj13nZ4TM95ejWbovshvNXGqk1Vk
p3rczAjyusjBMo6nJDDc4BFZ2bNsHACzMdKSw6l176Ql+xMUv/Y/DhVHXA5pvWih
s3qTUW8ewNzvMfcEaGBwmPsDCkAR4XPoDqlAgaoG0Vczdzzz5NeKahf2frDVlwWF
cweSBL5xHUD9r6OEWJyAh1+5XRk8lITUNbyoPv4i/gsWGgYguXhyiEXAqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD8b6GwwBF/ZPKXV+tNzo0mHgtgYMB8GA1UdIwQY
MBaAFDTLlW7DoU9vXkt21UNC+pjVnHemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQt
OWE2ODgwODBhNTc5LzEvUHh2b2JEQUVYOWs4cGRYNjAzT2pTWWVDMkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQtOWE2ODgwODBhNTc5
LzEvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8OWMA8E
AgACMAkDBwAgAQZ4AuAwDQYJKoZIhvcNAQELBQADggEBAERUkKxYr1mcICi2HVND
iaIfHhCVfsAtulAt9H85uXdhrditwoyhm4zsoXEmvSq4t9ixjSDO4lpROwQZj6Um
fzLpHi58tJ06DMa1nrAyk5uemUty7XOcqGrvj5uGs/V4DFxnPz3g8cr7DysjbFF9
nlvrRsNRDxHthcgvIRF9kcaUUHnzF/JjKUHv+ZwQZbdmqsa0NlXUdVmuscktNKJR
Gjjfp/Jofb3ch6zbEXGZXMji6e51RYxbnAJjlkxnxvIJVTfyssBhOy/snU9Cl9vY
4epQ70EyxuPNvkkBBzO3eVgVsMaVOhlnRNxUnwa/hZPNd8sIgPbQBG03Hmv8ZAWp
ktk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:46 2025 by rpki-client