Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/Yj01vNgWAXCeSm5jku4AjfszZsE.roa
File: Yj01vNgWAXCeSm5jku4AjfszZsE.roa (raw, json)
Hash identifier: mZhezQdhXOiRpBl7Xo6qlKayt0sSlq7Dr47VDtOTsO0=
Subject key identifier: 62:3D:35:BC:D8:16:01:70:9E:4A:6E:63:92:EE:00:8D:FB:33:66:C1
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018414BE4BDB3906B3A4AF32824570DFBAB2
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/Yj01vNgWAXCeSm5jku4AjfszZsE.roa
Signing time: Wed 26 Oct 2022 14:42:06 +0000
ROA not before: Wed 26 Oct 2022 14:42:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 91.234.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:be:4b:db:39:06:b3:a4:af:32:82:45:70:df:ba:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Oct 26 14:42:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=623d35bcd81601709e4a6e6392ee008dfb3366c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b3:b7:8e:61:1a:c7:10:7c:e4:27:9c:78:bc:
04:a8:58:f2:e7:01:30:50:48:7c:2e:62:ca:84:96:
59:31:12:6e:c6:fd:3d:e9:3b:7a:75:50:2b:07:3b:
27:19:b4:5c:5f:38:a0:29:fa:38:e7:c3:f5:26:a6:
be:28:69:ef:9e:d3:c2:1b:7e:4d:6e:1c:9d:e2:90:
57:9a:cf:6b:43:aa:df:30:22:4c:0b:8f:03:49:2d:
ed:b7:ef:bd:27:b3:67:e4:37:ae:2b:e2:3c:19:9b:
ae:bc:7c:c8:18:06:09:51:f6:f5:57:80:38:5c:34:
33:af:7f:cc:11:90:61:85:e5:2f:8e:39:db:ef:31:
6b:c9:a6:7c:dc:ec:4f:f1:49:18:a6:c7:06:89:9b:
21:eb:3d:72:b0:74:96:eb:04:0a:78:87:30:cc:12:
fa:d1:2d:b7:7d:ab:af:5c:54:0a:38:e7:34:31:34:
7e:56:8e:e0:12:5d:d0:66:2e:d1:4b:c5:f2:0b:61:
75:d3:a1:13:a1:cf:a9:bb:ff:af:c0:37:ea:2b:bb:
27:76:12:5b:00:c6:47:16:9d:24:78:4b:47:62:6b:
ae:ff:25:a6:05:77:c1:39:31:61:54:e3:1f:c3:a6:
5c:82:f8:60:80:a5:5d:d8:37:37:56:c9:61:b0:99:
9c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3D:35:BC:D8:16:01:70:9E:4A:6E:63:92:EE:00:8D:FB:33:66:C1
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/Yj01vNgWAXCeSm5jku4AjfszZsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.22.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c6:96:45:13:6e:d4:ce:90:01:db:f8:54:d0:73:72:9d:79:
77:ce:23:39:6e:c4:35:01:3e:17:b8:34:51:ab:4c:ee:47:17:
51:d6:e6:c4:e8:97:32:fa:e4:b8:bb:7c:65:6d:9c:f9:5d:80:
53:dc:40:c3:30:c6:3c:ba:a6:40:29:0c:39:25:0f:1c:ac:21:
01:d2:7f:8d:f9:b1:07:7b:e3:d5:93:42:f7:9a:c0:90:11:ec:
06:44:5a:b1:5a:9d:c2:cc:ad:0e:59:06:bf:4e:18:67:85:bb:
80:b0:a1:fc:29:39:ab:ef:b7:d4:95:e7:7a:36:3d:24:f7:d1:
75:fb:5e:80:bd:17:ba:19:23:30:e2:b6:1e:fc:76:f1:bb:c8:
0b:62:72:9b:a1:dc:67:0d:47:82:00:d8:75:89:8a:20:8c:51:
fa:5d:14:5f:18:2e:6f:95:ea:0c:4f:cc:14:b1:37:f0:33:7d:
7e:6e:f0:4d:8f:cd:df:56:e1:81:92:75:07:ee:9a:ed:73:8d:
df:ba:11:5e:f9:5c:ea:23:c3:7a:6d:37:02:cc:16:e3:39:47:
ae:2c:9d:cb:07:1f:e0:73:17:cc:09:65:60:90:a8:1d:93:a3:
8d:d5:22:00:cd:1e:aa:4b:8d:89:ff:ec:ab:47:10:12:56:e2:
9d:63:26:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQUvkvbOQazpK8ygkVw37qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjIxMDI2MTQ0MjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNkMzViY2Q4MTYwMTcwOWU0YTZlNjM5MmVlMDA4ZGZiMzM2NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbO3jmEaxxB85CeceLwEqFjy5wEw
UEh8LmLKhJZZMRJuxv096Tt6dVArBzsnGbRcXzigKfo458P1Jqa+KGnvntPCG35N
bhyd4pBXms9rQ6rfMCJMC48DSS3tt++9J7Nn5DeuK+I8GZuuvHzIGAYJUfb1V4A4
XDQzr3/MEZBhheUvjjnb7zFryaZ83OxP8UkYpscGiZsh6z1ysHSW6wQKeIcwzBL6
0S23fauvXFQKOOc0MTR+Vo7gEl3QZi7RS8XyC2F106EToc+pu/+vwDfqK7sndhJb
AMZHFp0keEtHYmuu/yWmBXfBOTFhVOMfw6ZcgvhggKVd2Dc3VslhsJmcQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGI9NbzYFgFwnkpuY5LuAI37M2bBMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvWWowMXZOZ1dBWENlU201amt1NEFqZnN6WnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+oWMA0G
CSqGSIb3DQEBCwUAA4IBAQAYxpZFE27UzpAB2/hU0HNynXl3ziM5bsQ1AT4XuDRR
q0zuRxdR1ubE6Jcy+uS4u3xlbZz5XYBT3EDDMMY8uqZAKQw5JQ8crCEB0n+N+bEH
e+PVk0L3msCQEewGRFqxWp3CzK0OWQa/ThhnhbuAsKH8KTmr77fUled6Nj0k99F1
+16AvRe6GSMw4rYe/Hbxu8gLYnKbodxnDUeCANh1iYogjFH6XRRfGC5vleoMT8wU
sTfwM31+bvBNj83fVuGBknUH7prtc43fuhFe+VzqI8N6bTcCzBbjOUeuLJ3LBx/g
cxfMCWVgkKgdk6ON1SIAzR6qS42J/+yrRxASVuKdYyYm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:18 2025 by rpki-client