Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/fp1GnXFMy8X8Tjl7a5RvqNL4MRI.roa
File: fp1GnXFMy8X8Tjl7a5RvqNL4MRI.roa (raw, json)
Hash identifier: GTlnt4ktWvZraGk7semAtr+CEo6vyLQNzr38RrddXNc=
Subject key identifier: 7E:9D:46:9D:71:4C:CB:C5:FC:4E:39:7B:6B:94:6F:A8:D2:F8:31:12
Certificate issuer: /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Certificate serial: 01857142DAA43FEB0C986D59368DC28831E0
Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/fp1GnXFMy8X8Tjl7a5RvqNL4MRI.roa
Signing time: Mon 02 Jan 2023 06:54:44 +0000
ROA not before: Mon 02 Jan 2023 06:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42936
IP address blocks: 91.193.64.0/22 maxlen: 22
2001:67c:13c8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:da:a4:3f:eb:0c:98:6d:59:36:8d:c2:88:31:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Validity
Not Before: Jan 2 06:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e9d469d714ccbc5fc4e397b6b946fa8d2f83112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:91:b5:98:c2:b3:1a:0d:c0:cb:87:77:11:69:
2b:21:32:a9:f9:78:df:b7:fb:b9:22:58:8d:2c:86:
ac:0a:ed:66:20:e8:48:5d:02:79:ac:a8:da:6e:c5:
21:2e:4f:38:8d:e0:bf:3d:70:e2:e6:18:92:b9:f6:
b9:9c:f5:1b:4a:dd:a3:22:fd:32:56:1b:00:37:35:
1b:fc:02:58:ad:29:bd:e5:00:d8:b1:07:a4:4a:4b:
45:88:1e:c6:5c:4d:d7:67:7c:2f:bb:fe:f9:e8:7d:
ea:94:29:73:fa:d4:36:6d:4f:8a:93:eb:0b:15:d2:
10:46:c3:39:a0:9f:c5:6b:e3:96:00:88:9a:f3:11:
ee:b2:20:6a:05:c2:4a:88:1b:00:c2:66:56:8d:f9:
20:b7:a6:ce:f0:86:2f:23:d6:44:83:ef:53:1c:b1:
49:1d:bf:37:6c:bd:91:45:ba:4e:49:4a:0e:2e:ef:
98:3d:7c:44:d2:60:ec:69:6f:c6:ff:7e:68:33:41:
91:4f:02:b0:22:73:50:3a:dd:04:ca:d2:ac:94:fb:
e9:c4:f6:3e:9a:84:6c:b6:28:fe:57:82:17:9c:ac:
19:34:62:17:4c:b1:35:72:d0:33:3e:71:34:1b:f4:
cd:e7:01:01:60:c2:36:ac:24:22:e4:d8:ab:20:c5:
33:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:9D:46:9D:71:4C:CB:C5:FC:4E:39:7B:6B:94:6F:A8:D2:F8:31:12
X509v3 Authority Key Identifier:
keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/fp1GnXFMy8X8Tjl7a5RvqNL4MRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.64.0/22
IPv6:
2001:67c:13c8::/48
Signature Algorithm: sha256WithRSAEncryption
a4:cf:2e:d8:9a:67:5f:7f:ce:18:4f:0e:59:90:e7:e1:c9:85:
4f:93:bf:63:5d:fc:0f:8a:10:12:bd:a5:ab:19:a1:64:8c:39:
45:b6:bc:90:e0:07:25:ff:77:4f:5e:0d:58:49:63:fb:eb:15:
d5:90:cf:76:cb:29:13:46:92:2b:35:a1:5f:c8:0e:06:ef:6e:
b5:9f:40:c5:29:c6:91:72:d3:8c:d8:d4:b5:a0:e6:55:de:1d:
3d:27:42:80:d7:56:4c:c2:34:9a:70:02:c5:64:08:a2:b7:4c:
53:81:2f:33:92:f0:33:eb:b0:8a:77:d2:61:93:0c:f4:29:d1:
ae:f6:53:be:52:2f:c9:f4:ba:03:a5:54:32:cb:ab:85:96:44:
a7:ba:d4:0a:e9:37:e6:3d:5d:fb:0d:cb:35:93:2b:e3:b3:4d:
ea:27:b9:49:ab:8c:92:f6:39:55:66:da:4e:68:47:1c:71:2c:
be:c4:32:65:f8:6b:ab:1b:86:44:7b:d7:3d:0e:89:e2:87:91:
68:0a:ad:2d:ef:81:49:a7:b5:34:d7:7b:3c:af:43:39:74:9e:
6c:08:01:d0:d6:80:bc:2e:12:7e:12:ad:d1:69:de:aa:7e:4a:
00:a7:e3:c8:d3:e2:ed:cf:2b:4d:22:5c:79:29:22:80:af:ff:
bb:37:3e:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxQtqkP+sMmG1ZNo3CiDHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz
ZThjMDMwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTlkNDY5ZDcxNGNjYmM1ZmM0ZTM5N2I2Yjk0NmZhOGQyZjgzMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJG1mMKzGg3Ay4d3EWkrITKp+Xjf
t/u5IliNLIasCu1mIOhIXQJ5rKjabsUhLk84jeC/PXDi5hiSufa5nPUbSt2jIv0y
VhsANzUb/AJYrSm95QDYsQekSktFiB7GXE3XZ3wvu/756H3qlClz+tQ2bU+Kk+sL
FdIQRsM5oJ/Fa+OWAIia8xHusiBqBcJKiBsAwmZWjfkgt6bO8IYvI9ZEg+9THLFJ
Hb83bL2RRbpOSUoOLu+YPXxE0mDsaW/G/35oM0GRTwKwInNQOt0EytKslPvpxPY+
moRstij+V4IXnKwZNGIXTLE1ctAzPnE0G/TN5wEBYMI2rCQi5NirIMUzeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH6dRp1xTMvF/E45e2uUb6jS+DESMB8GA1UdIwQY
MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt
MDk2NDQ2NGMxNzUxLzEvZnAxR25YRk15OFg4VGpsN2E1UnZxTkw0TVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx
LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8FAMA8E
AgACMAkDBwAgAQZ8E8gwDQYJKoZIhvcNAQELBQADggEBAKTPLtiaZ19/zhhPDlmQ
5+HJhU+Tv2Nd/A+KEBK9pasZoWSMOUW2vJDgByX/d09eDVhJY/vrFdWQz3bLKRNG
kis1oV/IDgbvbrWfQMUpxpFy04zY1LWg5lXeHT0nQoDXVkzCNJpwAsVkCKK3TFOB
LzOS8DPrsIp30mGTDPQp0a72U75SL8n0ugOlVDLLq4WWRKe61ArpN+Y9XfsNyzWT
K+OzTeonuUmrjJL2OVVm2k5oRxxxLL7EMmX4a6sbhkR71z0OieKHkWgKrS3vgUmn
tTTXezyvQzl0nmwIAdDWgLwuEn4SrdFp3qp+SgCn48jT4u3PK00iXHkpIoCv/7s3
Ph0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:11 2025 by rpki-client