Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/MO58Wgt77bpH7PWJnpmhcDdA3n8.roa
File: MO58Wgt77bpH7PWJnpmhcDdA3n8.roa (raw, json)
Hash identifier: /+2AOdNsnCMehbbY7pIq7jFh1oBLMOA0ETuFnbNMhwM=
Subject key identifier: 30:EE:7C:5A:0B:7B:ED:BA:47:EC:F5:89:9E:99:A1:70:37:40:DE:7F
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 0181D6FCEBDD39DAD6824243C6B3659DE197
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/MO58Wgt77bpH7PWJnpmhcDdA3n8.roa
Signing time: Thu 07 Jul 2022 04:48:28 +0000
ROA not before: Thu 07 Jul 2022 04:48:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52223
IP address blocks: 91.245.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d6:fc:eb:dd:39:da:d6:82:42:43:c6:b3:65:9d:e1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jul 7 04:48:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30ee7c5a0b7bedba47ecf5899e99a1703740de7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2e:24:2f:99:07:31:d6:da:d4:6e:5c:9b:98:
73:b3:16:6e:16:83:ef:5c:8f:87:f5:b6:0c:9e:b3:
3a:c4:71:79:d3:aa:94:73:0e:af:50:79:c5:e9:46:
54:19:10:02:c3:d9:55:8d:2c:71:f2:5d:09:5d:fd:
6c:79:aa:df:56:0a:15:71:1e:fd:67:17:45:64:db:
4d:83:ce:c4:81:83:8e:d5:6e:7b:1b:a0:5e:d2:1b:
15:87:30:2f:dd:fe:60:fe:e3:4d:76:eb:6a:05:7b:
81:e7:87:f2:32:98:c7:5c:a1:d1:fe:49:8b:a4:bc:
85:c7:4e:61:c9:63:a1:55:26:4a:e1:8d:8f:93:79:
60:95:a9:29:6b:96:a9:09:7c:c4:6e:a0:9f:78:3c:
ee:cd:31:5b:35:4a:c0:52:09:e7:a3:92:54:4a:d4:
bb:e0:2e:50:0a:ac:f2:80:97:e0:7d:5f:45:9e:6d:
19:e0:70:73:e9:5a:e1:16:5a:ac:14:ea:39:21:41:
f5:34:c9:f2:16:16:ef:c1:b0:55:f2:33:42:7f:c8:
d8:32:bf:b6:fb:2c:b1:2c:d8:6f:b8:b1:fd:9c:b7:
89:14:10:b4:07:bf:6f:0c:d6:0d:92:3b:e6:de:ac:
16:21:ff:f3:13:aa:ae:de:ab:d4:da:29:1a:cf:de:
17:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EE:7C:5A:0B:7B:ED:BA:47:EC:F5:89:9E:99:A1:70:37:40:DE:7F
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/MO58Wgt77bpH7PWJnpmhcDdA3n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.233.0/24
Signature Algorithm: sha256WithRSAEncryption
44:1e:8a:a2:f5:54:3f:49:2b:6b:e8:db:e8:a7:44:8a:b3:38:
d6:70:f2:61:94:07:88:87:fb:d5:ca:8f:22:64:9d:9d:d3:80:
67:f4:e6:d4:be:8d:73:5c:c6:c0:95:bd:a5:f4:0b:0b:28:02:
f6:48:1d:7b:84:6c:d3:14:b2:43:72:f6:9b:00:42:11:6c:e3:
92:cf:06:a7:20:11:dc:30:ff:e4:60:1d:d7:79:e9:3e:21:e4:
cf:f9:02:32:dc:88:1c:bf:eb:4e:f5:65:55:60:5c:78:3f:11:
67:66:fd:cc:07:94:22:51:3a:1c:25:32:34:bb:e1:06:c6:c9:
03:d6:01:df:9c:85:ad:ff:3a:a6:28:71:b4:c5:77:b7:7d:02:
f6:3a:88:45:9e:41:92:9b:c0:fa:64:62:3a:32:16:a4:4f:2e:
53:b0:4c:a0:64:16:6e:41:f2:2f:69:60:83:82:34:e5:59:28:
a6:6d:2e:3e:c4:61:8f:3b:2f:f8:0e:52:8d:de:30:34:36:35:
b2:2a:e0:d7:83:de:cf:ca:3a:f2:6c:81:51:38:23:a6:10:9f:
2d:ab:89:9c:b5:17:28:87:db:3e:e3:56:9b:37:93:a8:cc:65:
4f:63:38:74:6f:e7:2e:0d:00:06:0c:e8:f7:62:98:2e:33:c4:
f9:1c:df:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHW/OvdOdrWgkJDxrNlneGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjIwNzA3MDQ0ODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVlN2M1YTBiN2JlZGJhNDdlY2Y1ODk5ZTk5YTE3MDM3NDBkZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC4kL5kHMdba1G5cm5hzsxZuFoPv
XI+H9bYMnrM6xHF506qUcw6vUHnF6UZUGRACw9lVjSxx8l0JXf1searfVgoVcR79
ZxdFZNtNg87EgYOO1W57G6Be0hsVhzAv3f5g/uNNdutqBXuB54fyMpjHXKHR/kmL
pLyFx05hyWOhVSZK4Y2Pk3lglakpa5apCXzEbqCfeDzuzTFbNUrAUgnno5JUStS7
4C5QCqzygJfgfV9Fnm0Z4HBz6VrhFlqsFOo5IUH1NMnyFhbvwbBV8jNCf8jYMr+2
+yyxLNhvuLH9nLeJFBC0B79vDNYNkjvm3qwWIf/zE6qu3qvU2ikaz94XKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDufFoLe+26R+z1iZ6ZoXA3QN5/MB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvTU81OFdndDc3YnBIN1BXSm5wbWhjRGRBM244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/XpMA0G
CSqGSIb3DQEBCwUAA4IBAQBEHoqi9VQ/SStr6Nvop0SKszjWcPJhlAeIh/vVyo8i
ZJ2d04Bn9ObUvo1zXMbAlb2l9AsLKAL2SB17hGzTFLJDcvabAEIRbOOSzwanIBHc
MP/kYB3Xeek+IeTP+QIy3Igcv+tO9WVVYFx4PxFnZv3MB5QiUTocJTI0u+EGxskD
1gHfnIWt/zqmKHG0xXe3fQL2OohFnkGSm8D6ZGI6MhakTy5TsEygZBZuQfIvaWCD
gjTlWSimbS4+xGGPOy/4DlKN3jA0NjWyKuDXg97PyjrybIFROCOmEJ8tq4mctRco
h9s+41abN5OozGVPYzh0b+cuDQAGDOj3YpguM8T5HN9Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:50 2025 by rpki-client