Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/TOUg5JIlatZyfE0eYvG4nznKi_Q.roa
File: TOUg5JIlatZyfE0eYvG4nznKi_Q.roa (raw, json)
Hash identifier: 72F6dv7JRIRgIPsazucmxAPH4tBNcj0l07cK57bWyik=
Subject key identifier: 4C:E5:20:E4:92:25:6A:D6:72:7C:4D:1E:62:F1:B8:9F:39:CA:8B:F4
Certificate issuer: /CN=8598cbc4e8dff1852404a99275d230a56111055f
Certificate serial: 018C1FA033D9BA5E2905D0253E753756917E
Authority key identifier: 85:98:CB:C4:E8:DF:F1:85:24:04:A9:92:75:D2:30:A5:61:11:05:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZjLxOjf8YUkBKmSddIwpWERBV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/TOUg5JIlatZyfE0eYvG4nznKi_Q.roa
Signing time: Thu 30 Nov 2023 09:47:21 +0000
ROA not before: Thu 30 Nov 2023 09:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 91.212.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:a0:33:d9:ba:5e:29:05:d0:25:3e:75:37:56:91:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8598cbc4e8dff1852404a99275d230a56111055f
Validity
Not Before: Nov 30 09:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ce520e492256ad6727c4d1e62f1b89f39ca8bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:0f:c5:64:59:ce:2d:1b:9c:b8:9c:ba:08:
a9:e8:66:9d:7e:7b:83:d0:a0:08:06:d2:bc:60:92:
68:64:8d:30:c7:af:8b:f5:c9:70:2b:97:78:63:f1:
23:9f:d9:3f:18:0b:2d:47:e4:44:9e:2e:1f:11:b4:
0a:c1:52:9d:4a:82:6f:35:a5:8b:07:0f:6f:a2:47:
97:69:11:db:c0:84:92:58:c1:36:1e:e0:9b:18:48:
c7:ae:98:f3:c1:6a:e6:05:1a:34:5b:a8:fa:93:79:
f7:00:88:6d:7a:ae:fa:0e:31:6d:58:89:19:1f:b9:
11:9a:18:3b:25:a5:aa:2d:4b:90:df:6f:bd:55:2e:
a4:8c:54:1b:b8:5f:88:71:69:23:f0:99:d4:b0:7c:
8e:dd:a0:fe:70:62:f3:8a:60:a1:7d:59:6e:e9:e6:
54:a6:96:d1:10:9b:4f:27:58:07:7f:3a:03:20:19:
20:1d:2e:b9:4d:ea:a1:04:38:71:d9:9e:57:6f:a7:
63:e2:f4:a6:c5:c5:fd:23:f7:45:30:18:a3:fd:58:
b1:ea:01:93:a7:34:19:31:ff:d0:36:de:9f:29:95:
f2:bf:1e:de:0a:cd:31:ef:1f:57:85:f3:5f:ce:6d:
15:90:b6:6f:23:44:8d:c3:62:96:11:25:af:dd:45:
03:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E5:20:E4:92:25:6A:D6:72:7C:4D:1E:62:F1:B8:9F:39:CA:8B:F4
X509v3 Authority Key Identifier:
keyid:85:98:CB:C4:E8:DF:F1:85:24:04:A9:92:75:D2:30:A5:61:11:05:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZjLxOjf8YUkBKmSddIwpWERBV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/TOUg5JIlatZyfE0eYvG4nznKi_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.67.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ad:42:96:ce:10:73:56:c1:4f:d5:75:f6:5c:c7:49:63:b0:
d0:8e:c2:f5:4b:4b:fd:69:c1:fa:eb:9f:02:50:6d:d1:51:12:
0a:4f:68:5f:59:13:89:dc:e5:2a:88:26:8d:34:67:8a:8f:f5:
9f:eb:9b:12:04:1e:62:ac:89:9b:69:9e:ee:16:76:bc:16:d5:
1f:0f:f2:40:0e:5f:ea:19:b5:32:14:fd:09:7f:9b:9c:20:26:
89:3b:63:22:ee:66:82:b8:d8:73:97:82:97:d8:05:8d:6b:2c:
cb:9e:ad:84:90:67:29:38:63:ee:76:7e:7e:8d:9a:b7:b7:71:
41:2e:ce:b5:5c:c4:5e:d3:d2:cd:2b:c4:cd:0a:61:63:39:c4:
88:1d:71:8b:b8:81:5c:81:4e:b5:5a:a2:9d:98:cc:50:3a:9e:
af:65:07:5f:45:d5:d3:89:9d:e4:65:df:3f:24:7f:5d:05:49:
8c:66:0b:36:11:2b:05:cd:ef:b7:bc:41:33:48:73:59:f1:57:
f9:76:03:65:58:6c:f5:78:39:c7:01:b8:a4:65:33:84:89:53:
ad:11:98:e4:b9:50:86:3f:8a:49:ad:cb:09:1b:5b:48:f7:14:
31:bf:69:9d:a6:7e:1e:d7:fd:dd:80:f1:d7:33:e0:55:56:66:
01:98:f6:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwfoDPZul4pBdAlPnU3VpF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OThjYmM0ZThkZmYxODUyNDA0YTk5Mjc1ZDIzMGE1NjEx
MTA1NWYwHhcNMjMxMTMwMDk0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U1MjBlNDkyMjU2YWQ2NzI3YzRkMWU2MmYxYjg5ZjM5Y2E4YmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZEPxWRZzi0bnLicugip6GadfnuD
0KAIBtK8YJJoZI0wx6+L9clwK5d4Y/Ejn9k/GAstR+REni4fEbQKwVKdSoJvNaWL
Bw9vokeXaRHbwISSWME2HuCbGEjHrpjzwWrmBRo0W6j6k3n3AIhteq76DjFtWIkZ
H7kRmhg7JaWqLUuQ32+9VS6kjFQbuF+IcWkj8JnUsHyO3aD+cGLzimChfVlu6eZU
ppbREJtPJ1gHfzoDIBkgHS65TeqhBDhx2Z5Xb6dj4vSmxcX9I/dFMBij/Vix6gGT
pzQZMf/QNt6fKZXyvx7eCs0x7x9XhfNfzm0VkLZvI0SNw2KWESWv3UUDuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzlIOSSJWrWcnxNHmLxuJ85yov0MB8GA1UdIwQY
MBaAFIWYy8To3/GFJASpknXSMKVhEQVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpqTHhPamY4WVVrQkttU2RkSXdwV0VSQlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8wNDlhYjItOTIyNi00YjQwLWFiOGEt
NTFlNGE1ZWFmYzhlLzEvVE9VZzVKSWxhdFp5ZkUwZVl2RzRuem5LaV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8wNDlhYjItOTIyNi00YjQwLWFiOGEtNTFlNGE1ZWFmYzhl
LzEvaFpqTHhPamY4WVVrQkttU2RkSXdwV0VSQlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RDMA0G
CSqGSIb3DQEBCwUAA4IBAQBhrUKWzhBzVsFP1XX2XMdJY7DQjsL1S0v9acH6658C
UG3RURIKT2hfWROJ3OUqiCaNNGeKj/Wf65sSBB5irImbaZ7uFna8FtUfD/JADl/q
GbUyFP0Jf5ucICaJO2Mi7maCuNhzl4KX2AWNayzLnq2EkGcpOGPudn5+jZq3t3FB
Ls61XMRe09LNK8TNCmFjOcSIHXGLuIFcgU61WqKdmMxQOp6vZQdfRdXTiZ3kZd8/
JH9dBUmMZgs2ESsFze+3vEEzSHNZ8Vf5dgNlWGz1eDnHAbikZTOEiVOtEZjkuVCG
P4pJrcsJG1tI9xQxv2mdpn4e1/3dgPHXM+BVVmYBmPZK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:31 2025 by rpki-client