Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/hNfpOTcvCtIeg-rVwu4HHyD_YUU.roa
File: hNfpOTcvCtIeg-rVwu4HHyD_YUU.roa (raw, json)
Hash identifier: 0XbBEfSd0aMk/MWMVmTB5jdpXEiIpSsHnTmiSqYhA30=
Subject key identifier: 84:D7:E9:39:37:2F:0A:D2:1E:83:EA:D5:C2:EE:07:1F:20:FF:61:45
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF64FF305936A8A0A8B85FAF36B74D
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/hNfpOTcvCtIeg-rVwu4HHyD_YUU.roa
Signing time: Sun 01 Jan 2023 14:14:49 +0000
ROA not before: Sun 01 Jan 2023 14:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 91.151.93.0/24 maxlen: 32
91.151.90.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:64:ff:30:59:36:a8:a0:a8:b8:5f:af:36:b7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d7e939372f0ad21e83ead5c2ee071f20ff6145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:08:43:36:73:60:6e:e3:fa:3b:16:35:8a:
0a:cf:a2:4e:ca:91:97:a7:20:3e:7c:84:25:0b:8f:
0d:16:4d:9d:b7:7b:09:9b:83:bb:2b:28:18:09:3c:
78:a2:39:1c:32:f5:05:06:0f:29:ea:cf:ea:07:2d:
ac:6a:0a:80:c4:51:01:ba:34:90:44:6d:63:7a:ee:
46:a9:bf:33:7b:01:2c:28:e3:6c:fb:b9:19:b1:1d:
68:74:66:5d:35:ce:6d:f9:14:4c:8f:1c:a8:5c:f1:
1d:2d:21:be:3c:dd:d9:eb:a8:ce:c5:21:27:71:ca:
63:1f:88:db:0e:69:70:f9:c8:84:be:ad:96:10:a0:
32:ab:28:2e:b8:aa:0b:27:70:b6:e4:0c:63:ba:41:
8f:42:57:a1:22:e2:8d:80:8c:f2:3a:e1:7e:bf:75:
a6:9a:8a:8f:31:58:4a:85:09:61:96:ab:64:69:cf:
28:2b:cb:bf:39:d9:38:c5:55:2e:2c:04:b4:be:c7:
65:ab:33:4c:d6:0c:8a:2c:7a:0b:d1:ee:94:99:56:
2f:61:0b:b9:c4:22:df:09:7b:b5:8a:55:f1:4c:80:
38:82:85:36:95:1b:1d:88:76:9c:c8:b0:ad:a0:03:
5f:a2:66:0b:85:c9:17:6e:cd:d9:ae:b0:d3:7e:4e:
00:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D7:E9:39:37:2F:0A:D2:1E:83:EA:D5:C2:EE:07:1F:20:FF:61:45
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/hNfpOTcvCtIeg-rVwu4HHyD_YUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.90.0/24
91.151.93.0/24
Signature Algorithm: sha256WithRSAEncryption
02:db:9d:40:0e:c1:92:26:e3:6c:25:c8:c3:d8:3a:89:cd:bb:
32:21:24:2d:2e:c2:19:30:c1:ce:05:f6:7a:71:a1:c3:5b:42:
d9:b5:df:49:c5:ed:03:cf:93:58:0c:41:5b:77:63:38:0f:df:
1f:e1:50:9f:e7:23:3c:22:18:09:18:9e:3d:57:9b:59:d6:e1:
9a:cc:f5:c6:43:b0:bd:83:2f:6a:01:37:a8:f1:70:5c:60:78:
62:0b:87:ad:43:96:3c:8b:ff:e2:44:ec:27:f8:e7:cc:6c:15:
de:bc:0f:3d:f7:ce:6d:bb:50:24:cf:c2:37:54:c9:72:8c:d2:
5b:0a:f9:24:5b:88:d4:ef:2d:b7:84:29:e8:63:49:62:c4:22:
46:0e:cc:dd:4d:8e:c3:f0:5e:d4:2b:6e:ee:02:18:f3:13:f2:
34:c7:e5:bc:c9:fa:89:aa:c0:2e:be:5f:03:72:e4:0d:15:55:
8c:39:28:f5:6b:2d:91:0d:3d:65:8f:36:c1:cc:52:a2:fe:7f:
a3:0f:54:fd:cb:95:8f:f8:d6:87:cb:8e:72:3d:11:ec:5a:9d:
d4:48:e2:53:cc:f1:45:bd:ef:26:46:23:03:a6:c8:46:08:8f:
8e:3b:3f:92:e9:b1:25:de:80:20:a2:10:0d:e8:ce:cf:7a:bf:
6b:10:c9:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtr2T/MFk2qKCouF+vNrdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ3ZTkzOTM3MmYwYWQyMWU4M2VhZDVjMmVlMDcxZjIwZmY2MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLMIQzZzYG7j+jsWNYoKz6JOypGX
pyA+fIQlC48NFk2dt3sJm4O7KygYCTx4ojkcMvUFBg8p6s/qBy2sagqAxFEBujSQ
RG1jeu5Gqb8zewEsKONs+7kZsR1odGZdNc5t+RRMjxyoXPEdLSG+PN3Z66jOxSEn
ccpjH4jbDmlw+ciEvq2WEKAyqyguuKoLJ3C25AxjukGPQlehIuKNgIzyOuF+v3Wm
moqPMVhKhQlhlqtkac8oK8u/Odk4xVUuLAS0vsdlqzNM1gyKLHoL0e6UmVYvYQu5
xCLfCXu1ilXxTIA4goU2lRsdiHacyLCtoANfomYLhckXbs3ZrrDTfk4ANwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFITX6Tk3LwrSHoPq1cLuBx8g/2FFMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvaE5mcE9UY3ZDdEllZy1yVnd1NEhIeURfWVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5daAwQA
W5ddMA0GCSqGSIb3DQEBCwUAA4IBAQAC251ADsGSJuNsJcjD2DqJzbsyISQtLsIZ
MMHOBfZ6caHDW0LZtd9Jxe0Dz5NYDEFbd2M4D98f4VCf5yM8IhgJGJ49V5tZ1uGa
zPXGQ7C9gy9qATeo8XBcYHhiC4etQ5Y8i//iROwn+OfMbBXevA89985tu1Akz8I3
VMlyjNJbCvkkW4jU7y23hCnoY0lixCJGDszdTY7D8F7UK27uAhjzE/I0x+W8yfqJ
qsAuvl8DcuQNFVWMOSj1ay2RDT1ljzbBzFKi/n+jD1T9y5WP+NaHy45yPRHsWp3U
SOJTzPFFve8mRiMDpshGCI+OOz+S6bEl3oAgohAN6M7Per9rEMmi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:12 2025 by rpki-client