Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0748bb-e7e2-4268-b79c-8e652940a09d/1/SGxTFZ5RfN6mcJfN0SZJ4r3yGQc.roa
File: SGxTFZ5RfN6mcJfN0SZJ4r3yGQc.roa (raw, json)
Hash identifier: nkpJ/yaJaHwcO7ABZ0GUBw6uw02itWLbooNAfJuIfGs=
Subject key identifier: 48:6C:53:15:9E:51:7C:DE:A6:70:97:CD:D1:26:49:E2:BD:F2:19:07
Certificate issuer: /CN=cbf16dc9a4b5bd4d0c4278a85c085593020bea31
Certificate serial: 01856EB8DD4305F5D1B99815188FAC159BC8
Authority key identifier: CB:F1:6D:C9:A4:B5:BD:4D:0C:42:78:A8:5C:08:55:93:02:0B:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_FtyaS1vU0MQnioXAhVkwIL6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/0748bb-e7e2-4268-b79c-8e652940a09d/1/SGxTFZ5RfN6mcJfN0SZJ4r3yGQc.roa
Signing time: Sun 01 Jan 2023 19:04:47 +0000
ROA not before: Sun 01 Jan 2023 19:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57533
IP address blocks: 91.231.97.0/24 maxlen: 24
2001:67c:568::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:dd:43:05:f5:d1:b9:98:15:18:8f:ac:15:9b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf16dc9a4b5bd4d0c4278a85c085593020bea31
Validity
Not Before: Jan 1 19:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=486c53159e517cdea67097cdd12649e2bdf21907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:bf:fa:c6:8e:ce:ec:d9:7a:33:fb:63:02:
c4:09:43:2f:5e:0a:b1:22:9f:ed:ea:9f:d9:67:23:
87:20:42:91:5b:81:3e:2e:2e:d5:b3:c2:f3:5f:b4:
16:d8:ee:62:16:23:d9:f6:35:50:b0:25:42:50:8d:
35:d9:d8:c9:94:05:59:30:1d:ef:e1:ce:6d:db:e8:
f6:86:2c:2d:08:9a:60:13:09:45:a2:03:ca:81:bc:
ca:f6:7c:75:6a:2d:bb:e9:ee:5e:8f:6f:4e:53:df:
44:08:4a:2e:53:7a:c0:57:d3:bc:cc:fd:07:7e:8d:
7a:44:6e:f2:b5:7a:68:48:24:65:5a:1a:ea:22:00:
0b:73:1d:56:00:66:48:2a:fb:65:57:d4:e2:7e:40:
22:dc:14:9c:ef:a3:da:b6:6e:6e:08:f6:28:0a:40:
c8:e2:5c:d8:16:85:18:3f:9e:b9:3f:00:fd:e4:21:
16:01:c6:e3:13:1f:a4:fa:bd:ad:ad:7e:fe:eb:0f:
b2:28:5b:42:23:13:4b:e5:72:e1:25:8f:f1:fb:6a:
36:65:4c:54:08:51:dd:56:30:5f:db:ba:c4:fe:1c:
6e:8f:39:7e:5f:15:04:0a:1e:0a:d0:79:06:be:a4:
b9:cf:56:e7:83:a4:1b:68:09:40:d3:86:2d:9e:79:
26:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6C:53:15:9E:51:7C:DE:A6:70:97:CD:D1:26:49:E2:BD:F2:19:07
X509v3 Authority Key Identifier:
keyid:CB:F1:6D:C9:A4:B5:BD:4D:0C:42:78:A8:5C:08:55:93:02:0B:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_FtyaS1vU0MQnioXAhVkwIL6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0748bb-e7e2-4268-b79c-8e652940a09d/1/SGxTFZ5RfN6mcJfN0SZJ4r3yGQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0748bb-e7e2-4268-b79c-8e652940a09d/1/y_FtyaS1vU0MQnioXAhVkwIL6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.97.0/24
IPv6:
2001:67c:568::/48
Signature Algorithm: sha256WithRSAEncryption
09:67:99:ed:24:39:12:2f:b7:e7:97:a8:84:13:1e:c6:a1:75:
de:fb:e7:bf:a3:36:a7:3b:4b:75:ec:a7:40:16:3e:10:59:1f:
6e:7a:ec:c7:b7:d0:01:fd:14:c1:d2:3c:7b:6d:06:57:86:1d:
13:f8:a4:7b:10:ec:c2:5d:2e:c0:b4:14:9b:6b:8f:7d:5c:e8:
fb:fb:a9:3d:43:12:ea:0c:55:36:e5:27:be:cc:72:24:64:c9:
5d:b8:99:2d:32:71:15:78:8c:23:35:49:f1:6f:b1:d1:21:fd:
f2:e8:3e:75:9f:be:ef:75:20:31:32:a0:d3:35:57:26:8c:71:
98:56:39:45:dc:b5:ec:92:a8:37:5f:84:08:4b:b3:85:c7:09:
ff:26:07:76:45:94:74:bb:90:93:7a:ed:bb:68:57:30:75:15:
35:4e:c6:cd:a5:8b:c3:7a:46:c2:aa:bc:07:c2:4d:bd:83:37:
7b:7a:05:1a:e8:bf:a2:21:70:1d:65:23:68:bf:8a:a8:d1:85:
6e:99:cf:a7:fb:af:7b:43:b9:17:70:30:cf:c6:47:cf:59:56:
1f:6c:3f:28:f1:79:30:55:70:f5:7f:92:c8:c1:41:79:3e:80:
fd:5e:e7:97:6a:42:f4:57:1a:43:01:c1:8e:d3:1c:6c:9f:bd:
d6:b1:e6:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuuN1DBfXRuZgVGI+sFZvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjE2ZGM5YTRiNWJkNGQwYzQyNzhhODVjMDg1NTkzMDIw
YmVhMzEwHhcNMjMwMTAxMTkwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZjNTMxNTllNTE3Y2RlYTY3MDk3Y2RkMTI2NDllMmJkZjIxOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSS/+saOzuzZejP7YwLECUMvXgqx
Ip/t6p/ZZyOHIEKRW4E+Li7Vs8LzX7QW2O5iFiPZ9jVQsCVCUI012djJlAVZMB3v
4c5t2+j2hiwtCJpgEwlFogPKgbzK9nx1ai276e5ej29OU99ECEouU3rAV9O8zP0H
fo16RG7ytXpoSCRlWhrqIgALcx1WAGZIKvtlV9TifkAi3BSc76Patm5uCPYoCkDI
4lzYFoUYP565PwD95CEWAcbjEx+k+r2trX7+6w+yKFtCIxNL5XLhJY/x+2o2ZUxU
CFHdVjBf27rE/hxujzl+XxUECh4K0HkGvqS5z1bng6QbaAlA04YtnnkmoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhsUxWeUXzepnCXzdEmSeK98hkHMB8GA1UdIwQY
MBaAFMvxbcmktb1NDEJ4qFwIVZMCC+oxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9GdHlhUzF2VTBNUW5pb1hBaFZrd0lMNmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wNzQ4YmItZTdlMi00MjY4LWI3OWMt
OGU2NTI5NDBhMDlkLzEvU0d4VEZaNVJmTjZtY0pmTjBTWko0cjN5R1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wNzQ4YmItZTdlMi00MjY4LWI3OWMtOGU2NTI5NDBhMDlk
LzEveV9GdHlhUzF2VTBNUW5pb1hBaFZrd0lMNmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+dhMA8E
AgACMAkDBwAgAQZ8BWgwDQYJKoZIhvcNAQELBQADggEBAAlnme0kORIvt+eXqIQT
Hsahdd7757+jNqc7S3Xsp0AWPhBZH2567Me30AH9FMHSPHttBleGHRP4pHsQ7MJd
LsC0FJtrj31c6Pv7qT1DEuoMVTblJ77MciRkyV24mS0ycRV4jCM1SfFvsdEh/fLo
PnWfvu91IDEyoNM1VyaMcZhWOUXcteySqDdfhAhLs4XHCf8mB3ZFlHS7kJN67bto
VzB1FTVOxs2li8N6RsKqvAfCTb2DN3t6BRrov6IhcB1lI2i/iqjRhW6Zz6f7r3tD
uRdwMM/GR89ZVh9sPyjxeTBVcPV/ksjBQXk+gP1e55dqQvRXGkMBwY7THGyfvdax
5jE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:04 2025 by rpki-client