Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/z2CvC6anTZEzXEbbGpP-9AshWQo.roa
File: z2CvC6anTZEzXEbbGpP-9AshWQo.roa (raw, json)
Hash identifier: 5bEQd60sZpRg3lafeu5K8atjbLHyiqCCQqZfSvUyCIA=
Subject key identifier: CF:60:AF:0B:A6:A7:4D:91:33:5C:46:DB:1A:93:FE:F4:0B:21:59:0A
Certificate issuer: /CN=81060a518528e86a8ea77f188a0263790c08f6b9
Certificate serial: 01856EB8EAA33B9997C8F37501AD9B903131
Authority key identifier: 81:06:0A:51:85:28:E8:6A:8E:A7:7F:18:8A:02:63:79:0C:08:F6:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQYKUYUo6GqOp38YigJjeQwI9rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/z2CvC6anTZEzXEbbGpP-9AshWQo.roa
Signing time: Sun 01 Jan 2023 19:04:50 +0000
ROA not before: Sun 01 Jan 2023 19:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5603
IP address blocks: 91.217.127.0/24 maxlen: 24
91.217.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:ea:a3:3b:99:97:c8:f3:75:01:ad:9b:90:31:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81060a518528e86a8ea77f188a0263790c08f6b9
Validity
Not Before: Jan 1 19:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf60af0ba6a74d91335c46db1a93fef40b21590a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:b1:5f:f0:9b:12:75:cb:eb:bf:77:76:a9:
88:e5:9f:c8:cd:32:9c:62:6f:0d:9e:23:c7:1b:ee:
9a:10:11:0b:cb:ae:1b:13:88:4c:14:e9:37:8e:15:
13:44:7f:41:97:7f:6b:6c:a2:62:0b:d5:de:ed:c6:
e7:f6:4a:5d:4f:ac:9e:57:d1:95:8f:c9:b8:ff:05:
49:50:93:a5:47:89:5f:a5:50:ac:94:90:e8:7d:24:
3e:aa:98:f8:f1:6e:5b:87:41:a3:b8:2e:59:b9:78:
00:6e:c0:ed:4f:ff:78:a6:29:6f:91:2e:f1:75:1c:
5b:a7:5b:f7:95:90:b4:93:84:68:23:1d:8f:d9:5d:
89:1a:15:60:db:b2:43:68:39:22:17:d1:aa:6a:20:
f8:0d:22:03:bc:5d:0d:34:bc:8c:29:65:47:d9:59:
f5:0f:88:5a:95:ca:d8:11:a5:cc:08:08:bf:f9:98:
2d:9d:3f:2c:b1:9b:9c:d5:6b:5f:0e:49:38:38:61:
26:ff:a8:10:81:d6:76:61:90:58:0c:24:4a:01:f7:
59:28:79:3e:d3:b1:c7:e7:e7:55:5f:b8:2b:6c:a9:
2f:cf:4f:63:be:3f:e5:a9:b3:74:8d:09:a8:69:ca:
0c:ea:6f:c7:32:51:53:02:5b:d0:bd:5c:a5:bd:df:
d3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:60:AF:0B:A6:A7:4D:91:33:5C:46:DB:1A:93:FE:F4:0B:21:59:0A
X509v3 Authority Key Identifier:
keyid:81:06:0A:51:85:28:E8:6A:8E:A7:7F:18:8A:02:63:79:0C:08:F6:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQYKUYUo6GqOp38YigJjeQwI9rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/z2CvC6anTZEzXEbbGpP-9AshWQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/gQYKUYUo6GqOp38YigJjeQwI9rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.126.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:df:c7:e1:da:bc:20:60:37:87:54:1e:ea:31:e0:b7:e0:f7:
45:a1:68:ea:8d:09:c0:b0:d0:1e:83:ed:2b:0d:56:8d:59:99:
90:ee:e6:4e:2b:c3:47:57:c4:51:5b:0b:95:69:63:c1:47:05:
bb:ac:9e:cb:38:4b:60:71:71:77:91:cd:45:0b:36:9f:52:80:
90:6a:60:cc:72:c6:cb:96:7c:d4:08:0a:f0:3d:2e:d8:92:fc:
07:d4:c5:ca:b7:87:13:3e:5e:b4:37:eb:48:df:b6:04:93:79:
56:f4:c8:b9:64:42:e5:ef:59:35:b2:da:64:34:01:f0:85:09:
dc:c9:36:32:4b:9f:34:c4:3f:3f:0b:c0:17:d6:3f:65:7e:dd:
8d:36:bb:bc:ab:97:ee:5c:68:f0:ff:d5:14:26:98:d2:90:ac:
67:11:28:5b:03:a6:d5:d4:a2:c4:bb:1e:5e:5d:58:09:8c:ba:
93:a5:77:ea:75:d8:5a:81:44:ff:5c:2a:13:ce:17:4f:6c:f8:
c9:df:dc:fd:b7:09:02:53:21:73:7f:c9:47:b0:28:2c:88:32:
da:b0:68:0e:b8:12:43:61:2d:bb:14:7e:95:84:6d:3c:a5:91:
53:6a:8a:13:81:f4:ab:02:0a:8a:b8:9e:ea:6e:ba:15:db:58:
ce:b7:ed:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuOqjO5mXyPN1Aa2bkDExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMDYwYTUxODUyOGU4NmE4ZWE3N2YxODhhMDI2Mzc5MGMw
OGY2YjkwHhcNMjMwMTAxMTkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjYwYWYwYmE2YTc0ZDkxMzM1YzQ2ZGIxYTkzZmVmNDBiMjE1OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8SxX/CbEnXL6793dqmI5Z/IzTKc
Ym8NniPHG+6aEBELy64bE4hMFOk3jhUTRH9Bl39rbKJiC9Xe7cbn9kpdT6yeV9GV
j8m4/wVJUJOlR4lfpVCslJDofSQ+qpj48W5bh0GjuC5ZuXgAbsDtT/94pilvkS7x
dRxbp1v3lZC0k4RoIx2P2V2JGhVg27JDaDkiF9GqaiD4DSIDvF0NNLyMKWVH2Vn1
D4halcrYEaXMCAi/+ZgtnT8ssZuc1WtfDkk4OGEm/6gQgdZ2YZBYDCRKAfdZKHk+
07HH5+dVX7grbKkvz09jvj/lqbN0jQmoacoM6m/HMlFTAlvQvVylvd/T9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9grwump02RM1xG2xqT/vQLIVkKMB8GA1UdIwQY
MBaAFIEGClGFKOhqjqd/GIoCY3kMCPa5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1FZS1VZVW82R3FPcDM4WWlnSmplUXdJOXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lNWUyZDAtZjQzOS00NWU0LTg1NDAt
ZjE5NjAwYzdhZDU0LzEvejJDdkM2YW5UWkV6WEViYkdwUC05QXNoV1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lNWUyZDAtZjQzOS00NWU0LTg1NDAtZjE5NjAwYzdhZDU0
LzEvZ1FZS1VZVW82R3FPcDM4WWlnSmplUXdJOXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9l+MA0G
CSqGSIb3DQEBCwUAA4IBAQAv38fh2rwgYDeHVB7qMeC34PdFoWjqjQnAsNAeg+0r
DVaNWZmQ7uZOK8NHV8RRWwuVaWPBRwW7rJ7LOEtgcXF3kc1FCzafUoCQamDMcsbL
lnzUCArwPS7YkvwH1MXKt4cTPl60N+tI37YEk3lW9Mi5ZELl71k1stpkNAHwhQnc
yTYyS580xD8/C8AX1j9lft2NNru8q5fuXGjw/9UUJpjSkKxnEShbA6bV1KLEux5e
XVgJjLqTpXfqddhagUT/XCoTzhdPbPjJ39z9twkCUyFzf8lHsCgsiDLasGgOuBJD
YS27FH6VhG08pZFTaooTgfSrAgqKuJ7qbroV21jOt+1f
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:54 2025 by rpki-client