Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/aoDCqMAVdMGbtlxUecWfj-6oljM.roa
File: aoDCqMAVdMGbtlxUecWfj-6oljM.roa (raw, json)
Hash identifier: HRqWMzg4LB+tupxmwvpCwMLVCjAxRmHyeNiCSweNpGM=
Subject key identifier: 6A:80:C2:A8:C0:15:74:C1:9B:B6:5C:54:79:C5:9F:8F:EE:A8:96:33
Certificate issuer: /CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Certificate serial: 0189DFD5328221952AABCEA166641B1A50FB
Authority key identifier: 6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/aoDCqMAVdMGbtlxUecWfj-6oljM.roa
Signing time: Thu 10 Aug 2023 14:23:58 +0000
ROA not before: Thu 10 Aug 2023 14:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35625
IP address blocks: 91.225.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:d5:32:82:21:95:2a:ab:ce:a1:66:64:1b:1a:50:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Validity
Not Before: Aug 10 14:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a80c2a8c01574c19bb65c5479c59f8feea89633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a8:45:9d:b0:17:08:a2:64:01:58:18:a3:92:
4d:94:2f:f7:8a:7b:20:26:61:4a:5f:19:05:00:c7:
0b:f1:10:a5:6a:53:d8:a9:15:4a:9f:94:11:27:5e:
d7:a9:a8:1a:06:b2:9d:68:ca:5c:47:40:12:ea:4d:
de:99:a3:f3:c7:71:e5:47:f1:db:0e:e8:e0:e0:a5:
ed:bd:8c:db:5d:25:03:e8:48:e1:3c:ab:0e:a2:a1:
88:ff:39:b3:c2:05:63:13:b8:73:06:47:21:fe:fa:
e4:67:13:e8:55:77:db:eb:df:f1:24:a6:d1:49:43:
b3:75:24:c8:3b:f4:4f:cd:44:33:cf:26:0e:40:91:
31:97:0e:fd:53:1d:3d:13:47:64:36:eb:f8:35:19:
82:22:51:39:fe:3a:85:14:87:25:e5:8c:f7:4e:8f:
ab:c3:c7:4b:17:07:c4:82:7a:95:9d:a5:79:b6:55:
4e:fd:05:cb:7c:bb:15:0b:50:d7:22:9e:45:a4:80:
a7:30:b3:dd:74:ed:4c:3d:73:b5:79:62:50:46:de:
b3:ec:b9:56:7b:8c:32:be:eb:cc:00:b2:e4:0f:35:
68:9a:ad:f7:bd:ad:7d:47:19:61:ae:f9:3d:b7:44:
44:2e:3f:58:53:48:db:90:8b:27:28:39:7b:52:ed:
4d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:80:C2:A8:C0:15:74:C1:9B:B6:5C:54:79:C5:9F:8F:EE:A8:96:33
X509v3 Authority Key Identifier:
keyid:6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/aoDCqMAVdMGbtlxUecWfj-6oljM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/bvSHSZTeehTktYT20rlrLZkbHpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.1.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9f:8f:73:ea:38:53:22:cd:8e:06:55:93:74:93:f2:4d:ae:
d4:22:e1:fe:7a:c0:e4:1c:4d:07:3e:6c:28:d3:f8:a8:cc:1f:
c8:c5:30:2f:20:cb:0d:e1:c4:36:0e:33:29:52:75:56:cc:bd:
ad:05:9d:c7:0e:00:19:a8:fa:1f:88:c7:23:ef:06:9e:9b:d7:
bc:37:55:e1:2d:81:28:90:aa:4e:39:bb:3f:f9:24:87:be:3d:
ce:80:e9:17:11:08:e0:ef:32:0d:a6:42:c0:13:df:a6:e9:09:
85:32:a6:ab:35:44:ca:93:66:64:70:4f:86:0f:ef:06:3b:1c:
4b:18:fd:1c:e4:20:72:b3:f1:78:c7:49:af:37:68:b7:9e:4a:
8e:30:8e:52:1f:72:48:22:98:cb:92:15:32:0c:4d:ee:ca:8d:
f1:5c:2f:24:38:8b:26:b3:ee:9e:fa:15:66:13:aa:b4:e9:da:
06:af:96:d9:d6:66:6c:ac:f3:93:4c:f6:49:52:2d:a8:ea:cd:
ac:41:71:d2:88:a8:82:e3:47:aa:2b:ea:1d:05:e4:3f:4c:e2:
d4:ff:4b:7d:39:bb:29:27:6b:69:f2:c8:f6:5a:0a:e5:33:21:
f0:6a:7c:cd:c7:08:c4:a9:11:27:83:7b:e7:a6:83:0e:07:74:
bd:a3:06:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnf1TKCIZUqq86hZmQbGlD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZjQ4NzQ5OTRkZTdhMTRlNGI1ODRmNmQyYjk2YjJkOTkx
YjFlOTEwHhcNMjMwODEwMTQyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgwYzJhOGMwMTU3NGMxOWJiNjVjNTQ3OWM1OWY4ZmVlYTg5NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlahFnbAXCKJkAVgYo5JNlC/3insg
JmFKXxkFAMcL8RClalPYqRVKn5QRJ17XqagaBrKdaMpcR0AS6k3emaPzx3HlR/Hb
Dujg4KXtvYzbXSUD6EjhPKsOoqGI/zmzwgVjE7hzBkch/vrkZxPoVXfb69/xJKbR
SUOzdSTIO/RPzUQzzyYOQJExlw79Ux09E0dkNuv4NRmCIlE5/jqFFIcl5Yz3To+r
w8dLFwfEgnqVnaV5tlVO/QXLfLsVC1DXIp5FpICnMLPddO1MPXO1eWJQRt6z7LlW
e4wyvuvMALLkDzVomq33va19Rxlhrvk9t0RELj9YU0jbkIsnKDl7Uu1NBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqAwqjAFXTBm7ZcVHnFn4/uqJYzMB8GA1UdIwQY
MBaAFG70h0mU3noU5LWE9tK5ay2ZGx6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMt
NTBlNzQ2NDI0NjMwLzEvYW9EQ3FNQVZkTUdidGx4VWVjV2ZqLTZvbGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMtNTBlNzQ2NDI0NjMw
LzEvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+EBMA0G
CSqGSIb3DQEBCwUAA4IBAQBEn49z6jhTIs2OBlWTdJPyTa7UIuH+esDkHE0HPmwo
0/iozB/IxTAvIMsN4cQ2DjMpUnVWzL2tBZ3HDgAZqPofiMcj7waem9e8N1XhLYEo
kKpOObs/+SSHvj3OgOkXEQjg7zINpkLAE9+m6QmFMqarNUTKk2ZkcE+GD+8GOxxL
GP0c5CBys/F4x0mvN2i3nkqOMI5SH3JIIpjLkhUyDE3uyo3xXC8kOIsms+6e+hVm
E6q06doGr5bZ1mZsrPOTTPZJUi2o6s2sQXHSiKiC40eqK+odBeQ/TOLU/0t9Obsp
J2tp8sj2WgrlMyHwanzNxwjEqREng3vnpoMOB3S9owbz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:19 2025 by rpki-client