Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/R4F9MnDbcmP-hICJOO7Vanmyq0M.roa
File: R4F9MnDbcmP-hICJOO7Vanmyq0M.roa (raw, json)
Hash identifier: YJnnPHYRDVHhPIEnuMY9x4M9L50QRaHQjusk5SB+ue0=
Subject key identifier: 47:81:7D:32:70:DB:72:63:FE:84:80:89:38:EE:D5:6A:79:B2:AB:43
Certificate issuer: /CN=3ac4446ba99b43891ecf1f7fa2cdb02e14a344f3
Certificate serial: 0184AA090F26C1A534F2F25E865CBE44AAB4
Authority key identifier: 3A:C4:44:6B:A9:9B:43:89:1E:CF:1F:7F:A2:CD:B0:2E:14:A3:44:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsREa6mbQ4kezx9_os2wLhSjRPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/R4F9MnDbcmP-hICJOO7Vanmyq0M.roa
Signing time: Thu 24 Nov 2022 14:27:10 +0000
ROA not before: Thu 24 Nov 2022 14:27:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198765
IP address blocks: 91.238.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:09:0f:26:c1:a5:34:f2:f2:5e:86:5c:be:44:aa:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac4446ba99b43891ecf1f7fa2cdb02e14a344f3
Validity
Not Before: Nov 24 14:27:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47817d3270db7263fe84808938eed56a79b2ab43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:79:ec:fc:d4:9b:9c:ad:67:84:b7:58:53:8d:
2f:7f:ab:5d:9a:4a:e9:25:3d:88:78:28:0b:a0:92:
4a:df:55:95:54:e0:d7:b2:56:a8:9c:fa:28:52:39:
36:80:6d:01:74:62:e1:a9:5a:a5:33:b0:4f:3d:36:
6f:34:11:8a:d5:d6:27:5a:5c:da:45:9c:6d:25:69:
da:30:0f:de:f7:e7:62:59:dd:7f:0a:04:5a:03:cf:
76:84:0d:b5:fc:a5:b5:6d:40:d2:90:59:ad:34:81:
01:d6:53:d1:ad:b3:4b:a7:14:00:9d:cb:88:9e:2e:
4a:90:a3:d1:1d:a6:a4:f9:1a:d4:d5:be:87:7a:2f:
cb:ad:ed:7d:2a:0f:25:d5:08:8b:b9:26:24:8b:fe:
96:61:25:3d:7b:b0:b2:2a:66:1d:83:60:19:90:1d:
f4:9c:28:32:8a:e8:c4:76:81:3e:6f:e4:b4:89:ec:
17:18:ee:04:1c:6d:fc:ab:fd:94:e2:64:d9:0a:34:
50:9f:ec:07:82:a0:9b:a6:e0:ef:f0:e8:5a:90:cd:
f7:62:40:7d:d7:d6:69:06:ac:3a:a9:5a:74:e2:06:
3e:c2:f9:fd:28:bd:78:20:5d:2c:56:7c:3a:3f:fc:
88:b3:6a:ec:df:4f:ba:04:b3:a5:15:08:9e:86:28:
45:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:81:7D:32:70:DB:72:63:FE:84:80:89:38:EE:D5:6A:79:B2:AB:43
X509v3 Authority Key Identifier:
keyid:3A:C4:44:6B:A9:9B:43:89:1E:CF:1F:7F:A2:CD:B0:2E:14:A3:44:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsREa6mbQ4kezx9_os2wLhSjRPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/R4F9MnDbcmP-hICJOO7Vanmyq0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/OsREa6mbQ4kezx9_os2wLhSjRPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.199.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:74:4d:fa:c7:76:82:c7:c4:c1:5a:0b:a3:c9:f6:1a:3b:cc:
f4:20:8a:96:5d:29:af:f6:c9:29:95:dd:1b:97:09:f6:ee:81:
5e:d5:ad:57:bc:a2:c4:b6:85:38:84:00:e8:57:85:c5:60:ed:
cf:db:93:4c:65:27:10:f9:75:5d:a2:13:5f:e9:13:01:74:b3:
c2:1b:21:77:f4:0f:52:75:9a:5f:7d:89:09:3f:d4:a3:50:9e:
f2:e2:64:de:44:cf:c3:8d:20:ad:96:5d:c7:e5:6b:70:7c:e2:
3f:79:63:17:09:dd:90:f9:ae:b4:23:2b:38:93:c9:e9:9b:ce:
7d:0a:0d:7f:96:f3:fc:38:04:f1:5d:d3:64:e0:70:37:2f:82:
74:f1:e5:a0:68:e7:5c:3f:7c:2b:9d:80:f2:96:06:b2:04:9d:
50:58:13:30:df:e0:42:a0:0a:58:bb:70:4b:fd:af:a3:ff:f6:
d3:29:c5:0d:7d:e5:01:52:f0:ce:f7:0b:ec:b0:e8:ed:6a:c2:
2d:7e:c5:d9:0a:55:16:f5:f4:95:0e:42:94:53:26:b6:20:41:
b4:1f:23:d5:e7:5a:fc:80:4e:c9:7f:df:a8:9c:ea:4d:70:7c:
74:37:16:a8:ca:82:ad:45:3c:c3:91:64:db:a7:70:74:5d:aa:
4f:b8:3c:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSqCQ8mwaU08vJehly+RKq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzQ0NDZiYTk5YjQzODkxZWNmMWY3ZmEyY2RiMDJlMTRh
MzQ0ZjMwHhcNMjIxMTI0MTQyNzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzgxN2QzMjcwZGI3MjYzZmU4NDgwODkzOGVlZDU2YTc5YjJhYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXns/NSbnK1nhLdYU40vf6tdmkrp
JT2IeCgLoJJK31WVVODXslaonPooUjk2gG0BdGLhqVqlM7BPPTZvNBGK1dYnWlza
RZxtJWnaMA/e9+diWd1/CgRaA892hA21/KW1bUDSkFmtNIEB1lPRrbNLpxQAncuI
ni5KkKPRHaak+RrU1b6Hei/Lre19Kg8l1QiLuSYki/6WYSU9e7CyKmYdg2AZkB30
nCgyiujEdoE+b+S0iewXGO4EHG38q/2U4mTZCjRQn+wHgqCbpuDv8OhakM33YkB9
19ZpBqw6qVp04gY+wvn9KL14IF0sVnw6P/yIs2rs30+6BLOlFQiehihFHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeBfTJw23Jj/oSAiTju1Wp5sqtDMB8GA1UdIwQY
MBaAFDrERGupm0OJHs8ff6LNsC4Uo0TzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NSRWE2bWJRNGtleng5X29zMndMaFNqUlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lNWM4NzctYTJlZS00YzNmLWFkNWMt
MDJhN2Y2ZGY2ODEwLzEvUjRGOU1uRGJjbVAtaElDSk9PN1Zhbm15cTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lNWM4NzctYTJlZS00YzNmLWFkNWMtMDJhN2Y2ZGY2ODEw
LzEvT3NSRWE2bWJRNGtleng5X29zMndMaFNqUlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7HMA0G
CSqGSIb3DQEBCwUAA4IBAQBqdE36x3aCx8TBWgujyfYaO8z0IIqWXSmv9skpld0b
lwn27oFe1a1XvKLEtoU4hADoV4XFYO3P25NMZScQ+XVdohNf6RMBdLPCGyF39A9S
dZpffYkJP9SjUJ7y4mTeRM/DjSCtll3H5WtwfOI/eWMXCd2Q+a60Iys4k8npm859
Cg1/lvP8OATxXdNk4HA3L4J08eWgaOdcP3wrnYDylgayBJ1QWBMw3+BCoApYu3BL
/a+j//bTKcUNfeUBUvDO9wvssOjtasItfsXZClUW9fSVDkKUUya2IEG0HyPV51r8
gE7Jf9+onOpNcHx0NxaoyoKtRTzDkWTbp3B0XapPuDwO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:25 2025 by rpki-client