Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3ifxI11MWbWt6Al17UoOW98r1ZE.roa
File: 3ifxI11MWbWt6Al17UoOW98r1ZE.roa (raw, json)
Hash identifier: 1XintLeiEn/px6OFRexN5UdO8D1kDWnb7W8WcixNmsk=
Subject key identifier: DE:27:F1:23:5D:4C:59:B5:AD:E8:09:75:ED:4A:0E:5B:DF:2B:D5:91
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185F315C72A40F20F70229574676EDC702C
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3ifxI11MWbWt6Al17UoOW98r1ZE.roa
Signing time: Fri 27 Jan 2023 11:56:08 +0000
ROA not before: Fri 27 Jan 2023 11:56:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13075
IP address blocks: 91.213.104.0/24 maxlen: 24
83.149.13.0/24 maxlen: 24
83.149.14.0/24 maxlen: 24
2a03:d000:9000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:15:c7:2a:40:f2:0f:70:22:95:74:67:6e:dc:70:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 27 11:56:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de27f1235d4c59b5ade80975ed4a0e5bdf2bd591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ec:66:52:ad:75:b2:24:12:c5:b0:e9:8d:58:
66:1d:e9:1d:39:0b:84:37:e7:7f:4f:b0:df:4c:03:
0b:2a:ef:b0:4a:48:85:13:a0:34:2d:87:d3:ed:a2:
b9:72:9c:b8:04:c9:57:6a:af:60:83:b6:ab:01:96:
f5:04:e8:c8:ee:13:86:c9:cd:b0:f1:35:eb:41:b9:
0f:80:c3:84:83:1e:24:8c:64:90:a4:9b:d7:5e:ae:
95:6d:3f:a0:22:4c:19:b8:84:55:55:16:13:de:02:
c1:4a:79:e8:35:5e:5e:f8:34:55:58:e9:4f:f1:b6:
98:97:cc:23:5e:92:79:56:eb:50:7f:6f:fc:34:9d:
d6:0d:3b:47:c3:5d:0a:c7:05:73:dc:5c:1c:0c:d8:
c2:e5:64:51:b6:29:91:d1:3c:98:6c:7c:62:57:01:
2f:8d:98:fd:60:68:b3:4c:bd:94:12:bc:58:ed:f6:
5b:86:37:32:fc:82:a1:98:05:9a:1b:ca:11:35:eb:
72:d8:c3:36:22:a9:d5:9d:b4:a6:c3:28:83:a5:81:
18:5e:76:24:de:6f:10:9e:56:26:25:af:4e:68:bb:
cf:9f:82:bd:44:b1:65:e6:77:84:13:98:6d:53:5b:
16:c0:c8:fe:53:f3:a4:79:83:1f:11:ae:a6:cc:b6:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:27:F1:23:5D:4C:59:B5:AD:E8:09:75:ED:4A:0E:5B:DF:2B:D5:91
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3ifxI11MWbWt6Al17UoOW98r1ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.149.13.0-83.149.14.255
91.213.104.0/24
IPv6:
2a03:d000:9000::/48
Signature Algorithm: sha256WithRSAEncryption
21:ad:7b:ac:e0:6b:8e:c4:99:5c:e3:96:03:c4:4d:30:01:d9:
1e:93:81:23:5e:33:f6:6f:35:79:b5:a7:63:5e:43:e9:4e:5a:
5e:46:b7:80:97:77:19:65:30:b4:8d:43:5a:a6:69:55:b0:8a:
a3:7c:76:00:73:00:35:a5:7c:e8:8f:f3:3f:24:a3:49:d2:63:
34:3a:94:56:f2:85:8c:ea:d2:aa:27:17:04:3e:7c:2b:93:c9:
de:76:5a:89:5d:cb:36:ee:4f:dc:b8:b8:9c:a2:b2:b3:2b:b8:
b7:95:57:be:3d:93:96:a4:43:73:42:6a:39:fe:ef:ea:bd:40:
68:57:5c:f1:5c:8e:7c:22:fb:68:d5:65:d9:ca:ea:88:e3:47:
0a:df:d0:6f:7e:67:5d:6d:ff:73:05:59:ba:65:26:a7:98:d7:
5e:15:3d:62:35:7f:ad:f9:b9:7c:4e:e6:9b:86:63:98:08:f1:
2c:b7:25:09:28:ac:a7:80:1b:c7:88:aa:d0:1f:10:09:7d:02:
62:6c:83:1f:97:6f:87:74:c2:09:0e:c8:af:99:f0:7b:44:51:
2c:06:86:d7:aa:88:54:64:1f:90:2e:56:41:7e:b5:22:bf:e2:
60:62:2d:96:ef:3f:16:40:72:e5:2b:b5:a4:72:f1:b4:77:69:
f7:56:f8:20
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYXzFccqQPIPcCKVdGdu3HAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI3MTE1NjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI3ZjEyMzVkNGM1OWI1YWRlODA5NzVlZDRhMGU1YmRmMmJkNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOxmUq11siQSxbDpjVhmHekdOQuE
N+d/T7DfTAMLKu+wSkiFE6A0LYfT7aK5cpy4BMlXaq9gg7arAZb1BOjI7hOGyc2w
8TXrQbkPgMOEgx4kjGSQpJvXXq6VbT+gIkwZuIRVVRYT3gLBSnnoNV5e+DRVWOlP
8baYl8wjXpJ5VutQf2/8NJ3WDTtHw10KxwVz3FwcDNjC5WRRtimR0TyYbHxiVwEv
jZj9YGizTL2UErxY7fZbhjcy/IKhmAWaG8oRNety2MM2IqnVnbSmwyiDpYEYXnYk
3m8QnlYmJa9OaLvPn4K9RLFl5neEE5htU1sWwMj+U/OkeYMfEa6mzLbiwwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFN4n8SNdTFm1regJde1KDlvfK9WRMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvM2lmeEkxMU1XYld0NkFsMTdVb09XOThyMVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBABTlQ0D
BABTlQ4DBABb1WgwDwQCAAIwCQMHACoD0ACQADANBgkqhkiG9w0BAQsFAAOCAQEA
Ia17rOBrjsSZXOOWA8RNMAHZHpOBI14z9m81ebWnY15D6U5aXka3gJd3GWUwtI1D
WqZpVbCKo3x2AHMANaV86I/zPySjSdJjNDqUVvKFjOrSqicXBD58K5PJ3nZaiV3L
Nu5P3Li4nKKysyu4t5VXvj2TlqRDc0JqOf7v6r1AaFdc8VyOfCL7aNVl2crqiONH
Ct/Qb35nXW3/cwVZumUmp5jXXhU9YjV/rfm5fE7mm4ZjmAjxLLclCSisp4Abx4iq
0B8QCX0CYmyDH5dvh3TCCQ7Ir5nwe0RRLAaG16qIVGQfkC5WQX61Ir/iYGItlu8/
FkBy5Su1pHLxtHdp91b4IA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:36:01 2025 by rpki-client