Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/P9MtnLPG1jnW18W9QCflDVBxLVU.roa
File: P9MtnLPG1jnW18W9QCflDVBxLVU.roa (raw, json)
Hash identifier: XFcYEITr1KVPj3EwdfLNbt+DERqyL2Ny2du0jl25kt8=
Subject key identifier: 3F:D3:2D:9C:B3:C6:D6:39:D6:D7:C5:BD:40:27:E5:0D:50:71:2D:55
Certificate issuer: /CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Certificate serial: 0C5435B7
Authority key identifier: 6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/P9MtnLPG1jnW18W9QCflDVBxLVU.roa
Signing time: Sat 01 Jan 2022 02:56:12 +0000
ROA not before: Sat 01 Jan 2022 02:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197302
IP address blocks: 91.223.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206845367 (0xc5435b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Validity
Not Before: Jan 1 02:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fd32d9cb3c6d639d6d7c5bd4027e50d50712d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ba:ec:c1:0e:44:52:ee:b4:40:06:11:35:03:
cf:50:eb:41:ae:ed:0a:c0:fb:5f:08:e0:c5:f0:fe:
0c:6d:d3:e6:e5:d0:5e:6c:50:66:33:59:f5:7e:15:
80:1c:f5:f3:c7:a4:63:6f:6b:2f:0a:c6:ba:a6:ab:
ca:cf:04:fb:93:0e:97:9d:6a:9b:f6:18:80:93:36:
76:5e:dd:bc:cd:05:c8:1e:4c:06:ff:a9:9b:00:69:
17:81:92:0c:3e:ed:5a:41:77:be:c7:49:a9:a9:70:
ad:70:cd:04:2e:ad:3b:f0:49:50:ef:a7:e9:52:2a:
e8:2c:d3:25:7d:20:7a:9c:57:ee:7c:ba:b8:f2:66:
fb:3c:0e:83:95:cc:10:f3:29:29:bf:46:e7:55:d7:
fb:de:59:54:a5:2e:e9:8a:d4:86:38:af:4f:6c:25:
dd:7a:1e:a6:49:24:31:c0:80:8f:9b:f1:d9:4b:cd:
a7:68:ed:44:c6:1f:11:53:50:ab:52:9e:f6:ca:b5:
69:67:86:33:bc:10:63:19:b1:92:54:29:6d:9a:13:
56:73:7a:3d:6d:f8:47:52:9c:d0:a6:1a:92:ea:1a:
9f:8a:42:f7:48:e7:16:f6:14:f5:77:ed:f7:b8:87:
9e:ba:2f:b2:9f:9e:1d:f4:23:a2:d7:42:d7:78:db:
71:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D3:2D:9C:B3:C6:D6:39:D6:D7:C5:BD:40:27:E5:0D:50:71:2D:55
X509v3 Authority Key Identifier:
keyid:6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/P9MtnLPG1jnW18W9QCflDVBxLVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.124.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:bc:fe:65:59:78:34:be:8e:fd:2f:35:66:e4:d9:a0:1d:9c:
8c:9b:b9:fd:70:71:ee:1f:39:3c:95:03:26:df:7b:b5:af:5c:
a2:4b:ea:73:33:c7:7a:36:94:7e:7d:7a:89:80:70:36:d5:7b:
6c:58:8a:28:5d:8b:b4:02:17:eb:2a:a3:70:d6:d8:a4:ee:9f:
83:82:e9:39:51:c2:0b:58:4c:09:70:5b:67:83:ff:6c:0a:e8:
34:ed:89:1f:33:05:28:a8:4b:aa:fc:ce:e6:f1:a9:6a:4f:52:
50:e7:1b:09:ea:81:03:4f:b4:ff:1e:84:8d:d0:48:d6:10:b5:
53:e8:06:b8:cb:d5:96:cd:e6:82:3f:d9:f9:fb:2c:71:e9:9b:
5d:c1:25:7a:01:55:b0:5b:61:4d:77:d1:3c:c2:96:72:87:10:
19:69:a8:f2:49:0d:64:3c:8b:a2:ee:64:ac:22:4e:60:7f:b5:
ac:18:5d:1d:0f:93:e1:2f:8e:b4:23:de:6f:8f:cd:eb:1f:7e:
ed:bd:79:ae:48:cf:5b:1e:a3:6d:3f:3e:e9:f6:54:83:80:19:
44:71:1a:bd:09:14:ea:0d:51:e9:ce:6f:47:5e:66:b1:a2:95:
2d:19:9f:2f:68:2f:c9:07:07:a2:07:4b:fa:66:1c:14:f0:e2:
74:d7:f7:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDFQ1tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg1YTRkNTY0MjgzYTdmZGRmNjM0NTY5N2Q2YmMzMzczYTMyMjQ2MB4XDTIyMDEw
MTAyNTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZkMzJkOWNiM2M2
ZDYzOWQ2ZDdjNWJkNDAyN2U1MGQ1MDcxMmQ1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+67MEORFLutEAGETUDz1DrQa7tCsD7XwjgxfD+DG3T5uXQ
XmxQZjNZ9X4VgBz188ekY29rLwrGuqarys8E+5MOl51qm/YYgJM2dl7dvM0FyB5M
Bv+pmwBpF4GSDD7tWkF3vsdJqalwrXDNBC6tO/BJUO+n6VIq6CzTJX0gepxX7ny6
uPJm+zwOg5XMEPMpKb9G51XX+95ZVKUu6YrUhjivT2wl3XoepkkkMcCAj5vx2UvN
p2jtRMYfEVNQq1Ke9sq1aWeGM7wQYxmxklQpbZoTVnN6PW34R1Kc0KYakuoan4pC
90jnFvYU9Xft97iHnrovsp+eHfQjotdC13jbcUkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/0y2cs8bWOdbXxb1AJ+UNUHEtVTAfBgNVHSMEGDAWgBRvhaTVZCg6f932
NFaX1rwzc6MiRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0V2sxV1FvT25fZDlqUldsOWE4TTNPaklrWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvOThkZmZhLTgxMGItNDliNS1hZGRkLTA2MWZjMWFlYjE1OC8x
L1A5TXRuTFBHMWpuVzE4VzlRQ2ZsRFZCeExWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
OThkZmZhLTgxMGItNDliNS1hZGRkLTA2MWZjMWFlYjE1OC8xL2I0V2sxV1FvT25f
ZDlqUldsOWE4TTNPaklrWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvffDANBgkqhkiG9w0BAQsFAAOC
AQEATbz+ZVl4NL6O/S81ZuTZoB2cjJu5/XBx7h85PJUDJt97ta9cokvqczPHejaU
fn16iYBwNtV7bFiKKF2LtAIX6yqjcNbYpO6fg4LpOVHCC1hMCXBbZ4P/bAroNO2J
HzMFKKhLqvzO5vGpak9SUOcbCeqBA0+0/x6EjdBI1hC1U+gGuMvVls3mgj/Z+fss
cembXcElegFVsFthTXfRPMKWcocQGWmo8kkNZDyLou5krCJOYH+1rBhdHQ+T4S+O
tCPeb4/N6x9+7b15rkjPWx6jbT8+6fZUg4AZRHEavQkU6g1R6c5vR15msaKVLRmf
L2gvyQcHogdL+mYcFPDidNf3pA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:52 2025 by rpki-client