Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kwd9iAnDbsiLpTO8trM_bIULj8M.roa
File: kwd9iAnDbsiLpTO8trM_bIULj8M.roa (raw, json)
Hash identifier: 0myhSxc9RUxSzipFJUqPhwCYR0p9t8n7chzl+0xmhCw=
Subject key identifier: 93:07:7D:88:09:C3:6E:C8:8B:A5:33:BC:B6:B3:3F:6C:85:0B:8F:C3
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018704AAFEE886C5A451C680E3D2058D8518
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kwd9iAnDbsiLpTO8trM_bIULj8M.roa
Signing time: Tue 21 Mar 2023 14:55:27 +0000
ROA not before: Tue 21 Mar 2023 14:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198479
IP address blocks: 91.235.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:aa:fe:e8:86:c5:a4:51:c6:80:e3:d2:05:8d:85:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 21 14:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93077d8809c36ec88ba533bcb6b33f6c850b8fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:2b:42:df:8c:55:94:17:86:3a:65:a6:ef:
e8:d0:8c:fc:13:52:21:4f:5b:95:bb:ce:b9:62:ce:
ff:c2:d0:0b:3a:18:12:c0:fc:6b:89:af:6d:00:3f:
10:ab:db:dd:fb:e8:29:38:14:1f:4b:b8:c7:44:49:
f5:dc:42:98:74:8f:d5:ba:40:3d:42:94:d3:d3:d1:
02:a3:35:50:9c:b5:77:60:07:f6:24:86:d4:86:75:
22:27:6f:02:fd:b4:2f:88:22:a2:0c:c6:20:bf:16:
ca:72:92:ab:3a:ca:5e:a2:ed:ac:2c:f1:7e:cc:bc:
6a:f6:de:c9:2f:0f:c8:6a:4a:bb:fc:5d:f7:b7:37:
25:3c:e0:18:36:61:07:a5:ae:1a:86:42:f3:90:72:
5d:50:f8:58:4f:9c:f8:34:58:8b:8e:4b:2e:4e:0a:
66:0e:0e:cc:8e:66:7c:5b:56:b2:87:ca:2e:57:ec:
bd:72:f9:c6:27:2f:f6:11:92:78:c5:ba:47:e0:e7:
8f:4f:7f:16:02:48:3a:25:06:cb:bf:d2:4f:8a:e0:
8b:0c:4e:25:73:66:c3:73:5c:b2:8f:eb:db:7a:d9:
28:2f:5c:ce:47:fb:a5:ef:76:b2:c7:93:09:54:b0:
35:e5:41:7a:f4:eb:70:6e:a4:43:2e:b7:2d:44:c9:
48:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:07:7D:88:09:C3:6E:C8:8B:A5:33:BC:B6:B3:3F:6C:85:0B:8F:C3
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kwd9iAnDbsiLpTO8trM_bIULj8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.48.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:7e:fe:13:23:3e:8d:ac:9b:8c:50:0b:ba:a7:03:64:68:f5:
a3:1d:8b:fe:72:47:aa:58:4e:17:f6:e2:93:f5:ee:b7:fe:85:
cd:8c:5e:77:2e:65:a7:99:26:96:e1:bf:d9:4f:2e:20:f6:34:
50:f9:26:c8:9f:20:20:42:d4:af:f9:42:c7:8f:ad:96:16:fd:
6a:76:f8:38:2b:5e:2f:59:80:a6:b8:51:a8:68:d4:78:06:d3:
a7:c4:76:9f:2f:2a:c9:1b:7b:0b:88:9b:07:9b:7c:64:6f:49:
4c:d6:01:33:c6:ec:18:24:55:10:29:5b:e1:2e:9c:6b:8c:7a:
21:18:6a:db:4b:87:7c:57:d5:9c:9d:c9:e0:a5:46:87:70:f7:
69:70:5d:dd:e2:31:80:05:ba:35:8e:2e:7a:db:81:bf:2b:06:
fc:aa:56:8d:b1:0d:ce:53:10:f7:47:85:6e:34:43:09:7b:12:
fd:f7:54:4e:af:5b:56:05:0f:09:11:0f:23:e8:99:8b:44:de:
80:bf:ef:c9:41:ff:d5:8c:cf:40:85:2f:3c:84:65:ce:f3:f8:
24:62:08:cc:63:20:af:92:6c:a2:ec:81:2b:4d:c1:d0:c3:d5:
f8:2b:07:b6:23:0c:e9:ac:5c:c1:16:e8:37:ef:c3:d5:07:c3:
4d:3c:23:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcEqv7ohsWkUcaA49IFjYUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMzIxMTQ1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA3N2Q4ODA5YzM2ZWM4OGJhNTMzYmNiNmIzM2Y2Yzg1MGI4ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVErQt+MVZQXhjplpu/o0Iz8E1Ih
T1uVu865Ys7/wtALOhgSwPxria9tAD8Qq9vd++gpOBQfS7jHREn13EKYdI/VukA9
QpTT09ECozVQnLV3YAf2JIbUhnUiJ28C/bQviCKiDMYgvxbKcpKrOspeou2sLPF+
zLxq9t7JLw/Iakq7/F33tzclPOAYNmEHpa4ahkLzkHJdUPhYT5z4NFiLjksuTgpm
Dg7MjmZ8W1ayh8ouV+y9cvnGJy/2EZJ4xbpH4OePT38WAkg6JQbLv9JPiuCLDE4l
c2bDc1yyj+vbetkoL1zOR/ul73ayx5MJVLA15UF69OtwbqRDLrctRMlIbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMHfYgJw27Ii6UzvLazP2yFC4/DMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEva3dkOWlBbkRic2lMcFRPOHRyTV9iSVVMajhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+swMA0G
CSqGSIb3DQEBCwUAA4IBAQCafv4TIz6NrJuMUAu6pwNkaPWjHYv+ckeqWE4X9uKT
9e63/oXNjF53LmWnmSaW4b/ZTy4g9jRQ+SbInyAgQtSv+ULHj62WFv1qdvg4K14v
WYCmuFGoaNR4BtOnxHafLyrJG3sLiJsHm3xkb0lM1gEzxuwYJFUQKVvhLpxrjHoh
GGrbS4d8V9WcncngpUaHcPdpcF3d4jGABbo1ji5624G/Kwb8qlaNsQ3OUxD3R4Vu
NEMJexL991ROr1tWBQ8JEQ8j6JmLRN6Av+/JQf/VjM9AhS88hGXO8/gkYgjMYyCv
kmyi7IErTcHQw9X4Kwe2IwzprFzBFug378PVB8NNPCNy
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:27 2025 by rpki-client