Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/23MUFProc2MhPJiez0zOhUNbZ0A.roa
File: 23MUFProc2MhPJiez0zOhUNbZ0A.roa (raw, json)
Hash identifier: 76UMWLPlLizStJmHpELIEEECGp1M2sjH3L9kY+YMFaM=
Subject key identifier: DB:73:14:14:FA:E8:73:63:21:3C:98:9E:CF:4C:CE:85:43:5B:67:40
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 018572C357798B797C30627B5F010521958D
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/23MUFProc2MhPJiez0zOhUNbZ0A.roa
Signing time: Mon 02 Jan 2023 13:54:42 +0000
ROA not before: Mon 02 Jan 2023 13:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209242
IP address blocks: 91.226.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:57:79:8b:79:7c:30:62:7b:5f:01:05:21:95:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Jan 2 13:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db731414fae87363213c989ecf4cce85435b6740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:0d:87:90:b7:ab:5d:90:20:db:76:46:57:
1a:30:fb:e4:9d:65:f4:c4:c2:ef:20:25:83:1f:58:
f2:56:ae:40:b6:f1:36:71:b2:92:72:ce:65:39:8f:
ed:cc:3c:d5:cd:53:f6:51:98:fe:f7:6e:b5:cb:82:
07:06:0c:da:ae:3c:65:f4:d9:c6:81:81:f1:75:cd:
c9:c1:51:4c:69:14:19:89:b4:55:7d:98:4d:93:cc:
54:05:e2:db:80:d6:14:74:ec:1d:7b:82:e4:dd:38:
9b:84:94:a1:cb:c5:fc:09:41:cb:6d:32:ea:70:4f:
e1:8e:0c:8c:65:e2:c6:af:fa:b7:48:17:64:d8:74:
fd:b1:bf:c6:0f:e6:2b:e9:03:fe:05:fd:75:a2:9d:
d2:f3:9b:52:37:94:ac:03:68:3f:7e:7c:75:0c:39:
17:ce:93:82:5c:67:5e:45:c2:07:8a:ef:f7:05:a0:
c2:50:00:82:07:94:b6:e6:60:e6:86:c4:96:99:e0:
26:24:50:d7:4c:7f:3e:29:ae:8f:43:c6:f7:ea:03:
92:50:b2:aa:3a:e6:f1:c3:bf:96:7d:2e:1e:b0:a3:
23:ae:47:18:0d:69:7e:ab:50:b8:ac:57:eb:73:e8:
b6:c0:db:70:56:d9:51:ef:fb:b9:15:c6:3f:98:fd:
c7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:73:14:14:FA:E8:73:63:21:3C:98:9E:CF:4C:CE:85:43:5B:67:40
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/23MUFProc2MhPJiez0zOhUNbZ0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.97.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:15:45:af:c5:7a:1f:db:49:37:d3:b9:ca:0b:0f:30:05:16:
84:e9:46:a7:69:7e:62:4f:0f:1d:66:cc:ad:2b:ad:e8:07:17:
e5:43:9b:e4:b9:5f:cb:4a:89:c2:74:5b:56:24:96:aa:7e:87:
bf:02:e5:54:3b:72:81:da:5d:09:10:e8:0c:ee:0e:3f:f6:19:
13:b8:6b:ca:f5:d0:19:d4:21:b8:24:0e:2d:f3:fb:55:87:ea:
64:1b:e2:6c:20:0e:cd:d5:e0:97:f9:93:a4:aa:1f:1f:14:cc:
b4:b8:20:eb:c2:6e:e9:90:c7:8d:a1:31:db:24:be:4e:5a:a5:
00:da:26:24:08:24:7e:e0:f5:2d:7f:57:43:05:a8:f1:55:ef:
64:ab:41:01:a1:8e:b3:04:4a:09:ec:93:81:e8:81:fc:c4:12:
80:ca:73:01:e4:47:36:9f:ea:a6:c4:5f:7c:22:2b:c3:a2:ed:
a7:e3:64:62:36:12:22:03:df:59:2a:a8:a7:55:b6:98:c8:64:
f2:79:1f:fb:7f:d8:91:ce:94:23:33:d1:07:08:f8:0c:cb:67:
f8:7f:1d:18:81:8d:ac:5e:65:ac:4a:84:e4:00:07:1b:1e:7b:
2e:2b:30:3f:98:b0:dd:b2:0d:11:90:25:a8:a8:c1:e2:92:35:
76:b2:cb:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw1d5i3l8MGJ7XwEFIZWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjMwMTAyMTM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjczMTQxNGZhZTg3MzYzMjEzYzk4OWVjZjRjY2U4NTQzNWI2NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthsNh5C3q12QINt2RlcaMPvknWX0
xMLvICWDH1jyVq5AtvE2cbKScs5lOY/tzDzVzVP2UZj+9261y4IHBgzarjxl9NnG
gYHxdc3JwVFMaRQZibRVfZhNk8xUBeLbgNYUdOwde4Lk3TibhJShy8X8CUHLbTLq
cE/hjgyMZeLGr/q3SBdk2HT9sb/GD+Yr6QP+Bf11op3S85tSN5SsA2g/fnx1DDkX
zpOCXGdeRcIHiu/3BaDCUACCB5S25mDmhsSWmeAmJFDXTH8+Ka6PQ8b36gOSULKq
Oubxw7+WfS4esKMjrkcYDWl+q1C4rFfrc+i2wNtwVtlR7/u5FcY/mP3HUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtzFBT66HNjITyYns9MzoVDW2dAMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvMjNNVUZQcm9jMk1oUEppZXowek9oVU5iWjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+JhMA0G
CSqGSIb3DQEBCwUAA4IBAQA6FUWvxXof20k307nKCw8wBRaE6UanaX5iTw8dZsyt
K63oBxflQ5vkuV/LSonCdFtWJJaqfoe/AuVUO3KB2l0JEOgM7g4/9hkTuGvK9dAZ
1CG4JA4t8/tVh+pkG+JsIA7N1eCX+ZOkqh8fFMy0uCDrwm7pkMeNoTHbJL5OWqUA
2iYkCCR+4PUtf1dDBajxVe9kq0EBoY6zBEoJ7JOB6IH8xBKAynMB5Ec2n+qmxF98
IivDou2n42RiNhIiA99ZKqinVbaYyGTyeR/7f9iRzpQjM9EHCPgMy2f4fx0YgY2s
XmWsSoTkAAcbHnsuKzA/mLDdsg0RkCWoqMHikjV2sstY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:29 2025 by rpki-client