Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/Ro7Y6Vo3LwMKwkpZMZcV8p6XWVc.roa
File: Ro7Y6Vo3LwMKwkpZMZcV8p6XWVc.roa (raw, json)
Hash identifier: lLad6K26SzL5tPCSOSihAFjL3t+4bIo/OrqmwmeD0ao=
Subject key identifier: 46:8E:D8:E9:5A:37:2F:03:0A:C2:4A:59:31:97:15:F2:9E:97:59:57
Certificate issuer: /CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Certificate serial: 0185727A26748718D4A651F80F6FDCFE8CA5
Authority key identifier: 31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/Ro7Y6Vo3LwMKwkpZMZcV8p6XWVc.roa
Signing time: Mon 02 Jan 2023 12:34:45 +0000
ROA not before: Mon 02 Jan 2023 12:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41898
IP address blocks: 91.135.16.0/20 maxlen: 20
95.130.32.0/21 maxlen: 21
158.255.56.0/21 maxlen: 21
158.255.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:26:74:87:18:d4:a6:51:f8:0f:6f:dc:fe:8c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Validity
Not Before: Jan 2 12:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=468ed8e95a372f030ac24a59319715f29e975957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:9c:3d:36:2e:a7:f2:bb:d8:a9:1b:81:d9:
11:2d:00:39:8f:93:2c:4e:8a:32:09:3f:a5:44:0f:
cc:03:66:c6:78:29:49:b1:fa:c0:0e:0e:9f:59:b0:
40:fd:d7:09:81:33:77:7d:c6:89:85:5c:c9:13:dd:
41:98:b4:e4:77:35:2e:ab:49:30:b3:2a:f2:d8:83:
7c:b7:d3:4b:db:d2:11:c4:61:e6:81:e2:3f:1a:c7:
cb:08:b1:63:4d:0f:43:3c:f8:f1:5b:48:91:df:3d:
06:1f:33:d5:fd:a6:36:89:7b:3d:1a:e4:df:e0:83:
88:4a:ef:6c:e1:92:39:e3:62:7d:75:20:3c:ff:dd:
30:4d:0c:da:02:3c:98:20:a6:37:66:72:39:40:a6:
3f:32:9b:e9:c6:5c:1e:23:3f:47:7f:70:c3:c6:4c:
76:f5:dc:14:cd:54:75:b5:e0:86:b9:22:34:e7:f2:
97:88:40:80:98:6d:fe:06:db:43:03:14:e1:e8:27:
b7:5e:67:af:4b:43:78:34:c4:e7:95:b4:d7:43:a0:
5b:d0:a4:4e:63:0d:34:18:dc:f2:62:19:02:f3:26:
42:5d:72:a0:38:25:f6:2d:8e:63:1c:bc:43:6d:0a:
27:db:62:14:f2:01:cf:dd:c5:cb:58:85:08:6f:a6:
16:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:8E:D8:E9:5A:37:2F:03:0A:C2:4A:59:31:97:15:F2:9E:97:59:57
X509v3 Authority Key Identifier:
keyid:31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/Ro7Y6Vo3LwMKwkpZMZcV8p6XWVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.16.0/20
95.130.32.0/21
158.255.56.0/21
Signature Algorithm: sha256WithRSAEncryption
94:ae:48:20:27:6f:3d:03:d9:38:f0:f5:68:3f:1f:f7:2c:b0:
d0:86:08:f4:2e:9d:14:ab:57:b0:94:7f:21:e5:c0:f6:52:8c:
59:0e:b5:da:f7:88:d4:e9:38:82:dd:08:40:0f:cb:f9:e7:d7:
92:82:06:8b:14:bb:2d:bf:22:c9:d1:77:3a:b8:d6:8e:52:23:
4d:8c:57:b2:f3:26:2e:80:b5:da:8c:09:b3:67:9b:b4:26:29:
e2:97:cb:6b:ac:81:f8:16:72:03:f1:f7:5c:5d:7d:db:b1:fc:
61:21:fa:57:d6:f6:23:78:f5:0e:62:55:55:04:70:7d:42:0d:
c5:78:72:5c:1e:20:a2:d1:74:1d:b5:da:46:99:b2:18:63:3a:
51:c4:c8:85:4a:fc:de:5f:be:71:bd:29:26:3e:f9:df:65:82:
2c:14:af:5f:e6:5e:4f:5c:ba:f0:df:f0:33:bb:26:28:17:26:
85:40:98:ad:b6:80:6c:04:43:2b:32:ff:23:ee:29:7a:2f:c9:
17:88:04:83:93:ad:fd:7b:38:03:e2:b6:00:2d:5f:f8:3d:06:
4f:8d:2c:7a:00:74:af:ba:3f:75:8b:e9:a4:9e:93:e7:df:85:
92:fa:5a:ca:a9:f9:eb:0e:43:f1:2b:db:1e:84:b9:fc:af:35:
4f:8a:cb:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyeiZ0hxjUplH4D2/c/oylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODI4Yzk5ZDM1Y2I5MmUyZDUzZGFmMTI4ZTQ5N2U4NDFi
NjNhYjAwHhcNMjMwMTAyMTIzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjhlZDhlOTVhMzcyZjAzMGFjMjRhNTkzMTk3MTVmMjllOTc1OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOCcPTYup/K72KkbgdkRLQA5j5Ms
TooyCT+lRA/MA2bGeClJsfrADg6fWbBA/dcJgTN3fcaJhVzJE91BmLTkdzUuq0kw
syry2IN8t9NL29IRxGHmgeI/GsfLCLFjTQ9DPPjxW0iR3z0GHzPV/aY2iXs9GuTf
4IOISu9s4ZI542J9dSA8/90wTQzaAjyYIKY3ZnI5QKY/MpvpxlweIz9Hf3DDxkx2
9dwUzVR1teCGuSI05/KXiECAmG3+BttDAxTh6Ce3XmevS0N4NMTnlbTXQ6Bb0KRO
Yw00GNzyYhkC8yZCXXKgOCX2LY5jHLxDbQon22IU8gHP3cXLWIUIb6YWgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEaO2OlaNy8DCsJKWTGXFfKel1lXMB8GA1UdIwQY
MBaAFDGCjJnTXLkuLVPa8Sjkl+hBtjqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYt
ZWIzN2E4NWE4MmM1LzEvUm83WTZWbzNMd01Ld2twWk1aY1Y4cDZYV1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1
LzEvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEW4cQAwQD
X4IgAwQDnv84MA0GCSqGSIb3DQEBCwUAA4IBAQCUrkggJ289A9k48PVoPx/3LLDQ
hgj0Lp0Uq1ewlH8h5cD2UoxZDrXa94jU6TiC3QhAD8v559eSggaLFLstvyLJ0Xc6
uNaOUiNNjFey8yYugLXajAmzZ5u0Jinil8trrIH4FnID8fdcXX3bsfxhIfpX1vYj
ePUOYlVVBHB9Qg3FeHJcHiCi0XQdtdpGmbIYYzpRxMiFSvzeX75xvSkmPvnfZYIs
FK9f5l5PXLrw3/AzuyYoFyaFQJittoBsBEMrMv8j7il6L8kXiASDk639ezgD4rYA
LV/4PQZPjSx6AHSvuj91i+mknpPn34WS+lrKqfnrDkPxK9sehLn8rzVPistI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:43 2025 by rpki-client