Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/ehmJbCfmNjmoGhZIC23P2qeT5qo.roa
File: ehmJbCfmNjmoGhZIC23P2qeT5qo.roa (raw, json)
Hash identifier: T4sQfBx5H0SUMQzjExg9jMJrd59nj395ukB9D4bbvgQ=
Subject key identifier: 7A:19:89:6C:27:E6:36:39:A8:1A:16:48:0B:6D:CF:DA:A7:93:E6:AA
Certificate issuer: /CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Certificate serial: 0EBFCCFF
Authority key identifier: F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/ehmJbCfmNjmoGhZIC23P2qeT5qo.roa
Signing time: Sat 01 Jan 2022 14:06:23 +0000
ROA not before: Sat 01 Jan 2022 14:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50399
IP address blocks: 91.209.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247450879 (0xebfccff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Validity
Not Before: Jan 1 14:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a19896c27e63639a81a16480b6dcfdaa793e6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:44:88:21:1e:ea:6d:f3:ed:b0:69:0f:5d:a4:
89:e3:a2:f6:ec:b0:fb:4c:38:87:29:8f:e3:4e:68:
d2:69:92:ff:0d:48:8c:f6:2b:cf:09:e1:10:b7:fb:
90:75:9b:71:7b:5a:34:32:69:20:10:ea:61:5f:40:
4d:e5:dc:5b:80:89:6e:cd:6e:88:f9:2c:50:c3:b5:
d5:60:1a:0f:d8:78:17:ee:40:2c:d0:0a:4c:08:50:
fb:be:b4:20:4e:9b:2a:1b:41:73:d1:35:f9:a9:6e:
91:e0:42:9a:da:95:75:9a:57:b6:60:7f:7e:e8:2f:
9e:07:c0:25:3d:34:fc:e9:b2:53:35:b5:9b:dd:24:
cb:b9:9e:b6:35:01:a6:38:9b:e3:31:11:0a:e8:3a:
3b:90:24:ef:8f:53:88:3c:db:74:d0:84:17:80:6c:
92:be:c7:63:61:33:af:d8:5e:d4:46:1d:c4:cb:02:
df:cf:72:13:9f:db:50:e8:c3:b3:78:77:17:1c:06:
77:5d:17:9e:1c:85:e4:7b:b8:5f:d4:9f:0e:8d:ae:
6c:20:23:63:93:45:65:6f:f8:86:c6:ce:77:df:b4:
5a:c7:87:a2:4f:97:43:ee:14:ce:38:fa:59:66:3e:
87:17:5c:80:68:9c:5a:fa:1c:09:d0:d0:2e:43:72:
55:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:19:89:6C:27:E6:36:39:A8:1A:16:48:0B:6D:CF:DA:A7:93:E6:AA
X509v3 Authority Key Identifier:
keyid:F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/ehmJbCfmNjmoGhZIC23P2qeT5qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.213.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:cb:ca:85:80:37:79:54:52:bf:8d:89:b4:6d:09:ea:8f:d9:
92:b1:0f:70:7f:d4:ea:5e:af:d6:15:19:3f:88:8d:76:d8:d0:
82:48:6e:35:f2:b6:ff:60:aa:18:8b:7f:dd:36:76:0f:e4:8f:
f1:f0:ea:85:e8:01:48:b2:7a:18:18:a3:ec:d7:c4:fa:8e:82:
0e:fd:53:a0:5b:f7:fc:17:33:d8:65:55:df:df:46:25:02:e4:
c3:e9:ac:5b:b7:5f:e8:76:18:cf:12:46:08:21:ad:c0:4d:52:
fd:7d:a3:e5:70:48:9b:d2:dd:43:f6:f3:53:f9:7d:b6:d2:c1:
19:78:7f:3d:42:ab:9f:d0:d5:f8:45:26:7f:46:0b:6f:a4:af:
07:d4:f9:94:ad:b3:c9:92:2c:f0:7f:2c:e0:e6:0b:e1:00:a8:
98:fa:a3:20:b1:84:0b:0c:0d:6b:ef:cc:8a:f5:f8:37:b6:50:
49:19:22:63:2e:5a:02:0b:5d:85:8c:78:b8:50:25:d4:82:25:
5b:9f:4e:45:c4:2b:06:d2:9d:e4:76:5b:bc:79:c0:fe:6a:5b:
3d:89:d7:e1:5c:86:85:2d:0d:21:14:05:7e:62:a8:09:ea:cf:
1b:c7:77:d7:f3:fc:ec:c5:2e:56:f5:3d:1e:99:66:e5:61:0a:
81:08:59:96
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEDr/M/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODE2ODY1OTI4ZWVlZWU1Y2JjOTJmNGM0ZDM4YWU1YzYwMWRlZTBhMB4XDTIyMDEw
MTE0MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ExOTg5NmMyN2U2
MzYzOWE4MWExNjQ4MGI2ZGNmZGFhNzkzZTZhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJEiCEe6m3z7bBpD12kieOi9uyw+0w4hymP405o0mmS/w1I
jPYrzwnhELf7kHWbcXtaNDJpIBDqYV9ATeXcW4CJbs1uiPksUMO11WAaD9h4F+5A
LNAKTAhQ+760IE6bKhtBc9E1+alukeBCmtqVdZpXtmB/fugvngfAJT00/OmyUzW1
m90ky7metjUBpjib4zERCug6O5Ak749TiDzbdNCEF4Bskr7HY2Ezr9he1EYdxMsC
389yE5/bUOjDs3h3FxwGd10XnhyF5Hu4X9SfDo2ubCAjY5NFZW/4hsbOd9+0WseH
ok+XQ+4Uzjj6WWY+hxdcgGicWvocCdDQLkNyVecCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBR6GYlsJ+Y2OagaFkgLbc/ap5PmqjAfBgNVHSMEGDAWgBT4FoZZKO7u5cvJ
L0xNOK5cYB3uCjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQmFHV1NqdTd1WEx5UzlNVFRpdVhHQWQ3Z28uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2RmLzY4YjFiZi04ZjQ4LTQxNjktYTlhMi01ZGFjNzIwMjIzYWIv
MS9laG1KYkNmbU5qbW9HaFpJQzIzUDJxZVQ1cW8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Rm
LzY4YjFiZi04ZjQ4LTQxNjktYTlhMi01ZGFjNzIwMjIzYWIvMS8xLUJhR1dTanU3
dVhMeVM5TVRUaXVYR0FkN2dvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HVMA0GCSqGSIb3DQEBCwUA
A4IBAQCPy8qFgDd5VFK/jYm0bQnqj9mSsQ9wf9TqXq/WFRk/iI122NCCSG418rb/
YKoYi3/dNnYP5I/x8OqF6AFIsnoYGKPs18T6joIO/VOgW/f8FzPYZVXf30YlAuTD
6axbt1/odhjPEkYIIa3ATVL9faPlcEib0t1D9vNT+X220sEZeH89Qquf0NX4RSZ/
RgtvpK8H1PmUrbPJkizwfyzg5gvhAKiY+qMgsYQLDA1r78yK9fg3tlBJGSJjLloC
C12FjHi4UCXUgiVbn05FxCsG0p3kdlu8ecD+als9idfhXIaFLQ0hFAV+YqgJ6s8b
x3fX8/zsxS5W9T0emWblYQqBCFmW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:00 2025 by rpki-client