Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JAtY2D7ImQUEvEr28zdcyZA6NXY.roa
File: JAtY2D7ImQUEvEr28zdcyZA6NXY.roa (raw, json)
Hash identifier: LkLEvuLESVHEvITCz762ifgANQAKIKWp3nlvRPPrawc=
Subject key identifier: 24:0B:58:D8:3E:C8:99:05:04:BC:4A:F6:F3:37:5C:C9:90:3A:35:76
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018572DF1BD767C5946CECB644EAB273E5D3
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JAtY2D7ImQUEvEr28zdcyZA6NXY.roa
Signing time: Mon 02 Jan 2023 14:25:02 +0000
ROA not before: Mon 02 Jan 2023 14:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.92.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:1b:d7:67:c5:94:6c:ec:b6:44:ea:b2:73:e5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 14:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=240b58d83ec8990504bc4af6f3375cc9903a3576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8e:74:f4:de:c7:7a:7f:91:43:4d:0b:a9:05:
2e:c7:aa:0f:0d:4b:7b:c2:36:f4:b6:10:c5:4f:82:
2d:34:ab:a1:37:0d:b5:a4:dd:f8:fe:bf:44:dd:b5:
3e:c0:95:6b:fb:34:1a:85:bc:ee:fe:0c:7a:1b:b4:
e9:73:ae:35:46:0a:fd:c6:66:44:0f:0e:22:40:05:
b0:0b:d4:11:25:25:87:2f:7b:b1:86:68:68:a4:68:
8c:d7:ab:f9:31:64:bf:e4:9c:ec:de:83:ee:f9:41:
d4:c2:d2:ac:bc:e1:e9:73:aa:aa:dc:76:16:6c:cb:
82:a4:2c:d1:0e:ab:f0:dd:7a:85:ac:03:ef:d1:f8:
01:14:77:ad:57:38:52:f6:38:d4:8f:c0:db:5f:ec:
7a:cb:3f:cd:50:9c:71:aa:19:22:11:3d:1a:9d:6a:
4c:ae:c1:fe:a6:6e:a5:7e:7a:f9:09:8a:42:09:af:
3d:fd:27:c1:20:b5:9a:b0:5d:46:66:bf:be:7c:72:
d1:c8:ac:17:07:e2:15:e7:e4:ab:5a:60:d7:d8:45:
f6:02:e2:93:ea:99:53:89:13:93:d6:a6:1c:49:99:
c3:32:a2:99:70:48:5f:3e:5c:9a:7f:f5:0a:9b:de:
99:a1:76:75:31:cb:7e:62:28:48:4b:38:97:fc:49:
0c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0B:58:D8:3E:C8:99:05:04:BC:4A:F6:F3:37:5C:C9:90:3A:35:76
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JAtY2D7ImQUEvEr28zdcyZA6NXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.44.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:24:83:94:49:69:30:cc:af:36:a4:fa:7c:29:96:f0:f0:ee:
66:63:17:7a:95:f5:e4:0e:d2:5c:21:e6:cb:bf:bb:20:36:38:
df:d8:fe:53:65:7b:ec:6d:52:96:e9:3d:9d:ca:17:db:ad:a2:
f3:18:df:81:c0:e4:9c:89:89:08:fa:4c:6f:47:cf:96:07:3a:
56:b7:16:3d:2f:37:70:32:1e:30:c2:7e:38:da:34:ab:e5:84:
8a:87:59:5f:72:6f:ec:d1:43:a8:c9:ec:48:74:41:47:14:6e:
16:d7:e0:a7:26:74:c3:e4:50:54:d7:92:e5:3d:0f:b7:39:d4:
5c:71:d0:48:b9:98:56:2b:94:a6:b9:06:97:e4:5b:a7:83:01:
bf:04:4e:27:0a:ef:3b:3a:b3:59:c7:dc:29:c8:09:55:0b:3c:
c1:3e:7d:70:81:49:4e:7a:5e:e2:1c:30:4b:28:94:94:fc:6d:
26:dc:0c:6d:0d:76:f6:2b:2e:f2:f0:6e:85:e5:a4:0a:14:e5:
8b:94:e7:e3:8c:5a:7c:bc:39:61:51:0f:63:67:8d:c8:08:01:
5b:7e:04:78:5b:fd:2c:2c:2f:ac:b4:18:be:04:ed:bd:d4:27:
85:05:82:19:90:7b:30:35:7c:f0:93:26:6d:0e:9a:0d:87:d4:
d9:02:29:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3xvXZ8WUbOy2ROqyc+XTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwMTAyMTQyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBiNThkODNlYzg5OTA1MDRiYzRhZjZmMzM3NWNjOTkwM2EzNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY509N7Hen+RQ00LqQUux6oPDUt7
wjb0thDFT4ItNKuhNw21pN34/r9E3bU+wJVr+zQahbzu/gx6G7Tpc641Rgr9xmZE
Dw4iQAWwC9QRJSWHL3uxhmhopGiM16v5MWS/5Jzs3oPu+UHUwtKsvOHpc6qq3HYW
bMuCpCzRDqvw3XqFrAPv0fgBFHetVzhS9jjUj8DbX+x6yz/NUJxxqhkiET0anWpM
rsH+pm6lfnr5CYpCCa89/SfBILWasF1GZr++fHLRyKwXB+IV5+SrWmDX2EX2AuKT
6plTiROT1qYcSZnDMqKZcEhfPlyaf/UKm96ZoXZ1Mct+YihISziX/EkMCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQLWNg+yJkFBLxK9vM3XMmQOjV2MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvSkF0WTJEN0ltUVVFdkVyMjh6ZGN5WkE2TlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW1wsMA0G
CSqGSIb3DQEBCwUAA4IBAQCKJIOUSWkwzK82pPp8KZbw8O5mYxd6lfXkDtJcIebL
v7sgNjjf2P5TZXvsbVKW6T2dyhfbraLzGN+BwOSciYkI+kxvR8+WBzpWtxY9Lzdw
Mh4wwn442jSr5YSKh1lfcm/s0UOoyexIdEFHFG4W1+CnJnTD5FBU15LlPQ+3OdRc
cdBIuZhWK5SmuQaX5FungwG/BE4nCu87OrNZx9wpyAlVCzzBPn1wgUlOel7iHDBL
KJSU/G0m3AxtDXb2Ky7y8G6F5aQKFOWLlOfjjFp8vDlhUQ9jZ43ICAFbfgR4W/0s
LC+stBi+BO291CeFBYIZkHswNXzwkyZtDpoNh9TZAimm
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:24 2025 by rpki-client