Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/e74595-d657-4ab4-8309-0d57c9410127/1/tR7LQ6K_ugoh1o7fSI00RpKd5i4.roa
File: tR7LQ6K_ugoh1o7fSI00RpKd5i4.roa (raw, json)
Hash identifier: lN87TqyDWwhtJgQBp6PxBJ1Q83EOoJ9x5TU2peHe4k8=
Subject key identifier: B5:1E:CB:43:A2:BF:BA:0A:21:D6:8E:DF:48:8D:34:46:92:9D:E6:2E
Certificate issuer: /CN=3a48c2701735cd5d2317d10ac63d7f2ec6618ce0
Certificate serial: 01856FCBBE772E8D86483AB25C0D01619C24
Authority key identifier: 3A:48:C2:70:17:35:CD:5D:23:17:D1:0A:C6:3D:7F:2E:C6:61:8C:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjCcBc1zV0jF9EKxj1_LsZhjOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/e74595-d657-4ab4-8309-0d57c9410127/1/tR7LQ6K_ugoh1o7fSI00RpKd5i4.roa
Signing time: Mon 02 Jan 2023 00:05:01 +0000
ROA not before: Mon 02 Jan 2023 00:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41107
IP address blocks: 91.199.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:be:77:2e:8d:86:48:3a:b2:5c:0d:01:61:9c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48c2701735cd5d2317d10ac63d7f2ec6618ce0
Validity
Not Before: Jan 2 00:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b51ecb43a2bfba0a21d68edf488d3446929de62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:f9:4a:e5:96:5c:82:34:6b:42:47:3b:27:
3a:cf:41:d0:e9:9d:96:05:64:d1:40:9f:d6:94:d2:
9f:64:c7:7d:2a:87:0b:5e:19:6a:b7:9e:50:4a:e4:
b1:bd:b3:df:31:49:14:82:e4:ae:11:16:5c:60:f2:
f8:fb:86:db:91:6d:e6:12:35:a2:cd:d2:d1:a5:a7:
aa:d0:d0:a3:8f:cf:36:7e:e2:83:54:82:1c:04:22:
e5:a9:61:c2:35:32:59:9e:11:b9:93:6f:b1:c7:5c:
4e:ec:eb:22:4e:5e:9d:19:84:f1:96:f6:2f:89:38:
65:6a:98:ce:a7:2c:4c:bc:1c:3e:77:f2:15:a6:d0:
11:31:08:f8:9e:19:3b:a6:14:a1:94:7c:b9:33:14:
05:f0:0a:e6:f2:9b:30:84:7e:33:a2:1b:35:fd:52:
64:6a:cd:db:62:6f:11:b5:cb:cf:0c:16:91:20:36:
fa:19:b7:2a:02:4e:ab:5c:af:28:c4:ed:f8:1d:4a:
95:64:ee:77:97:19:bd:f8:b9:c3:35:6b:4a:02:8d:
eb:05:a3:45:7b:80:a8:c8:f4:a6:28:34:0f:25:41:
50:85:c0:45:3c:cf:9c:2b:bc:5a:5d:c5:7a:e4:2d:
74:73:3d:9b:d1:9a:4e:d1:00:be:3b:1b:5f:41:32:
03:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1E:CB:43:A2:BF:BA:0A:21:D6:8E:DF:48:8D:34:46:92:9D:E6:2E
X509v3 Authority Key Identifier:
keyid:3A:48:C2:70:17:35:CD:5D:23:17:D1:0A:C6:3D:7F:2E:C6:61:8C:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjCcBc1zV0jF9EKxj1_LsZhjOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/e74595-d657-4ab4-8309-0d57c9410127/1/tR7LQ6K_ugoh1o7fSI00RpKd5i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/e74595-d657-4ab4-8309-0d57c9410127/1/OkjCcBc1zV0jF9EKxj1_LsZhjOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.181.0/24
Signature Algorithm: sha256WithRSAEncryption
67:90:23:97:85:3d:18:27:89:3d:07:66:bf:58:d3:1b:a0:b6:
ce:10:98:4d:42:fb:68:de:67:de:c3:dd:07:9b:88:e2:99:83:
5d:21:10:6c:ac:35:eb:c5:b7:7a:a4:89:27:e6:ef:7d:4b:16:
91:00:7a:c4:9d:0c:fa:da:3a:70:c8:12:9d:ac:ac:26:4d:a1:
a1:c1:d7:08:87:a8:02:70:26:03:27:09:98:71:e6:d5:76:84:
17:fa:5d:3f:91:18:52:44:35:91:62:a8:2a:25:e4:a0:29:35:
94:58:10:4c:ec:bd:22:c4:a0:68:8b:4d:0a:4d:ec:2f:80:2b:
32:52:44:2d:7e:73:47:7d:5e:ff:77:6d:2b:38:1c:a7:79:75:
71:4e:f1:f8:ea:25:46:a1:10:52:d7:4a:50:78:0d:20:8d:ba:
a5:37:9c:7c:42:41:08:fa:61:33:ff:78:a7:69:b5:88:6e:e6:
62:48:d1:d9:53:2d:8b:70:81:73:a2:b4:b4:b5:c4:f0:4f:4f:
81:6d:30:b8:25:56:ca:1f:8f:d8:da:12:d9:70:05:e4:6e:fa:
e4:ad:d8:a7:47:e4:ec:d8:e1:09:3b:51:41:99:af:d7:e6:36:
46:f3:1c:d9:80:e5:d2:da:21:43:fc:ce:73:98:d9:a6:90:35:
c8:42:82:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy753Lo2GSDqyXA0BYZwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhjMjcwMTczNWNkNWQyMzE3ZDEwYWM2M2Q3ZjJlYzY2
MThjZTAwHhcNMjMwMTAyMDAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFlY2I0M2EyYmZiYTBhMjFkNjhlZGY0ODhkMzQ0NjkyOWRlNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYH5SuWWXII0a0JHOyc6z0HQ6Z2W
BWTRQJ/WlNKfZMd9KocLXhlqt55QSuSxvbPfMUkUguSuERZcYPL4+4bbkW3mEjWi
zdLRpaeq0NCjj882fuKDVIIcBCLlqWHCNTJZnhG5k2+xx1xO7OsiTl6dGYTxlvYv
iThlapjOpyxMvBw+d/IVptARMQj4nhk7phShlHy5MxQF8Arm8pswhH4zohs1/VJk
as3bYm8RtcvPDBaRIDb6GbcqAk6rXK8oxO34HUqVZO53lxm9+LnDNWtKAo3rBaNF
e4CoyPSmKDQPJUFQhcBFPM+cK7xaXcV65C10cz2b0ZpO0QC+OxtfQTIDYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUey0Oiv7oKIdaO30iNNEaSneYuMB8GA1UdIwQY
MBaAFDpIwnAXNc1dIxfRCsY9fy7GYYzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqQ2NCYzF6VjBqRjlFS3hqMV9Mc1poak9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9lNzQ1OTUtZDY1Ny00YWI0LTgzMDkt
MGQ1N2M5NDEwMTI3LzEvdFI3TFE2S191Z29oMW83ZlNJMDBScEtkNWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9lNzQ1OTUtZDY1Ny00YWI0LTgzMDktMGQ1N2M5NDEwMTI3
LzEvT2tqQ2NCYzF6VjBqRjlFS3hqMV9Mc1poak9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8e1MA0G
CSqGSIb3DQEBCwUAA4IBAQBnkCOXhT0YJ4k9B2a/WNMboLbOEJhNQvto3mfew90H
m4jimYNdIRBsrDXrxbd6pIkn5u99SxaRAHrEnQz62jpwyBKdrKwmTaGhwdcIh6gC
cCYDJwmYcebVdoQX+l0/kRhSRDWRYqgqJeSgKTWUWBBM7L0ixKBoi00KTewvgCsy
UkQtfnNHfV7/d20rOByneXVxTvH46iVGoRBS10pQeA0gjbqlN5x8QkEI+mEz/3in
abWIbuZiSNHZUy2LcIFzorS0tcTwT0+BbTC4JVbKH4/Y2hLZcAXkbvrkrdinR+Ts
2OEJO1FBma/X5jZG8xzZgOXS2iFD/M5zmNmmkDXIQoI3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:58 2025 by rpki-client