Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/mn5CO1bH-n6FCOj6Mv1LBDwqbyk.roa
File: mn5CO1bH-n6FCOj6Mv1LBDwqbyk.roa (raw, json)
Hash identifier: oNordTve1Z4gRcWLfTKHUxI2gpPtmqdsdNvmWpFawdU=
Subject key identifier: 9A:7E:42:3B:56:C7:FA:7E:85:08:E8:FA:32:FD:4B:04:3C:2A:6F:29
Certificate issuer: /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial: 0183D1D6270E1D73A67C9B93BC97A0BF0F50
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/mn5CO1bH-n6FCOj6Mv1LBDwqbyk.roa
Signing time: Thu 13 Oct 2022 14:53:36 +0000
ROA not before: Thu 13 Oct 2022 14:53:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140947
IP address blocks: 91.207.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d1:d6:27:0e:1d:73:a6:7c:9b:93:bc:97:a0:bf:0f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Validity
Not Before: Oct 13 14:53:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a7e423b56c7fa7e8508e8fa32fd4b043c2a6f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8f:d2:d7:91:b6:eb:28:00:66:06:aa:da:ab:
d2:14:af:02:2a:f7:67:50:98:d5:50:4a:fe:90:cf:
29:ee:d1:a6:a7:36:e2:25:5f:d0:85:48:d2:48:54:
cb:21:7e:cf:7f:12:d5:33:d4:cf:f1:cf:37:0c:2a:
e6:ce:f6:4d:fd:e1:ef:a3:74:06:a9:e6:de:07:27:
fb:87:0c:d2:28:59:ff:31:f8:ac:d9:43:ee:54:79:
a6:7b:59:e6:76:a8:46:fb:0b:cf:cc:7a:5e:eb:35:
b6:fa:1d:f6:fd:ad:36:62:ca:de:55:a3:85:fd:f0:
0f:03:75:b7:66:d4:04:f4:d3:15:b9:1f:e7:9d:79:
c2:b7:c5:a3:3a:90:68:1f:02:88:99:7d:15:f1:06:
ce:0a:96:39:17:ae:ea:61:06:e0:0f:9a:6f:d2:44:
3f:5e:2d:86:de:f1:ec:72:f1:36:fe:59:19:71:ec:
0e:cc:22:50:69:10:dd:8e:51:89:f7:88:b0:5b:f9:
6e:d9:3d:c5:a2:39:f2:6d:be:eb:c7:a2:14:fb:89:
52:b9:d1:2c:17:88:70:5e:82:18:9e:31:ad:1b:5e:
19:01:5c:20:bb:f7:a4:ec:f5:38:c7:b3:28:f1:8b:
9e:dd:71:6e:0f:5e:d9:eb:53:c8:f3:fa:50:68:4c:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7E:42:3B:56:C7:FA:7E:85:08:E8:FA:32:FD:4B:04:3C:2A:6F:29
X509v3 Authority Key Identifier:
keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/mn5CO1bH-n6FCOj6Mv1LBDwqbyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.0.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:63:24:13:3e:22:c1:84:ad:5f:e6:4f:0e:03:19:ad:4a:bb:
40:f5:4e:2d:f9:b5:93:87:4d:06:87:b4:0f:a2:f6:29:b5:85:
51:fc:96:3b:26:f5:54:86:14:79:17:56:73:c6:9a:1c:cb:87:
17:a3:bb:63:10:d0:d4:2f:85:d0:da:e1:20:18:c7:4d:81:ed:
7f:97:1e:cb:8c:56:61:b3:b9:76:ed:0e:6f:b9:a6:b5:3f:9e:
64:4b:f1:ee:a1:fe:3e:38:e9:93:56:64:8d:fb:b6:2c:2f:f5:
56:36:06:e1:1c:13:1c:b2:87:4c:63:2e:23:ad:31:f6:84:11:
8f:23:f0:3e:99:b4:6d:7c:e6:01:b4:61:de:32:d9:12:23:9f:
12:1b:38:3e:e3:14:68:8c:b2:01:09:12:ad:5c:11:45:a5:e6:
24:10:e8:ba:95:03:ad:fa:db:0c:9d:ea:6e:a7:ff:ef:6d:0f:
8d:a4:73:89:7d:89:63:18:e8:da:94:a1:a6:28:81:1a:86:5b:
53:57:bf:07:ab:3e:cf:7c:1d:c1:93:a7:73:66:37:6e:0f:25:
23:b6:53:22:c8:b5:ee:58:16:5c:f7:58:88:5d:5c:89:a0:5c:
2f:69:6e:17:61:0d:e6:05:f1:60:13:34:a0:97:81:f9:95:b9:
02:ac:db:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPR1icOHXOmfJuTvJegvw9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjIxMDEzMTQ1MzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTdlNDIzYjU2YzdmYTdlODUwOGU4ZmEzMmZkNGIwNDNjMmE2ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno/S15G26ygAZgaq2qvSFK8CKvdn
UJjVUEr+kM8p7tGmpzbiJV/QhUjSSFTLIX7PfxLVM9TP8c83DCrmzvZN/eHvo3QG
qebeByf7hwzSKFn/Mfis2UPuVHmme1nmdqhG+wvPzHpe6zW2+h32/a02YsreVaOF
/fAPA3W3ZtQE9NMVuR/nnXnCt8WjOpBoHwKImX0V8QbOCpY5F67qYQbgD5pv0kQ/
Xi2G3vHscvE2/lkZcewOzCJQaRDdjlGJ94iwW/lu2T3Fojnybb7rx6IU+4lSudEs
F4hwXoIYnjGtG14ZAVwgu/ek7PU4x7Mo8Yue3XFuD17Z61PI8/pQaEz8kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJp+QjtWx/p+hQjo+jL9SwQ8Km8pMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvbW41Q08xYkgtbjZGQ09qNk12MUxCRHdxYnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW88AMA0G
CSqGSIb3DQEBCwUAA4IBAQC9YyQTPiLBhK1f5k8OAxmtSrtA9U4t+bWTh00Gh7QP
ovYptYVR/JY7JvVUhhR5F1Zzxpocy4cXo7tjENDUL4XQ2uEgGMdNge1/lx7LjFZh
s7l27Q5vuaa1P55kS/Huof4+OOmTVmSN+7YsL/VWNgbhHBMcsodMYy4jrTH2hBGP
I/A+mbRtfOYBtGHeMtkSI58SGzg+4xRojLIBCRKtXBFFpeYkEOi6lQOt+tsMnepu
p//vbQ+NpHOJfYljGOjalKGmKIEahltTV78Hqz7PfB3Bk6dzZjduDyUjtlMiyLXu
WBZc91iIXVyJoFwvaW4XYQ3mBfFgEzSgl4H5lbkCrNtj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:59 2025 by rpki-client