Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/oT01BC5V5Oi2BmvnPU6r-7dzKEg.roa
File: oT01BC5V5Oi2BmvnPU6r-7dzKEg.roa (raw, json)
Hash identifier: 5Kns7ntyehfc30UKFb/34K5bdDNhOhe8dfgUO47KJZM=
Subject key identifier: A1:3D:35:04:2E:55:E4:E8:B6:06:6B:E7:3D:4E:AB:FB:B7:73:28:48
Certificate issuer: /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial: 01840BF985D48EC0531BCAFDA34484910B7E
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/oT01BC5V5Oi2BmvnPU6r-7dzKEg.roa
Signing time: Mon 24 Oct 2022 21:50:12 +0000
ROA not before: Mon 24 Oct 2022 21:50:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.207.1.0/24 maxlen: 24
91.206.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0b:f9:85:d4:8e:c0:53:1b:ca:fd:a3:44:84:91:0b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Validity
Not Before: Oct 24 21:50:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a13d35042e55e4e8b6066be73d4eabfbb7732848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8a:87:e0:9d:3d:52:de:9b:a2:d7:1d:0b:15:
9b:82:15:7d:68:a0:0b:e5:6b:ab:1a:7e:ad:ce:da:
f2:b3:8b:99:c8:8e:32:b9:63:d4:cc:9a:e1:2f:8c:
23:7e:62:73:5b:5c:54:ab:24:1a:20:ef:80:ab:ca:
1a:02:13:0c:80:d5:33:d9:04:05:ef:8b:63:dd:ad:
b8:ce:f4:eb:e3:76:6b:96:4a:5b:4f:51:0d:ac:a6:
e4:56:1f:b5:5a:87:48:c0:4e:3a:bc:e7:d3:f8:bc:
64:61:ad:de:bf:97:f7:9a:6e:11:56:ed:5f:b2:d3:
a3:89:dd:60:76:8a:02:be:12:a4:05:eb:96:99:c9:
e9:53:8f:5a:85:bf:62:55:6e:3d:a4:0b:9e:59:f3:
8e:c0:ee:43:42:8b:02:29:55:ae:8a:13:9c:3f:7d:
51:21:a2:b0:93:42:64:ce:a2:bf:4a:9e:74:f7:b3:
ae:f3:51:49:93:5d:20:f9:18:aa:21:29:4a:b6:3a:
f5:b8:b0:ce:7b:6c:92:e6:aa:44:1f:cf:59:b8:8e:
ae:0b:e0:7d:5b:f9:a2:11:71:44:a4:02:ef:73:c3:
1d:70:0b:b5:aa:0e:47:63:69:50:e4:89:3d:c7:4d:
c8:e0:b0:01:96:d7:fb:96:36:e2:9d:f3:ca:3c:ea:
58:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3D:35:04:2E:55:E4:E8:B6:06:6B:E7:3D:4E:AB:FB:B7:73:28:48
X509v3 Authority Key Identifier:
keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/oT01BC5V5Oi2BmvnPU6r-7dzKEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.209.0/24
91.207.1.0/24
Signature Algorithm: sha256WithRSAEncryption
11:13:98:90:28:c1:6d:74:d3:0f:65:ac:17:8a:d1:d0:e7:18:
b1:03:45:f9:dd:15:47:2f:02:66:a9:91:2f:c1:09:b4:2d:a8:
be:02:95:6b:3b:90:ae:5a:eb:9c:a3:37:d3:93:4a:43:7c:bf:
b8:cb:ba:07:48:c1:f7:4c:f6:b4:46:b1:60:3a:08:56:36:e7:
81:54:4d:24:7a:21:02:b4:85:66:92:44:0c:1c:ea:a9:8f:1b:
17:87:58:fe:ff:fb:4a:36:bc:6c:e1:32:05:a3:1d:1d:76:27:
3d:ee:32:83:e8:f3:7e:2c:94:9d:0f:37:d3:1a:9b:84:06:32:
49:92:76:ec:8e:44:6c:21:b1:99:6d:12:db:08:e7:30:5e:5d:
96:6b:d8:c5:df:f6:b9:30:82:00:15:96:1b:0c:fe:a4:d6:4f:
8b:20:4e:d3:39:04:61:6f:bf:0d:a0:e9:b3:29:c3:08:a2:42:
90:c1:e7:19:92:01:b9:f9:63:72:9e:9f:cb:19:b6:c3:89:a0:
bd:a7:fe:62:34:aa:22:81:a6:a5:13:0a:df:0c:2d:59:cd:ba:
3d:2a:25:d3:91:55:15:eb:4e:9a:8c:a7:44:b9:3f:90:67:2a:
af:76:c2:74:0c:1e:c6:e6:30:7b:17:24:04:db:2e:4b:4e:52:
07:9f:36:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQL+YXUjsBTG8r9o0SEkQt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjIxMDI0MjE1MDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTNkMzUwNDJlNTVlNGU4YjYwNjZiZTczZDRlYWJmYmI3NzMyODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIqH4J09Ut6botcdCxWbghV9aKAL
5WurGn6tztrys4uZyI4yuWPUzJrhL4wjfmJzW1xUqyQaIO+Aq8oaAhMMgNUz2QQF
74tj3a24zvTr43ZrlkpbT1ENrKbkVh+1WodIwE46vOfT+LxkYa3ev5f3mm4RVu1f
stOjid1gdooCvhKkBeuWmcnpU49ahb9iVW49pAueWfOOwO5DQosCKVWuihOcP31R
IaKwk0JkzqK/Sp5097Ou81FJk10g+RiqISlKtjr1uLDOe2yS5qpEH89ZuI6uC+B9
W/miEXFEpALvc8MdcAu1qg5HY2lQ5Ik9x03I4LABltf7ljbinfPKPOpYQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKE9NQQuVeTotgZr5z1Oq/u3cyhIMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvb1QwMUJDNVY1T2kyQm12blBVNnItN2R6S0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW87RAwQA
W88BMA0GCSqGSIb3DQEBCwUAA4IBAQARE5iQKMFtdNMPZawXitHQ5xixA0X53RVH
LwJmqZEvwQm0Lai+ApVrO5CuWuucozfTk0pDfL+4y7oHSMH3TPa0RrFgOghWNueB
VE0keiECtIVmkkQMHOqpjxsXh1j+//tKNrxs4TIFox0ddic97jKD6PN+LJSdDzfT
GpuEBjJJknbsjkRsIbGZbRLbCOcwXl2Wa9jF3/a5MIIAFZYbDP6k1k+LIE7TOQRh
b78NoOmzKcMIokKQwecZkgG5+WNynp/LGbbDiaC9p/5iNKoigaalEwrfDC1Zzbo9
KiXTkVUV606ajKdEuT+QZyqvdsJ0DB7G5jB7FyQE2y5LTlIHnzY8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:07 2025 by rpki-client