Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa
File: bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa (raw, json)
Hash identifier: XKu+wTLfRTA57m08wZU4TJfHYTsqZqK/HNca2CTcNyU=
Subject key identifier: 6C:61:D5:98:DD:D6:AA:10:41:E0:BC:BB:6A:DE:16:48:DA:7D:2C:AE
Certificate issuer: /CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Certificate serial: 01856EA6A23BE58CF07556AD8A806F0FCCC5
Authority key identifier: 5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa
Signing time: Sun 01 Jan 2023 18:44:52 +0000
ROA not before: Sun 01 Jan 2023 18:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198606
IP address blocks: 91.237.96.0/24 maxlen: 24
2001:67c:28c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:a2:3b:e5:8c:f0:75:56:ad:8a:80:6f:0f:cc:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Validity
Not Before: Jan 1 18:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c61d598ddd6aa1041e0bcbb6ade1648da7d2cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:0e:79:fc:88:a4:b5:92:c4:b8:b2:b1:4a:
8c:a9:14:bf:a0:81:07:a1:03:77:94:6f:cd:2a:6b:
ab:4d:93:1b:3f:02:cb:e9:7a:f3:85:fa:e2:43:c2:
4a:6a:7f:2b:fe:d7:5d:87:07:dd:80:b3:06:d5:c8:
b7:30:2d:95:02:ba:15:f7:2a:e6:79:25:71:79:88:
24:fc:9f:38:e3:49:e4:be:d6:6a:47:0c:a6:8b:b1:
c1:bd:43:fd:a3:fb:d0:7f:3c:79:7e:bc:73:9a:91:
59:ea:31:87:cb:05:59:57:89:1b:0e:55:3e:fa:de:
4a:f0:31:f4:5c:a0:87:31:8c:8b:a2:50:69:40:eb:
de:3e:9c:cd:34:42:9f:7f:81:76:53:ae:28:bc:50:
d1:b5:33:c9:88:85:89:a8:09:a9:da:5c:00:ac:2b:
a8:76:d6:3b:8c:bd:6a:04:a6:5e:b9:05:2a:80:ce:
35:bf:5d:3d:23:cd:56:66:63:d1:c0:24:11:35:9e:
7f:de:76:0c:23:5c:1d:25:a3:c3:cb:9d:61:cb:79:
94:27:19:98:d7:39:8b:fa:04:64:40:6d:5e:cb:f4:
1f:f9:14:d1:48:3a:21:50:69:1a:6a:9e:ec:f8:42:
29:38:bc:1d:de:2f:a6:93:ad:0d:c1:7b:55:c5:1a:
7f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:61:D5:98:DD:D6:AA:10:41:E0:BC:BB:6A:DE:16:48:DA:7D:2C:AE
X509v3 Authority Key Identifier:
keyid:5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.96.0/24
IPv6:
2001:67c:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:ad:53:c7:09:0f:32:b9:1a:4e:0c:0a:88:c0:22:a7:10:2f:
64:42:a6:8d:8a:50:af:8a:3e:a4:57:8e:b2:61:38:ef:84:c6:
05:b9:5c:1e:17:98:d7:70:97:fa:e3:fe:50:fb:56:10:d3:8b:
de:ab:28:80:b2:69:ff:b4:17:cf:bd:e7:2d:43:76:4e:54:0d:
05:ce:67:f3:7a:07:32:46:36:6b:ab:48:ac:80:c7:de:8a:f8:
79:80:c1:e7:ac:dc:a9:45:b8:62:8b:e1:67:a4:c4:b9:a6:8a:
a6:5b:77:23:bd:68:25:be:44:f3:40:98:32:c8:b9:f1:42:cd:
17:b6:98:8c:56:57:6c:29:1b:06:8c:ea:e1:40:58:72:a1:53:
d5:dd:e2:80:96:86:79:43:9d:b3:6f:5f:81:82:fd:9e:a0:b7:
d0:99:c3:1a:0d:d2:93:a0:71:70:b4:c4:2c:85:8e:27:ca:7a:
ae:26:23:74:2c:d7:f5:0c:56:68:70:c4:d2:58:4a:14:a3:45:
84:71:d8:b2:b4:c8:00:ce:87:3c:b9:25:62:4d:38:4b:c3:33:
b3:d1:a0:3c:c7:c7:12:95:09:99:5e:6a:c2:44:50:62:fc:44:
06:0d:ac:51:df:ed:ef:53:3e:fb:d6:4b:75:f2:bb:bb:11:cb:
8d:99:3b:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVupqI75YzwdVatioBvD8zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTRlNTcxMGE0NjUzNmJlZjJhZjM2YmY2M2YxOTQwYmMz
N2JkNDIwHhcNMjMwMTAxMTg0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYxZDU5OGRkZDZhYTEwNDFlMGJjYmI2YWRlMTY0OGRhN2QyY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR8OefyIpLWSxLiysUqMqRS/oIEH
oQN3lG/NKmurTZMbPwLL6XrzhfriQ8JKan8r/tddhwfdgLMG1ci3MC2VAroV9yrm
eSVxeYgk/J8440nkvtZqRwymi7HBvUP9o/vQfzx5frxzmpFZ6jGHywVZV4kbDlU+
+t5K8DH0XKCHMYyLolBpQOvePpzNNEKff4F2U64ovFDRtTPJiIWJqAmp2lwArCuo
dtY7jL1qBKZeuQUqgM41v109I81WZmPRwCQRNZ5/3nYMI1wdJaPDy51hy3mUJxmY
1zmL+gRkQG1ey/Qf+RTRSDohUGkaap7s+EIpOLwd3i+mk60NwXtVxRp/WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGxh1Zjd1qoQQeC8u2reFkjafSyuMB8GA1UdIwQY
MBaAFFqk5XEKRlNr7yrza/Y/GUC8N71CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmIt
NDRkYzUyYTE5Y2U1LzEvYkdIVm1OM1dxaEJCNEx5N2F0NFdTTnA5TEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmItNDRkYzUyYTE5Y2U1
LzEvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1gMA8E
AgACMAkDBwAgAQZ8KMAwDQYJKoZIhvcNAQELBQADggEBAIytU8cJDzK5Gk4MCojA
IqcQL2RCpo2KUK+KPqRXjrJhOO+ExgW5XB4XmNdwl/rj/lD7VhDTi96rKICyaf+0
F8+95y1Ddk5UDQXOZ/N6BzJGNmurSKyAx96K+HmAwees3KlFuGKL4WekxLmmiqZb
dyO9aCW+RPNAmDLIufFCzRe2mIxWV2wpGwaM6uFAWHKhU9Xd4oCWhnlDnbNvX4GC
/Z6gt9CZwxoN0pOgcXC0xCyFjifKeq4mI3Qs1/UMVmhwxNJYShSjRYRx2LK0yADO
hzy5JWJNOEvDM7PRoDzHxxKVCZleasJEUGL8RAYNrFHf7e9TPvvWS3Xyu7sRy42Z
O6c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:53 2025 by rpki-client