Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/91S986x3EdOOn3cr8XiexzxTCi4.roa
File: 91S986x3EdOOn3cr8XiexzxTCi4.roa (raw, json)
Hash identifier: zPBH3EpVzF8u0YbxZyQhQ63FwXLG6Fz1WRh1J4P6FvQ=
Subject key identifier: F7:54:BD:F3:AC:77:11:D3:8E:9F:77:2B:F1:78:9E:C7:3C:53:0A:2E
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01857030411271C6C680A42C139BD82A7AAD
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/91S986x3EdOOn3cr8XiexzxTCi4.roa
Signing time: Mon 02 Jan 2023 01:54:48 +0000
ROA not before: Mon 02 Jan 2023 01:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 193.135.137.0/24 maxlen: 24
193.135.151.0/24 maxlen: 24
193.135.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:41:12:71:c6:c6:80:a4:2c:13:9b:d8:2a:7a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 2 01:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f754bdf3ac7711d38e9f772bf1789ec73c530a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a2:e5:78:16:d3:34:96:b8:c6:e9:13:00:ce:
5c:d7:4f:dc:24:00:b4:bd:c0:1e:5d:03:18:50:61:
b1:8f:7b:37:6e:58:ea:51:c5:b0:e0:67:9a:d4:12:
c5:37:d9:2c:70:b2:57:f7:2a:3a:c7:4b:7e:ea:e2:
bc:36:83:f9:4f:09:d2:6a:b9:4f:38:56:6a:c9:a3:
a3:61:28:ce:0b:04:b9:13:ac:04:a3:4e:fe:7c:eb:
37:ba:c2:c3:3d:c1:7e:6c:6e:ed:23:8f:a9:3d:b9:
8f:3c:d4:4b:96:1a:49:3c:99:33:43:d5:f9:fb:c2:
87:a2:4b:60:e6:4d:bd:d9:06:eb:f8:08:81:64:cb:
66:5d:29:e3:ec:bd:1d:49:e0:9a:11:bb:06:a3:b9:
24:5c:5b:a0:c2:e9:71:dc:e3:2e:af:1f:13:3e:02:
8f:eb:0b:ff:6e:37:73:e8:9a:6e:bd:9c:1b:ba:77:
9e:0d:ae:ba:df:4a:fb:d9:bb:9d:af:64:13:de:70:
a4:14:34:87:e5:a8:c1:6c:55:15:0b:b7:ba:10:df:
bc:0f:16:d7:d2:60:5d:17:60:ea:70:cf:81:8b:64:
f3:f7:c3:f4:7a:75:aa:ad:8f:24:9d:a9:58:7a:bf:
8d:6a:5d:80:9b:4d:10:4c:84:bb:cd:f3:9c:cf:20:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:54:BD:F3:AC:77:11:D3:8E:9F:77:2B:F1:78:9E:C7:3C:53:0A:2E
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/91S986x3EdOOn3cr8XiexzxTCi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.137.0/24
193.135.151.0/24
193.135.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0d:0c:f8:a6:b8:44:ea:64:f5:09:8f:bb:f5:72:90:76:4b:
85:db:48:c6:38:69:2f:91:c4:50:93:a9:09:ab:5d:cb:77:da:
25:20:2c:d1:34:53:cb:8c:07:14:75:37:b6:e6:4a:6f:d2:da:
39:a6:64:21:74:cf:cf:50:3f:28:4b:3c:fa:11:05:26:4e:7a:
cc:79:0c:63:7d:10:99:c0:8f:53:53:d9:71:c8:77:e6:f7:69:
92:53:86:b8:c0:8b:44:9e:bd:5e:ba:e6:6d:85:1b:e1:a6:ce:
be:83:a5:05:fe:eb:5b:9f:20:61:81:9a:b9:63:76:30:18:a2:
30:8c:cb:7f:de:e9:fa:e7:20:7d:fd:f5:c5:23:5a:88:65:5b:
78:65:a7:1d:4c:c2:39:80:34:67:75:d5:33:5b:5f:88:22:77:
a7:a4:b9:39:26:47:f6:bb:bd:ae:5a:dc:ab:71:5a:77:b0:d2:
9c:7d:b1:b1:9b:22:ce:0d:97:bf:78:4a:d6:02:a1:0c:41:0b:
7c:8f:f4:61:37:2d:85:17:f6:40:e6:7f:24:fb:5c:ee:93:1d:
8f:5f:14:08:45:bd:72:9f:62:b1:50:c3:90:61:42:d7:06:8f:
7f:c2:81:2a:c5:85:3e:c0:50:5b:bf:13:c4:7f:5a:37:00:0d:
36:a8:ef:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwMEESccbGgKQsE5vYKnqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMTAyMDE1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU0YmRmM2FjNzcxMWQzOGU5Zjc3MmJmMTc4OWVjNzNjNTMwYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaLleBbTNJa4xukTAM5c10/cJAC0
vcAeXQMYUGGxj3s3bljqUcWw4Gea1BLFN9kscLJX9yo6x0t+6uK8NoP5TwnSarlP
OFZqyaOjYSjOCwS5E6wEo07+fOs3usLDPcF+bG7tI4+pPbmPPNRLlhpJPJkzQ9X5
+8KHoktg5k292Qbr+AiBZMtmXSnj7L0dSeCaEbsGo7kkXFugwulx3OMurx8TPgKP
6wv/bjdz6JpuvZwbuneeDa6630r72budr2QT3nCkFDSH5ajBbFUVC7e6EN+8DxbX
0mBdF2DqcM+Bi2Tz98P0enWqrY8knalYer+Nal2Am00QTIS7zfOczyC2wwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPdUvfOsdxHTjp93K/F4nsc8UwouMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvOTFTOTg2eDNFZE9PbjNjcjhYaWV4enhUQ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwYeJAwQA
wYeXAwQAwYedMA0GCSqGSIb3DQEBCwUAA4IBAQAMDQz4prhE6mT1CY+79XKQdkuF
20jGOGkvkcRQk6kJq13Ld9olICzRNFPLjAcUdTe25kpv0to5pmQhdM/PUD8oSzz6
EQUmTnrMeQxjfRCZwI9TU9lxyHfm92mSU4a4wItEnr1euuZthRvhps6+g6UF/utb
nyBhgZq5Y3YwGKIwjMt/3un65yB9/fXFI1qIZVt4ZacdTMI5gDRnddUzW1+IInen
pLk5Jkf2u72uWtyrcVp3sNKcfbGxmyLODZe/eErWAqEMQQt8j/RhNy2FF/ZA5n8k
+1zukx2PXxQIRb1yn2KxUMOQYULXBo9/woEqxYU+wFBbvxPEf1o3AA02qO9J
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:46 2025 by rpki-client