Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/Z8su73rigBpkurgWrlxBwHuDkbk.roa
File: Z8su73rigBpkurgWrlxBwHuDkbk.roa (raw, json)
Hash identifier: 9xeowqZNmAiAuP/8EbqytjlJ31s6dJ3oqXDgTU4KJ08=
Subject key identifier: 67:CB:2E:EF:7A:E2:80:1A:64:BA:B8:16:AE:5C:41:C0:7B:83:91:B9
Certificate issuer: /CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Certificate serial: 018572CCB55D5F3F191A2979ABBF007A8EDE
Authority key identifier: 79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/Z8su73rigBpkurgWrlxBwHuDkbk.roa
Signing time: Mon 02 Jan 2023 14:04:56 +0000
ROA not before: Mon 02 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 91.198.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b5:5d:5f:3f:19:1a:29:79:ab:bf:00:7a:8e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Validity
Not Before: Jan 2 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67cb2eef7ae2801a64bab816ae5c41c07b8391b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:b0:d1:68:08:0c:6b:30:22:e6:ae:a8:16:
e2:ea:9b:a2:9e:b7:bf:50:ef:bc:4c:f7:de:42:93:
ca:08:7c:e2:c0:55:91:a9:46:a3:51:50:22:fd:de:
fd:99:8a:bb:33:7c:1e:49:fc:9e:ef:ab:58:d9:9c:
4f:5a:31:c5:d1:ef:e5:50:81:d9:ac:ed:49:98:50:
fc:90:c8:fa:82:67:ab:d3:c7:ce:ee:cf:7f:df:e6:
f4:6d:b7:97:1f:65:dd:74:28:72:27:3f:aa:a7:84:
14:8a:09:bb:d8:04:66:7f:7c:c6:2b:5d:4d:9e:f6:
b7:0a:07:71:82:1c:45:a8:1d:c9:db:25:db:ca:94:
89:74:b9:c3:33:07:91:2f:86:5f:8d:c2:e2:82:c6:
49:84:67:9c:41:3d:00:02:50:84:84:05:03:01:e3:
d4:5d:6d:6f:be:61:5b:50:2f:5f:20:c5:4a:44:e6:
08:97:f1:e5:b7:f7:be:c7:4c:e7:21:7d:0a:11:55:
4f:fb:49:1d:e1:69:8e:7d:e3:1c:34:d2:03:bd:fc:
61:8c:95:77:37:b1:9e:a7:ab:e2:0f:6e:99:ac:c0:
dd:4f:14:e4:4c:44:8d:ae:f3:96:1f:1d:1a:8f:c3:
fa:b1:d7:4f:13:80:d9:f9:4f:d7:b2:6b:16:4c:b4:
8f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CB:2E:EF:7A:E2:80:1A:64:BA:B8:16:AE:5C:41:C0:7B:83:91:B9
X509v3 Authority Key Identifier:
keyid:79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/Z8su73rigBpkurgWrlxBwHuDkbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ec1L08m_4g3M_isZ3iMJXKJHSDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.72.0/24
Signature Algorithm: sha256WithRSAEncryption
49:21:dc:5e:aa:d0:d6:f6:aa:7b:78:2f:cf:c9:c1:9a:b9:21:
b1:92:57:1e:bd:37:c4:fc:0a:36:bd:4f:d9:e4:ed:3b:a7:84:
7b:e5:f3:a4:4f:5e:4a:dd:8f:25:24:dd:30:b7:aa:a9:78:75:
34:c2:63:ac:a3:bd:77:21:a7:6b:3d:b4:9a:07:38:e6:af:89:
74:50:bc:c0:0f:95:0c:1c:86:2c:d9:18:25:4a:7b:12:7e:6f:
07:16:83:a0:6f:77:c1:ac:30:8f:58:71:c6:07:50:f3:75:5d:
5a:0d:a6:fe:08:5b:66:1c:39:f0:39:b4:c6:82:69:bd:19:97:
3b:02:78:72:89:e9:02:e5:0f:45:73:14:e8:fc:15:e4:20:73:
78:d0:a4:e9:86:b5:1e:be:e7:ec:ec:e4:e9:e9:d6:5f:a4:5e:
8a:d2:1b:bf:5d:f8:b3:71:12:a7:a4:f3:dd:d4:38:63:24:9e:
b6:84:8a:9d:6d:54:2c:42:1f:a2:57:42:55:6d:96:c7:99:26:
ae:b8:20:62:7d:cc:89:74:4c:77:33:36:8b:09:49:b5:5b:76:
6f:94:8f:7e:2e:78:1c:7f:c6:df:d1:bc:a8:3a:e8:8d:79:03:
e2:ff:f7:e6:b9:6b:0d:86:21:bf:b8:32:84:f2:9c:0a:97:cf:
79:37:30:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzLVdXz8ZGil5q78Aeo7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Y2Q0YmQzYzliZmUyMGRjY2ZlMmIxOWRlMjMwOTVjYTI0
NzQ4MzUwHhcNMjMwMTAyMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NiMmVlZjdhZTI4MDFhNjRiYWI4MTZhZTVjNDFjMDdiODM5MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV2w0WgIDGswIuauqBbi6puinre/
UO+8TPfeQpPKCHziwFWRqUajUVAi/d79mYq7M3weSfye76tY2ZxPWjHF0e/lUIHZ
rO1JmFD8kMj6gmer08fO7s9/3+b0bbeXH2XddChyJz+qp4QUigm72ARmf3zGK11N
nva3CgdxghxFqB3J2yXbypSJdLnDMweRL4ZfjcLigsZJhGecQT0AAlCEhAUDAePU
XW1vvmFbUC9fIMVKROYIl/Hlt/e+x0znIX0KEVVP+0kd4WmOfeMcNNIDvfxhjJV3
N7Gep6viD26ZrMDdTxTkTESNrvOWHx0aj8P6sddPE4DZ+U/XsmsWTLSPKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfLLu964oAaZLq4Fq5cQcB7g5G5MB8GA1UdIwQY
MBaAFHnNS9PJv+INzP4rGd4jCVyiR0g1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTct
MmMyYzVmYmRhMzQxLzEvWjhzdTczcmlnQnBrdXJnV3JseEJ3SHVEa2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTctMmMyYzVmYmRhMzQx
LzEvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZIMA0G
CSqGSIb3DQEBCwUAA4IBAQBJIdxeqtDW9qp7eC/PycGauSGxklcevTfE/Ao2vU/Z
5O07p4R75fOkT15K3Y8lJN0wt6qpeHU0wmOso713IadrPbSaBzjmr4l0ULzAD5UM
HIYs2RglSnsSfm8HFoOgb3fBrDCPWHHGB1DzdV1aDab+CFtmHDnwObTGgmm9GZc7
AnhyiekC5Q9FcxTo/BXkIHN40KTphrUevufs7OTp6dZfpF6K0hu/XfizcRKnpPPd
1DhjJJ62hIqdbVQsQh+iV0JVbZbHmSauuCBifcyJdEx3MzaLCUm1W3ZvlI9+Lngc
f8bf0byoOuiNeQPi//fmuWsNhiG/uDKE8pwKl895NzBz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:31 2025 by rpki-client