Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/c_htZZcJJpNIK3N6SDXeHgLDZUQ.roa
File: c_htZZcJJpNIK3N6SDXeHgLDZUQ.roa (raw, json)
Hash identifier: ADaI8PyMMomMar2GWqNHGzSfBsySxOUNH05AI9SzVJ8=
Subject key identifier: 73:F8:6D:65:97:09:26:93:48:2B:73:7A:48:35:DE:1E:02:C3:65:44
Certificate issuer: /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial: 01856DCB160DB6D869F25EADB8FD066EC255
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/c_htZZcJJpNIK3N6SDXeHgLDZUQ.roa
Signing time: Sun 01 Jan 2023 14:45:04 +0000
ROA not before: Sun 01 Jan 2023 14:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197444
IP address blocks: 91.217.52.0/23 maxlen: 23
91.221.148.0/23 maxlen: 23
2001:67c:2038::/48 maxlen: 48
2a13:50c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:16:0d:b6:d8:69:f2:5e:ad:b8:fd:06:6e:c2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Validity
Not Before: Jan 1 14:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73f86d6597092693482b737a4835de1e02c36544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:58:f5:18:da:73:87:75:2f:7b:3d:32:a9:96:
c2:a0:a4:30:2a:ae:79:31:ad:93:b6:26:5c:89:06:
09:55:f7:dc:62:ae:12:46:c7:b0:99:31:18:5a:52:
a0:bd:d1:23:bc:e5:12:2a:4e:ee:89:f8:7a:89:42:
35:ad:61:01:6d:a5:5b:20:22:aa:66:f1:05:3d:08:
ac:93:bb:0c:4a:25:bc:a2:dd:10:59:6c:d6:9b:b9:
b6:5b:db:43:9c:e5:e5:9a:af:6e:c9:aa:af:f5:6b:
27:91:e3:e2:e5:39:3b:19:f0:16:f5:b1:ce:a9:7f:
2f:eb:30:56:f7:1b:67:0a:a3:68:44:1f:bf:fb:6a:
eb:db:4a:c5:c8:21:b3:7c:b5:7c:c0:f3:e8:87:07:
4c:4c:46:51:7c:54:67:62:ed:66:f1:cf:ef:53:c2:
4f:96:5a:af:45:05:4a:4a:3f:2d:80:e6:0f:6e:9d:
44:4b:ca:98:24:1e:0f:ec:7b:f5:cf:14:52:1b:45:
7e:ba:2b:c6:b6:d2:40:fe:cd:06:f6:ac:a1:6a:e7:
c9:0b:d8:35:4b:d4:54:29:ac:2d:c6:4a:39:53:e3:
68:a5:99:c3:17:9c:4d:38:85:f4:0b:c1:f3:a7:41:
65:bc:1c:ed:5b:0a:d9:45:1f:9e:e6:14:f8:8d:80:
ff:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F8:6D:65:97:09:26:93:48:2B:73:7A:48:35:DE:1E:02:C3:65:44
X509v3 Authority Key Identifier:
keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/c_htZZcJJpNIK3N6SDXeHgLDZUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.52.0/23
91.221.148.0/23
IPv6:
2001:67c:2038::/48
2a13:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:e6:42:c8:b6:36:7c:28:fa:b9:4f:4a:cb:15:2a:85:ee:20:
71:30:75:b6:0e:c0:6a:cc:e4:8b:84:1c:55:70:55:84:32:a2:
50:63:65:0b:11:cd:37:e9:1c:c2:a2:c6:ac:e0:2b:21:1d:d7:
86:f8:56:59:b6:1a:ee:6a:72:ea:d9:2d:b8:ef:3a:05:c7:9e:
5a:6d:e2:cd:41:60:41:da:a5:c5:21:3d:7c:ac:14:8b:5c:94:
fe:cd:c7:8a:e6:f0:07:7f:e6:1b:5a:29:4d:a9:24:1e:cb:ca:
03:18:1f:57:55:79:be:9a:f3:5b:d7:f9:fb:65:69:55:4b:78:
7b:4d:9d:86:32:9c:be:c6:44:54:59:f5:e0:ab:39:1f:ca:4f:
89:a5:19:02:f7:4c:c8:2a:b9:0f:30:a5:bc:fa:ce:2d:c9:19:
9b:5d:97:77:30:e2:2d:f9:22:bf:78:e9:f1:66:98:33:e5:44:
59:6c:82:cd:4b:46:8a:f0:cf:35:56:98:e0:fa:82:fe:34:9c:
cb:98:b2:9c:25:6d:fa:e8:fc:b5:db:4c:2e:bd:f2:29:63:89:
38:c6:82:88:bd:25:3e:7c:33:a0:9f:78:70:e9:bf:4a:08:23:
d8:56:61:f3:80:cf:6e:a3:c6:cd:20:7a:0d:8f:73:5a:49:51:
6b:75:24:35
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtyxYNtthp8l6tuP0GbsJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjMwMTAxMTQ0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y4NmQ2NTk3MDkyNjkzNDgyYjczN2E0ODM1ZGUxZTAyYzM2NTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllj1GNpzh3Uvez0yqZbCoKQwKq55
Ma2TtiZciQYJVffcYq4SRsewmTEYWlKgvdEjvOUSKk7uifh6iUI1rWEBbaVbICKq
ZvEFPQisk7sMSiW8ot0QWWzWm7m2W9tDnOXlmq9uyaqv9WsnkePi5Tk7GfAW9bHO
qX8v6zBW9xtnCqNoRB+/+2rr20rFyCGzfLV8wPPohwdMTEZRfFRnYu1m8c/vU8JP
llqvRQVKSj8tgOYPbp1ES8qYJB4P7Hv1zxRSG0V+uivGttJA/s0G9qyhaufJC9g1
S9RUKawtxko5U+NopZnDF5xNOIX0C8Hzp0FlvBztWwrZRR+e5hT4jYD/bQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHP4bWWXCSaTSCtzekg13h4Cw2VEMB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvY19odFpaY0pKcE5JSzNONlNEWGVIZ0xEWlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBW9k0AwQB
W92UMBYEAgACMBADBwAgAQZ8IDgDBQMqE1DAMA0GCSqGSIb3DQEBCwUAA4IBAQAB
5kLItjZ8KPq5T0rLFSqF7iBxMHW2DsBqzOSLhBxVcFWEMqJQY2ULEc036RzCosas
4CshHdeG+FZZthruanLq2S247zoFx55abeLNQWBB2qXFIT18rBSLXJT+zceK5vAH
f+YbWilNqSQey8oDGB9XVXm+mvNb1/n7ZWlVS3h7TZ2GMpy+xkRUWfXgqzkfyk+J
pRkC90zIKrkPMKW8+s4tyRmbXZd3MOIt+SK/eOnxZpgz5URZbILNS0aK8M81Vpjg
+oL+NJzLmLKcJW366Py120wuvfIpY4k4xoKIvSU+fDOgn3hw6b9KCCPYVmHzgM9u
o8bNIHoNj3NaSVFrdSQ1
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:08:27 2025 by rpki-client