Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/i7aHqh-kcwKixNUU078BMBtH92M.roa
File: i7aHqh-kcwKixNUU078BMBtH92M.roa (raw, json)
Hash identifier: eOuYTexhNUA5XT2HU8NOxEA9QeiP7f3xLHnMFCAZhUc=
Subject key identifier: 8B:B6:87:AA:1F:A4:73:02:A2:C4:D5:14:D3:BF:01:30:1B:47:F7:63
Certificate issuer: /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial: 01850D893361371F4F2BA8712CFA525E23F7
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/i7aHqh-kcwKixNUU078BMBtH92M.roa
Signing time: Tue 13 Dec 2022 22:09:33 +0000
ROA not before: Tue 13 Dec 2022 22:09:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197444
IP address blocks: 91.217.52.0/23 maxlen: 23
91.221.148.0/23 maxlen: 23
2001:67c:2038::/48 maxlen: 48
2a13:50c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0d:89:33:61:37:1f:4f:2b:a8:71:2c:fa:52:5e:23:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Validity
Not Before: Dec 13 22:09:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bb687aa1fa47302a2c4d514d3bf01301b47f763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:ad:30:ef:b2:26:d6:e4:ce:7b:3e:bd:be:
a9:14:11:97:9b:ea:18:d6:f8:8d:50:a2:32:91:86:
6c:f2:d2:10:4b:22:68:7c:36:88:f4:14:4d:40:ae:
86:70:d2:7f:81:19:07:ff:04:74:7b:dc:0e:dd:50:
58:04:fe:7a:79:1e:3b:65:0f:5c:3c:c9:9f:4b:96:
1c:23:64:d6:c3:2c:dc:59:02:f9:20:4f:53:e7:d9:
55:66:93:66:92:d1:4e:9e:4a:50:3a:bf:ee:2a:f3:
ce:2e:70:7c:40:c5:18:7a:52:68:f5:a5:5a:5f:db:
85:80:a2:58:39:bc:a6:a4:02:17:6c:f0:28:35:8f:
1e:7a:0f:58:b8:77:aa:a4:76:63:94:3f:7e:de:29:
83:18:fd:bf:99:19:33:ae:b3:35:27:50:ba:a8:c5:
7e:53:b9:88:c3:52:60:04:23:f8:7e:39:6e:21:a3:
f7:7d:07:44:96:c0:f1:b9:38:1a:5e:20:4b:52:46:
a1:96:0c:c2:11:f7:42:39:c2:b6:b0:84:84:99:bb:
17:cb:b2:11:91:f6:8b:10:e1:ec:77:35:f5:1d:81:
67:79:23:6c:dd:10:b7:19:6a:8a:90:67:55:74:e0:
a8:1d:4f:12:89:f4:1c:b4:6b:64:6f:ba:af:36:53:
7e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B6:87:AA:1F:A4:73:02:A2:C4:D5:14:D3:BF:01:30:1B:47:F7:63
X509v3 Authority Key Identifier:
keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/i7aHqh-kcwKixNUU078BMBtH92M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.52.0/23
91.221.148.0/23
IPv6:
2001:67c:2038::/48
2a13:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:60:0b:81:ac:42:1b:89:98:70:c0:cb:57:3a:19:77:97:ce:
c2:2f:16:84:66:94:a6:ad:46:97:66:d6:d9:25:e5:39:cb:55:
e0:91:43:35:a1:4c:99:a8:83:0e:a7:14:5d:67:32:2d:07:59:
4f:a2:cf:d5:29:de:6e:f8:bc:e2:a9:99:ef:94:d1:dd:3b:23:
be:b9:d6:1a:94:dc:ac:5d:0d:8c:50:b0:e6:67:74:a1:d2:25:
37:7a:a5:93:7e:c2:54:04:15:e8:62:d5:b8:2c:58:90:2b:df:
a3:64:2e:2a:d9:e8:e0:96:cc:97:7d:f4:de:ce:02:0e:0a:17:
bf:aa:3d:9c:3b:e5:4d:b7:00:9f:c6:35:2c:c5:a9:d4:a5:b4:
d0:fa:ce:96:bd:b4:bd:0e:42:af:b5:3b:60:6b:55:72:c2:69:
74:4d:28:1a:9d:1d:6c:42:3c:3f:bc:14:8a:a9:a3:7f:9e:db:
f4:13:e5:1e:de:d1:df:ce:8f:16:97:6c:66:62:e8:7e:7b:ce:
49:47:83:9f:39:f9:12:a7:ba:53:a1:dd:f8:67:97:5f:65:5f:
0e:75:95:b4:d6:2d:72:31:0f:2d:61:34:b1:50:56:ed:60:9e:
33:f3:e4:a8:69:09:94:ab:41:e4:56:ee:59:5f:69:97:1e:98:
87:a2:09:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUNiTNhNx9PK6hxLPpSXiP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjIxMjEzMjIwOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmI2ODdhYTFmYTQ3MzAyYTJjNGQ1MTRkM2JmMDEzMDFiNDdmNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUutMO+yJtbkzns+vb6pFBGXm+oY
1viNUKIykYZs8tIQSyJofDaI9BRNQK6GcNJ/gRkH/wR0e9wO3VBYBP56eR47ZQ9c
PMmfS5YcI2TWwyzcWQL5IE9T59lVZpNmktFOnkpQOr/uKvPOLnB8QMUYelJo9aVa
X9uFgKJYObympAIXbPAoNY8eeg9YuHeqpHZjlD9+3imDGP2/mRkzrrM1J1C6qMV+
U7mIw1JgBCP4fjluIaP3fQdElsDxuTgaXiBLUkahlgzCEfdCOcK2sISEmbsXy7IR
kfaLEOHsdzX1HYFneSNs3RC3GWqKkGdVdOCoHU8SifQctGtkb7qvNlN+ZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIu2h6ofpHMCosTVFNO/ATAbR/djMB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvaTdhSHFoLWtjd0tpeE5VVTA3OEJNQnRIOTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBW9k0AwQB
W92UMBYEAgACMBADBwAgAQZ8IDgDBQMqE1DAMA0GCSqGSIb3DQEBCwUAA4IBAQBq
YAuBrEIbiZhwwMtXOhl3l87CLxaEZpSmrUaXZtbZJeU5y1XgkUM1oUyZqIMOpxRd
ZzItB1lPos/VKd5u+LziqZnvlNHdOyO+udYalNysXQ2MULDmZ3Sh0iU3eqWTfsJU
BBXoYtW4LFiQK9+jZC4q2ejglsyXffTezgIOChe/qj2cO+VNtwCfxjUsxanUpbTQ
+s6WvbS9DkKvtTtga1Vywml0TSganR1sQjw/vBSKqaN/ntv0E+Ue3tHfzo8Wl2xm
Yuh+e85JR4OfOfkSp7pTod34Z5dfZV8OdZW01i1yMQ8tYTSxUFbtYJ4z8+SoaQmU
q0HkVu5ZX2mXHpiHogkc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:18 2025 by rpki-client