Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/R5rCQiaHYwUNzQUZ7Du5VQxrgpE.roa
File: R5rCQiaHYwUNzQUZ7Du5VQxrgpE.roa (raw, json)
Hash identifier: jOV2BYK+aStUU5p0gLkipuGcX+ORwZrrQZitiACxJjs=
Subject key identifier: 47:9A:C2:42:26:87:63:05:0D:CD:05:19:EC:3B:B9:55:0C:6B:82:91
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018992B29F9A4BE06B15F9A9F0DA33E59B8F
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/R5rCQiaHYwUNzQUZ7Du5VQxrgpE.roa
Signing time: Wed 26 Jul 2023 14:55:27 +0000
ROA not before: Wed 26 Jul 2023 14:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51264
IP address blocks: 91.228.218.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:b2:9f:9a:4b:e0:6b:15:f9:a9:f0:da:33:e5:9b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Jul 26 14:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=479ac242268763050dcd0519ec3bb9550c6b8291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8b:53:cb:22:d8:41:92:72:bb:4b:ed:13:bc:
f9:67:76:60:5c:2a:5e:d5:e5:60:ec:ef:15:88:bc:
30:03:06:cf:5e:10:54:b9:b1:01:30:68:ce:ae:75:
07:f6:74:7a:47:3a:a4:79:0f:29:12:cd:09:0a:5b:
00:cd:e6:82:56:e7:ca:e5:26:46:a0:21:de:65:f0:
c7:78:01:53:e9:73:34:fc:1c:1e:29:21:86:95:58:
4f:10:fd:af:af:12:67:48:6b:d9:4d:22:05:12:d3:
d8:c1:29:37:cc:2c:b3:9e:60:13:6a:1b:0c:f3:0b:
88:b5:7f:e3:16:8d:6a:e6:a8:e6:7c:f8:8e:b5:ec:
26:f5:93:61:6b:9d:ae:e9:24:0c:46:94:63:e2:21:
b7:8c:e4:2b:6a:34:9b:9e:ec:50:de:ed:ac:6c:9c:
bf:83:ce:10:b7:ef:97:0d:81:5a:b8:9e:b2:3e:e5:
81:e1:94:5b:5d:9a:66:5f:90:a7:7e:00:02:12:46:
da:ce:34:5b:b8:42:15:7f:2e:a7:35:ae:2b:93:00:
e4:74:05:55:20:05:1a:cf:2a:95:60:3c:6c:56:9e:
85:d6:21:ce:d0:4b:70:9b:77:ad:89:2c:4a:fe:fb:
b0:70:ea:0e:b3:49:82:98:ef:ef:75:b6:06:4c:d7:
00:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9A:C2:42:26:87:63:05:0D:CD:05:19:EC:3B:B9:55:0C:6B:82:91
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/R5rCQiaHYwUNzQUZ7Du5VQxrgpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.218.0/24
194.143.146.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a5:9f:57:14:c3:99:66:89:94:e0:08:d8:88:42:5f:00:bb:
2e:25:f4:b4:a2:e2:f9:00:2d:6c:6e:2d:1a:40:63:84:38:00:
ff:20:8f:98:2b:01:c7:68:54:a7:1d:b1:9f:54:fc:97:60:e1:
98:6e:e4:c7:65:65:6f:98:bc:df:30:dd:e0:61:2c:60:0d:f5:
42:16:e4:60:35:f5:2c:aa:ef:10:0d:3c:d7:58:44:5c:96:e9:
1a:0f:c3:dc:e8:98:82:03:93:e1:4b:2c:b5:b9:da:81:96:25:
f2:22:5f:98:2b:7f:e0:cb:fe:bd:db:e4:7f:bd:e7:ee:6e:99:
8e:58:34:b0:ec:6c:a2:d1:a7:ae:48:2f:c2:e1:e9:9e:35:43:
69:f0:e3:9a:31:cf:3f:17:c0:e8:93:88:f2:6b:44:54:b4:ad:
df:97:64:ef:43:1b:d5:d6:5d:4d:29:af:88:f5:f5:91:29:c8:
70:3a:f4:cd:7e:da:cf:7f:2c:4e:61:06:45:4b:54:0e:85:f3:
4a:f8:54:7c:0e:f7:b8:b6:d9:dc:0d:7d:cc:27:08:bb:a4:97:
c8:77:88:c0:d0:d7:be:24:a9:bc:29:65:76:2d:79:80:32:9e:
19:ed:2e:11:f6:19:4a:9c:45:a9:fc:43:9e:8d:95:d4:a0:77:
7c:85:8f:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmSsp+aS+BrFfmp8Noz5ZuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjMwNzI2MTQ1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzlhYzI0MjI2ODc2MzA1MGRjZDA1MTllYzNiYjk1NTBjNmI4MjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoItTyyLYQZJyu0vtE7z5Z3ZgXCpe
1eVg7O8ViLwwAwbPXhBUubEBMGjOrnUH9nR6RzqkeQ8pEs0JClsAzeaCVufK5SZG
oCHeZfDHeAFT6XM0/BweKSGGlVhPEP2vrxJnSGvZTSIFEtPYwSk3zCyznmATahsM
8wuItX/jFo1q5qjmfPiOtewm9ZNha52u6SQMRpRj4iG3jOQrajSbnuxQ3u2sbJy/
g84Qt++XDYFauJ6yPuWB4ZRbXZpmX5CnfgACEkbazjRbuEIVfy6nNa4rkwDkdAVV
IAUazyqVYDxsVp6F1iHO0Etwm3etiSxK/vuwcOoOs0mCmO/vdbYGTNcAtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEeawkImh2MFDc0FGew7uVUMa4KRMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvUjVyQ1FpYUhZd1VOelFVWjdEdTVWUXhyZ3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+TaAwQA
wo+SMA0GCSqGSIb3DQEBCwUAA4IBAQA8pZ9XFMOZZomU4AjYiEJfALsuJfS0ouL5
AC1sbi0aQGOEOAD/II+YKwHHaFSnHbGfVPyXYOGYbuTHZWVvmLzfMN3gYSxgDfVC
FuRgNfUsqu8QDTzXWERclukaD8Pc6JiCA5PhSyy1udqBliXyIl+YK3/gy/692+R/
vefubpmOWDSw7Gyi0aeuSC/C4emeNUNp8OOaMc8/F8Dok4jya0RUtK3fl2TvQxvV
1l1NKa+I9fWRKchwOvTNftrPfyxOYQZFS1QOhfNK+FR8Dve4ttncDX3MJwi7pJfI
d4jA0Ne+JKm8KWV2LXmAMp4Z7S4R9hlKnEWp/EOejZXUoHd8hY+c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:51 2025 by rpki-client