Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8f076d-f0e9-42b4-ad5f-7312063ffa7f/1/IdSH0kcqaixS19YVyknFuCMsjjI.roa
File: IdSH0kcqaixS19YVyknFuCMsjjI.roa (raw, json)
Hash identifier: QDw8ySu6Mur/psg5c0ewDf4Lr4KUREjHao4G9QBTWxY=
Subject key identifier: 21:D4:87:D2:47:2A:6A:2C:52:D7:D6:15:CA:49:C5:B8:23:2C:8E:32
Certificate issuer: /CN=6342600bf1cc9216ae6fe169a1e9d5418ad93a22
Certificate serial: 01856DA63CA4301834B83D2C1DC34356015D
Authority key identifier: 63:42:60:0B:F1:CC:92:16:AE:6F:E1:69:A1:E9:D5:41:8A:D9:3A:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0JgC_HMkhaub-FpoenVQYrZOiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8f076d-f0e9-42b4-ad5f-7312063ffa7f/1/IdSH0kcqaixS19YVyknFuCMsjjI.roa
Signing time: Sun 01 Jan 2023 14:04:48 +0000
ROA not before: Sun 01 Jan 2023 14:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44704
IP address blocks: 91.206.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:3c:a4:30:18:34:b8:3d:2c:1d:c3:43:56:01:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6342600bf1cc9216ae6fe169a1e9d5418ad93a22
Validity
Not Before: Jan 1 14:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21d487d2472a6a2c52d7d615ca49c5b8232c8e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e6:71:3e:ed:bc:48:a4:f4:39:6e:1d:1b:58:
4e:41:23:e5:e5:4f:bb:4b:81:ae:86:f2:f3:8b:b1:
fc:91:a8:ce:67:f8:76:7b:cc:96:33:0b:8e:67:7d:
61:52:c9:ed:0b:1e:e2:ff:1d:eb:b5:fb:ae:00:83:
42:2f:12:79:c1:73:99:dd:52:0e:18:91:99:40:45:
9d:2e:ec:0c:1b:7c:7c:31:93:f9:6f:91:4f:a2:d0:
19:26:20:f3:52:20:c3:c1:69:26:39:93:4f:63:f0:
87:8f:f3:3b:21:f0:4b:e0:03:78:a8:8b:0f:db:0b:
99:c7:58:5c:93:77:1c:d3:9e:c7:8c:0d:cb:cd:e3:
11:80:9b:18:b3:59:83:3c:69:ed:c9:1a:f3:82:9d:
11:16:7c:f6:25:ab:08:c0:6e:03:f1:e6:0a:71:8b:
b3:f8:7f:a3:36:e1:6d:4c:dc:93:2f:5b:28:4f:0e:
ef:4e:7c:1e:50:bd:e9:73:80:40:ee:5b:d3:c7:bb:
2a:04:23:05:01:55:a5:6d:0a:ea:01:92:72:1a:7d:
9d:a6:7d:59:1c:fd:22:11:63:ec:05:58:53:37:a7:
a2:ba:3a:c3:51:9b:d5:f0:56:5b:3c:06:e0:6b:d5:
2e:a6:a8:9d:cc:16:f0:38:e1:9f:f4:68:33:9c:d1:
e9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D4:87:D2:47:2A:6A:2C:52:D7:D6:15:CA:49:C5:B8:23:2C:8E:32
X509v3 Authority Key Identifier:
keyid:63:42:60:0B:F1:CC:92:16:AE:6F:E1:69:A1:E9:D5:41:8A:D9:3A:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0JgC_HMkhaub-FpoenVQYrZOiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8f076d-f0e9-42b4-ad5f-7312063ffa7f/1/IdSH0kcqaixS19YVyknFuCMsjjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8f076d-f0e9-42b4-ad5f-7312063ffa7f/1/Y0JgC_HMkhaub-FpoenVQYrZOiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.100.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:e5:fb:da:19:91:6b:c3:ce:fc:b4:52:33:74:31:4a:a3:32:
a9:5b:61:04:79:51:cb:72:bf:be:66:ce:96:2b:8e:e5:77:44:
ad:ca:50:40:82:d4:e8:dc:7c:50:60:38:dd:dd:7e:68:16:df:
50:a2:d7:d4:cf:70:ba:f2:73:8c:60:4d:b7:13:44:04:34:a4:
ca:82:d9:7b:f1:6d:2f:c9:f7:3d:7e:12:c6:9b:df:c6:1c:79:
1f:9a:80:0a:09:49:aa:e4:8a:04:82:3c:79:d6:cb:b2:4f:fc:
83:c9:b0:41:da:de:21:52:c2:af:1b:f3:4b:04:de:e7:21:91:
15:c3:b2:14:33:43:40:59:c1:18:d9:ee:4f:20:08:40:8e:27:
59:6c:18:7e:02:24:b7:cc:fd:65:35:35:2c:42:78:5b:bb:19:
f7:24:c0:8e:2e:69:82:15:73:a0:87:e6:4c:53:3b:2b:7b:3a:
ff:b5:ce:6e:4f:2f:d2:30:51:c2:8d:f8:77:c3:8d:05:38:02:
15:14:a8:63:33:51:e2:9f:66:8d:d7:30:49:89:02:f4:8d:83:
bc:fe:7d:d9:f4:c8:3f:74:4d:96:af:c1:8d:13:6b:2b:15:de:
6f:88:36:6e:33:9c:f3:58:08:02:38:17:b7:0e:2f:4f:3c:a4:
68:80:78:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpjykMBg0uD0sHcNDVgFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDI2MDBiZjFjYzkyMTZhZTZmZTE2OWExZTlkNTQxOGFk
OTNhMjIwHhcNMjMwMTAxMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ0ODdkMjQ3MmE2YTJjNTJkN2Q2MTVjYTQ5YzViODIzMmM4ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuZxPu28SKT0OW4dG1hOQSPl5U+7
S4GuhvLzi7H8kajOZ/h2e8yWMwuOZ31hUsntCx7i/x3rtfuuAINCLxJ5wXOZ3VIO
GJGZQEWdLuwMG3x8MZP5b5FPotAZJiDzUiDDwWkmOZNPY/CHj/M7IfBL4AN4qIsP
2wuZx1hck3cc057HjA3LzeMRgJsYs1mDPGntyRrzgp0RFnz2JasIwG4D8eYKcYuz
+H+jNuFtTNyTL1soTw7vTnweUL3pc4BA7lvTx7sqBCMFAVWlbQrqAZJyGn2dpn1Z
HP0iEWPsBVhTN6eiujrDUZvV8FZbPAbga9UupqidzBbwOOGf9GgznNHpuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHUh9JHKmosUtfWFcpJxbgjLI4yMB8GA1UdIwQY
MBaAFGNCYAvxzJIWrm/haaHp1UGK2ToiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBKZ0NfSE1raGF1Yi1GcG9lblZRWXJaT2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZjA3NmQtZjBlOS00MmI0LWFkNWYt
NzMxMjA2M2ZmYTdmLzEvSWRTSDBrY3FhaXhTMTlZVnlrbkZ1Q01zampJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZjA3NmQtZjBlOS00MmI0LWFkNWYtNzMxMjA2M2ZmYTdm
LzEvWTBKZ0NfSE1raGF1Yi1GcG9lblZRWXJaT2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW85kMA0G
CSqGSIb3DQEBCwUAA4IBAQCs5fvaGZFrw878tFIzdDFKozKpW2EEeVHLcr++Zs6W
K47ld0StylBAgtTo3HxQYDjd3X5oFt9QotfUz3C68nOMYE23E0QENKTKgtl78W0v
yfc9fhLGm9/GHHkfmoAKCUmq5IoEgjx51suyT/yDybBB2t4hUsKvG/NLBN7nIZEV
w7IUM0NAWcEY2e5PIAhAjidZbBh+AiS3zP1lNTUsQnhbuxn3JMCOLmmCFXOgh+ZM
Uzsrezr/tc5uTy/SMFHCjfh3w40FOAIVFKhjM1Hin2aN1zBJiQL0jYO8/n3Z9Mg/
dE2Wr8GNE2srFd5viDZuM5zzWAgCOBe3Di9PPKRogHgz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:01 2025 by rpki-client