Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/rXRZPI6vWfsZdvywL16oULU80fw.roa
File: rXRZPI6vWfsZdvywL16oULU80fw.roa (raw, json)
Hash identifier: mdvvVS3Omn9P1Omu/i4JkqV1mkgWMKHDZeaFkDsUkcw=
Subject key identifier: AD:74:59:3C:8E:AF:59:FB:19:76:FC:B0:2F:5E:A8:50:B5:3C:D1:FC
Certificate issuer: /CN=abf0a84ff8f5057f9491defbe6ad55eeae98cc06
Certificate serial: 018570FBC101352F11A245B5EB05E67BFA72
Authority key identifier: AB:F0:A8:4F:F8:F5:05:7F:94:91:DE:FB:E6:AD:55:EE:AE:98:CC:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_CoT_j1BX-Ukd775q1V7q6YzAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/rXRZPI6vWfsZdvywL16oULU80fw.roa
Signing time: Mon 02 Jan 2023 05:37:05 +0000
ROA not before: Mon 02 Jan 2023 05:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197663
IP address blocks: 91.240.52.0/24 maxlen: 24
91.240.55.0/24 maxlen: 24
91.240.54.0/24 maxlen: 24
91.240.53.0/24 maxlen: 24
195.47.243.0/24 maxlen: 24
193.35.111.0/24 maxlen: 24
91.225.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c1:01:35:2f:11:a2:45:b5:eb:05:e6:7b:fa:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf0a84ff8f5057f9491defbe6ad55eeae98cc06
Validity
Not Before: Jan 2 05:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad74593c8eaf59fb1976fcb02f5ea850b53cd1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a1:0f:89:60:68:e5:a3:f8:12:53:10:91:ab:
1f:5b:5e:75:4e:4d:e0:db:1d:a7:86:26:1c:be:d3:
2a:d9:50:3f:80:5b:c5:ef:20:19:fd:0b:c7:36:43:
f9:08:79:29:3f:db:bb:07:98:4f:bd:13:75:a0:cc:
e9:75:5f:be:68:d1:c5:8f:38:e4:3b:0f:b9:d5:f1:
e1:f8:bd:48:54:e9:70:b7:2f:5f:f9:72:c0:18:17:
6f:e7:77:74:d5:47:ef:ad:f3:88:da:65:67:29:75:
25:51:12:89:36:27:b7:b0:ba:b1:12:0c:95:e0:91:
91:e7:c9:fe:e2:da:72:ba:dc:13:13:59:1b:b1:ab:
c7:ea:b8:fa:01:d8:bb:db:69:eb:da:40:0a:e9:fb:
72:33:b0:a8:88:33:06:a7:da:32:a5:9f:38:d9:d5:
2f:04:a5:8d:72:25:42:7e:1d:f1:b1:b5:09:85:66:
47:df:49:96:2b:91:92:4f:84:3f:0f:43:14:f5:49:
db:5b:3f:27:93:a4:49:42:2a:16:95:d8:6a:c6:78:
3f:76:5b:a4:ed:7b:18:a1:fa:98:aa:d7:ba:9d:77:
81:35:58:7c:2c:d0:59:28:96:1f:6d:63:1a:b6:2a:
a1:42:9f:18:3e:20:8b:ef:0b:53:67:67:5f:95:35:
ef:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:74:59:3C:8E:AF:59:FB:19:76:FC:B0:2F:5E:A8:50:B5:3C:D1:FC
X509v3 Authority Key Identifier:
keyid:AB:F0:A8:4F:F8:F5:05:7F:94:91:DE:FB:E6:AD:55:EE:AE:98:CC:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_CoT_j1BX-Ukd775q1V7q6YzAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/rXRZPI6vWfsZdvywL16oULU80fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/q_CoT_j1BX-Ukd775q1V7q6YzAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.96.0/22
91.240.52.0/22
193.35.111.0/24
195.47.243.0/24
Signature Algorithm: sha256WithRSAEncryption
40:b5:87:9a:25:d5:de:e1:73:a7:e2:e5:45:b2:99:6f:08:18:
98:c1:2e:59:a0:9a:d4:1a:9b:fd:f3:77:0b:29:14:e5:3b:31:
50:1b:7a:b0:ea:c9:c3:97:6b:f1:9b:4a:41:0c:67:de:6c:ea:
a5:46:9c:e1:24:0b:42:0e:b2:19:c5:c4:d1:82:a0:94:3c:e8:
f1:2b:ac:bc:98:ba:cd:e7:cb:7c:bd:58:1f:49:52:66:0c:b9:
02:f0:82:42:5b:f0:1c:b8:e8:f7:8a:d4:ab:2d:63:7c:2f:80:
19:e6:2f:b8:fa:ce:cf:98:79:91:fb:96:df:d4:39:2f:64:fc:
e6:d5:37:5e:91:dd:af:47:f1:2c:75:da:7d:7c:f7:1a:18:b0:
c3:91:28:a2:53:3b:6b:36:7c:3c:3e:65:c0:94:87:1d:e7:6c:
32:35:6a:4d:1d:7e:e2:b6:98:43:c0:98:20:72:ec:24:92:ca:
b6:f6:f1:f3:70:68:af:6a:ec:bc:4f:2b:e5:16:43:93:39:48:
e8:cf:ed:1c:61:6c:10:7c:1b:16:c6:68:e1:c9:76:ed:f3:6f:
44:95:04:e8:0c:7c:37:2d:ae:51:68:15:54:3b:79:b5:b1:22:
ce:61:7e:d7:32:24:30:f4:b3:67:3c:e5:b2:3c:e4:46:75:5a:
0f:29:96:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw+8EBNS8RokW16wXme/pyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjBhODRmZjhmNTA1N2Y5NDkxZGVmYmU2YWQ1NWVlYWU5
OGNjMDYwHhcNMjMwMTAyMDUzNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc0NTkzYzhlYWY1OWZiMTk3NmZjYjAyZjVlYTg1MGI1M2NkMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KEPiWBo5aP4ElMQkasfW151Tk3g
2x2nhiYcvtMq2VA/gFvF7yAZ/QvHNkP5CHkpP9u7B5hPvRN1oMzpdV++aNHFjzjk
Ow+51fHh+L1IVOlwty9f+XLAGBdv53d01UfvrfOI2mVnKXUlURKJNie3sLqxEgyV
4JGR58n+4tpyutwTE1kbsavH6rj6Adi722nr2kAK6ftyM7CoiDMGp9oypZ842dUv
BKWNciVCfh3xsbUJhWZH30mWK5GST4Q/D0MU9UnbWz8nk6RJQioWldhqxng/dluk
7XsYofqYqte6nXeBNVh8LNBZKJYfbWMatiqhQp8YPiCL7wtTZ2dflTXvXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK10WTyOr1n7GXb8sC9eqFC1PNH8MB8GA1UdIwQY
MBaAFKvwqE/49QV/lJHe++atVe6umMwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9Db1RfajFCWC1Va2Q3NzVxMVY3cTZZekFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mOThiZDQtZGUwNy00MmNkLTk4NDgt
OTQ0Y2ExYTgwYjE4LzEvclhSWlBJNnZXZnNaZHZ5d0wxNm9VTFU4MGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mOThiZDQtZGUwNy00MmNkLTk4NDgtOTQ0Y2ExYTgwYjE4
LzEvcV9Db1RfajFCWC1Va2Q3NzVxMVY3cTZZekFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+FgAwQC
W/A0AwQAwSNvAwQAwy/zMA0GCSqGSIb3DQEBCwUAA4IBAQBAtYeaJdXe4XOn4uVF
splvCBiYwS5ZoJrUGpv983cLKRTlOzFQG3qw6snDl2vxm0pBDGfebOqlRpzhJAtC
DrIZxcTRgqCUPOjxK6y8mLrN58t8vVgfSVJmDLkC8IJCW/AcuOj3itSrLWN8L4AZ
5i+4+s7PmHmR+5bf1DkvZPzm1Tdekd2vR/Esddp9fPcaGLDDkSiiUztrNnw8PmXA
lIcd52wyNWpNHX7itphDwJggcuwkksq29vHzcGivauy8TyvlFkOTOUjoz+0cYWwQ
fBsWxmjhyXbt829ElQToDHw3La5RaBVUO3m1sSLOYX7XMiQw9LNnPOWyPORGdVoP
KZYs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:07 2025 by rpki-client