Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/lyH8MNaAv0_YGZ4r1dS2xdrDfjk.roa
File: lyH8MNaAv0_YGZ4r1dS2xdrDfjk.roa (raw, json)
Hash identifier: Lv5TNz6cZucD7VRxLGxod15tgIqqKph29XqZ6htZPtA=
Subject key identifier: 97:21:FC:30:D6:80:BF:4F:D8:19:9E:2B:D5:D4:B6:C5:DA:C3:7E:39
Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678
Certificate serial: 01856CF85B90EE05838F855842D616620B96
Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/lyH8MNaAv0_YGZ4r1dS2xdrDfjk.roa
Signing time: Sun 01 Jan 2023 10:54:53 +0000
ROA not before: Sun 01 Jan 2023 10:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38970
IP address blocks: 91.213.178.0/24 maxlen: 24
2001:67c:50::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:5b:90:ee:05:83:8f:85:58:42:d6:16:62:0b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678
Validity
Not Before: Jan 1 10:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9721fc30d680bf4fd8199e2bd5d4b6c5dac37e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:21:b5:4f:82:89:56:cc:c4:c0:c5:f4:14:
09:c0:39:8f:d5:5e:d4:88:13:53:be:5a:8d:c2:1c:
a1:3f:f0:d1:26:70:0b:c2:53:74:84:c7:f8:5c:2b:
c9:7b:f6:0f:6a:f2:8c:1e:57:55:5d:f8:39:8d:05:
29:c1:31:82:9e:f4:26:77:ce:ba:45:d2:b4:ac:4d:
51:f3:d6:d6:34:51:66:0e:5f:76:4b:2f:2c:02:d2:
a7:6c:d7:21:70:58:ad:74:17:83:16:5f:56:63:d6:
ce:cc:22:56:08:ab:84:90:62:3b:2f:83:d2:50:9d:
a5:5d:a5:63:41:54:ec:62:44:8c:a3:0b:32:dd:2f:
51:3d:35:16:ba:a1:f9:88:79:3e:ef:e4:da:7e:ba:
86:4e:cb:09:e1:ed:48:97:bc:7c:06:87:42:3c:e5:
9f:2e:87:28:b2:82:8d:61:f5:4e:db:b1:8a:cc:c3:
82:4f:f9:b7:f0:34:49:d3:8b:51:33:2c:e4:45:6a:
fa:47:62:3b:dc:83:e3:99:ce:9f:fd:d0:44:24:28:
9c:8d:05:8e:e7:c8:1c:da:ee:5e:11:52:59:bf:34:
dc:39:ad:73:82:cb:93:d2:7e:07:d1:ac:ad:d3:c0:
1d:33:31:f5:7f:7a:c9:cd:7c:e7:38:02:31:78:b5:
57:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:21:FC:30:D6:80:BF:4F:D8:19:9E:2B:D5:D4:B6:C5:DA:C3:7E:39
X509v3 Authority Key Identifier:
keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/lyH8MNaAv0_YGZ4r1dS2xdrDfjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.178.0/24
IPv6:
2001:67c:50::/48
Signature Algorithm: sha256WithRSAEncryption
92:85:11:73:f6:ab:a0:53:84:ca:80:f1:77:8b:15:7c:eb:6c:
86:7c:13:92:b6:cf:6d:b2:a2:27:8f:e8:3c:4e:5b:da:b4:c7:
22:5b:78:7a:77:23:a6:85:75:9e:9d:d1:39:a9:6d:29:95:4f:
b8:0e:93:2f:a6:bd:b7:de:14:5b:f5:70:fe:39:05:dc:23:ff:
de:f9:61:a1:3e:14:1d:0d:d1:b4:fb:d5:d5:e7:7e:74:1b:33:
ce:e9:64:88:1a:46:13:c1:90:d6:19:8a:9d:7b:9f:e3:d7:85:
01:c8:76:25:5b:ea:d3:91:fa:07:ef:17:61:ea:1e:10:20:4c:
87:ec:63:ed:1f:fd:4e:91:db:b1:23:11:3e:c4:78:25:aa:3d:
7d:0d:53:78:06:83:53:07:28:f6:69:11:68:c8:8b:60:77:80:
29:d9:25:ed:46:29:47:03:bf:7d:5b:1c:53:31:87:ac:51:f2:
c1:fb:68:3c:37:1b:3b:bd:f7:a8:85:36:4a:1d:e9:59:05:c7:
43:34:ba:c3:7c:9b:1e:57:fb:9a:28:e6:12:99:d8:25:e6:39:
c9:d5:1f:0f:dd:7d:bd:b0:5e:8e:9a:7c:5a:25:c5:23:e2:52:
35:9d:a3:ae:7c:ab:ba:1f:3e:66:74:4f:0f:d4:c5:8c:2c:45:
b8:cf:ac:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs+FuQ7gWDj4VYQtYWYguWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh
OGE2NzgwHhcNMjMwMTAxMTA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzIxZmMzMGQ2ODBiZjRmZDgxOTllMmJkNWQ0YjZjNWRhYzM3ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLchtU+CiVbMxMDF9BQJwDmP1V7U
iBNTvlqNwhyhP/DRJnALwlN0hMf4XCvJe/YPavKMHldVXfg5jQUpwTGCnvQmd866
RdK0rE1R89bWNFFmDl92Sy8sAtKnbNchcFitdBeDFl9WY9bOzCJWCKuEkGI7L4PS
UJ2lXaVjQVTsYkSMowsy3S9RPTUWuqH5iHk+7+TafrqGTssJ4e1Il7x8BodCPOWf
LocosoKNYfVO27GKzMOCT/m38DRJ04tRMyzkRWr6R2I73IPjmc6f/dBEJCicjQWO
58gc2u5eEVJZvzTcOa1zgsuT0n4H0ayt08AdMzH1f3rJzXznOAIxeLVXZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJch/DDWgL9P2BmeK9XUtsXaw345MB8GA1UdIwQY
MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt
NTRkYTA0NjhmZGFkLzEvbHlIOE1OYUF2MF9ZR1o0cjFkUzJ4ZHJEZmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk
LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9WyMA8E
AgACMAkDBwAgAQZ8AFAwDQYJKoZIhvcNAQELBQADggEBAJKFEXP2q6BThMqA8XeL
FXzrbIZ8E5K2z22yoieP6DxOW9q0xyJbeHp3I6aFdZ6d0TmpbSmVT7gOky+mvbfe
FFv1cP45Bdwj/975YaE+FB0N0bT71dXnfnQbM87pZIgaRhPBkNYZip17n+PXhQHI
diVb6tOR+gfvF2HqHhAgTIfsY+0f/U6R27EjET7EeCWqPX0NU3gGg1MHKPZpEWjI
i2B3gCnZJe1GKUcDv31bHFMxh6xR8sH7aDw3Gzu996iFNkod6VkFx0M0usN8mx5X
+5oo5hKZ2CXmOcnVHw/dfb2wXo6afFolxSPiUjWdo658q7ofPmZ0Tw/UxYwsRbjP
rGI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:33 2025 by rpki-client