Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/Sr1JH6RgkpYaZIb2ZCu_Kb3ncmE.roa
File: Sr1JH6RgkpYaZIb2ZCu_Kb3ncmE.roa (raw, json)
Hash identifier: mz2OT25GG0kQyyh7fN2WaQc3FNJ7XlZ/4oTS6u7G6Rs=
Subject key identifier: 4A:BD:49:1F:A4:60:92:96:1A:64:86:F6:64:2B:BF:29:BD:E7:72:61
Certificate issuer: /CN=990c4bb38e35cd70320eb791520c6cad34a4b271
Certificate serial: 01857246E86717911D0C74AD7D02DF6FAD26
Authority key identifier: 99:0C:4B:B3:8E:35:CD:70:32:0E:B7:91:52:0C:6C:AD:34:A4:B2:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQxLs441zXAyDreRUgxsrTSksnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/Sr1JH6RgkpYaZIb2ZCu_Kb3ncmE.roa
Signing time: Mon 02 Jan 2023 11:38:47 +0000
ROA not before: Mon 02 Jan 2023 11:38:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56505
IP address blocks: 91.223.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e8:67:17:91:1d:0c:74:ad:7d:02:df:6f:ad:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=990c4bb38e35cd70320eb791520c6cad34a4b271
Validity
Not Before: Jan 2 11:38:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4abd491fa46092961a6486f6642bbf29bde77261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3f:03:fd:81:28:ef:f8:e6:f5:4c:29:03:74:
0c:6c:15:9e:3d:fc:18:6a:d1:05:f8:15:15:f6:b6:
29:7c:25:4f:00:0c:c4:be:67:89:d1:4b:cd:aa:bf:
b0:9b:f6:13:f0:7f:e0:7a:00:4a:d7:60:a0:92:e8:
63:1f:a4:83:ea:99:a8:dd:3b:8e:3c:73:ec:6d:1c:
c2:5c:bd:64:8c:ce:ee:60:46:8e:1a:10:f1:40:43:
74:1d:22:6f:96:2b:1c:55:f5:aa:bd:82:05:e2:e2:
28:53:c9:20:ae:e4:91:e1:b1:57:bf:68:9f:21:79:
c1:84:27:37:64:1f:5e:36:0f:19:16:ec:7c:d5:89:
1c:17:82:40:ca:dd:7a:dc:d9:93:03:90:63:f9:f6:
1c:0d:b8:2f:ac:5e:b2:f3:5f:2a:74:9f:13:15:0d:
67:92:46:03:ad:3b:04:5c:59:df:13:81:e3:d8:65:
44:ee:d7:41:4b:ef:a2:60:1d:a5:7e:2f:36:32:18:
c9:0b:dd:35:9e:03:21:6e:6e:3c:9e:ff:4a:c3:4a:
fd:99:da:9b:19:6d:56:1a:7d:b6:fa:44:f6:64:93:
bb:99:c1:83:0e:3d:0c:bc:0b:6a:c8:0a:56:21:ff:
58:44:f0:da:5b:54:31:fe:a7:1d:2b:4e:29:31:95:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BD:49:1F:A4:60:92:96:1A:64:86:F6:64:2B:BF:29:BD:E7:72:61
X509v3 Authority Key Identifier:
keyid:99:0C:4B:B3:8E:35:CD:70:32:0E:B7:91:52:0C:6C:AD:34:A4:B2:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQxLs441zXAyDreRUgxsrTSksnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/Sr1JH6RgkpYaZIb2ZCu_Kb3ncmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/mQxLs441zXAyDreRUgxsrTSksnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.198.0/24
Signature Algorithm: sha256WithRSAEncryption
86:67:f5:ec:b5:df:f6:f1:46:b6:d8:0c:79:81:bc:a7:cb:25:
1d:35:76:23:de:ad:77:61:b5:0d:ab:81:71:28:08:3b:c4:8c:
ad:96:9c:31:b5:b8:f4:b3:1c:e8:ae:07:5d:2e:25:f8:0b:20:
8c:b8:f4:95:10:92:69:bd:f7:46:be:ff:3d:ab:6b:a3:b1:15:
24:4d:d9:83:40:79:4f:8a:ae:78:b0:51:94:a6:2a:57:4d:50:
65:b3:1e:15:16:56:58:3b:f9:1b:20:5d:15:fa:00:35:36:fa:
c6:db:38:2c:86:43:c9:e9:b2:33:34:9e:a5:31:6c:68:89:74:
24:0a:a7:ea:79:16:b5:8e:f4:2e:61:12:24:9b:fe:92:66:eb:
2b:19:d2:b8:1a:2a:f9:71:ad:1b:2b:80:fa:54:e2:3b:52:6b:
9a:26:d0:23:0a:e8:de:97:99:de:d7:a3:7c:7b:da:eb:9b:a4:
33:f5:21:46:65:18:b5:ef:72:af:44:cc:b5:fd:fd:56:5d:cf:
6d:8b:d9:e7:2d:5f:95:64:93:61:af:4d:1f:d4:67:8b:88:8b:
40:2c:35:bf:75:7d:f2:c1:18:f4:63:63:14:0d:cc:c1:50:6c:
b2:2f:4b:12:2a:bf:eb:90:6e:09:ab:61:10:aa:1d:3d:78:4a:
bc:5f:1d:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRuhnF5EdDHStfQLfb60mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MGM0YmIzOGUzNWNkNzAzMjBlYjc5MTUyMGM2Y2FkMzRh
NGIyNzEwHhcNMjMwMTAyMTEzODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJkNDkxZmE0NjA5Mjk2MWE2NDg2ZjY2NDJiYmYyOWJkZTc3MjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD8D/YEo7/jm9UwpA3QMbBWePfwY
atEF+BUV9rYpfCVPAAzEvmeJ0UvNqr+wm/YT8H/gegBK12CgkuhjH6SD6pmo3TuO
PHPsbRzCXL1kjM7uYEaOGhDxQEN0HSJvliscVfWqvYIF4uIoU8kgruSR4bFXv2if
IXnBhCc3ZB9eNg8ZFux81YkcF4JAyt163NmTA5Bj+fYcDbgvrF6y818qdJ8TFQ1n
kkYDrTsEXFnfE4Hj2GVE7tdBS++iYB2lfi82MhjJC901ngMhbm48nv9Kw0r9mdqb
GW1WGn22+kT2ZJO7mcGDDj0MvAtqyApWIf9YRPDaW1Qx/qcdK04pMZVTZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEq9SR+kYJKWGmSG9mQrvym953JhMB8GA1UdIwQY
MBaAFJkMS7OONc1wMg63kVIMbK00pLJxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVF4THM0NDF6WEF5RHJlUlVneHNyVFNrc25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80NGM0MmMtMWU2OC00YWFiLTgzOWQt
OTU5M2UzYTQzNzI1LzEvU3IxSkg2UmdrcFlhWkliMlpDdV9LYjNuY21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80NGM0MmMtMWU2OC00YWFiLTgzOWQtOTU5M2UzYTQzNzI1
LzEvbVF4THM0NDF6WEF5RHJlUlVneHNyVFNrc25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/GMA0G
CSqGSIb3DQEBCwUAA4IBAQCGZ/Xstd/28Ua22Ax5gbynyyUdNXYj3q13YbUNq4Fx
KAg7xIytlpwxtbj0sxzorgddLiX4CyCMuPSVEJJpvfdGvv89q2ujsRUkTdmDQHlP
iq54sFGUpipXTVBlsx4VFlZYO/kbIF0V+gA1NvrG2zgshkPJ6bIzNJ6lMWxoiXQk
CqfqeRa1jvQuYRIkm/6SZusrGdK4Gir5ca0bK4D6VOI7UmuaJtAjCujel5ne16N8
e9rrm6Qz9SFGZRi173KvRMy1/f1WXc9ti9nnLV+VZJNhr00f1GeLiItALDW/dX3y
wRj0Y2MUDczBUGyyL0sSKr/rkG4Jq2EQqh09eEq8Xx2E
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:48 2025 by rpki-client