Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/29ALFjZyRJCJsxvk5C3NQMXMrCY.roa
File: 29ALFjZyRJCJsxvk5C3NQMXMrCY.roa (raw, json)
Hash identifier: TF7CzrEicxfbPNZ5mF8AqIZzZvQIO8Cf/v7kOuHEbdg=
Subject key identifier: DB:D0:0B:16:36:72:44:90:89:B3:1B:E4:E4:2D:CD:40:C5:CC:AC:26
Certificate issuer: /CN=1b646d42ce89d4093e4ac927a7f236f37a51abe2
Certificate serial: 01828E181FD6AA939BC532D3397230FA7CA7
Authority key identifier: 1B:64:6D:42:CE:89:D4:09:3E:4A:C9:27:A7:F2:36:F3:7A:51:AB:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2RtQs6J1Ak-Ssknp_I283pRq-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/29ALFjZyRJCJsxvk5C3NQMXMrCY.roa
Signing time: Thu 11 Aug 2022 18:08:41 +0000
ROA not before: Thu 11 Aug 2022 18:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33843
IP address blocks: 91.206.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:18:1f:d6:aa:93:9b:c5:32:d3:39:72:30:fa:7c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b646d42ce89d4093e4ac927a7f236f37a51abe2
Validity
Not Before: Aug 11 18:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbd00b163672449089b31be4e42dcd40c5ccac26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:97:7f:fa:39:e0:d8:47:e4:d0:1d:96:de:e9:
0b:ae:0a:27:e1:31:28:08:9a:bb:bb:1d:b1:1d:21:
0a:ba:f8:11:98:31:fb:72:d9:4f:a0:0f:f1:19:72:
0e:34:46:7d:26:6a:92:93:a9:61:91:b9:32:aa:54:
54:23:60:68:46:4f:08:53:6e:64:c6:cf:6d:4a:d3:
50:2e:67:6c:18:26:a2:c4:ed:05:45:aa:d9:ac:26:
ca:3d:30:23:29:bf:75:5f:6b:3a:2f:be:cd:2d:d7:
ac:63:98:f8:78:1f:c4:a8:c0:a6:d3:87:b0:b2:84:
cc:1e:eb:3e:e4:0f:c2:0b:cc:1f:53:cf:5b:a6:4a:
63:ba:7b:56:79:99:ab:41:ea:cb:68:84:2c:96:75:
c8:2c:9a:66:97:31:b0:4c:85:65:59:d6:49:9c:0d:
35:6d:f0:b8:d0:38:5f:5a:51:ef:bf:ad:4b:3d:c9:
fd:59:82:00:af:ba:16:45:39:10:41:1e:f8:65:79:
c2:40:54:a1:d3:e0:92:45:f5:ab:0a:3f:a4:4e:d7:
ad:2b:df:8b:be:b2:6d:ca:5f:ae:53:1b:d7:ba:04:
b7:ba:e6:d0:e9:bb:ef:7f:ac:87:39:be:e3:72:bf:
a4:cb:40:47:7c:97:af:83:a8:fd:d0:56:91:eb:1a:
53:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D0:0B:16:36:72:44:90:89:B3:1B:E4:E4:2D:CD:40:C5:CC:AC:26
X509v3 Authority Key Identifier:
keyid:1B:64:6D:42:CE:89:D4:09:3E:4A:C9:27:A7:F2:36:F3:7A:51:AB:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2RtQs6J1Ak-Ssknp_I283pRq-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/29ALFjZyRJCJsxvk5C3NQMXMrCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/G2RtQs6J1Ak-Ssknp_I283pRq-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.46.0/23
Signature Algorithm: sha256WithRSAEncryption
80:d3:8b:5c:48:21:d5:8d:71:88:2e:7f:96:1e:b1:14:f1:d2:
8d:0e:09:21:49:a2:ce:59:99:51:56:5d:0c:ad:0a:18:c9:cd:
e9:43:d4:fd:92:5c:ef:57:50:b1:cc:75:9f:4c:8d:88:5c:3b:
b4:8b:d3:47:a6:73:61:72:3c:3f:63:a7:24:37:e6:3a:e1:02:
bf:30:72:c0:12:e3:e3:e7:16:e8:92:35:62:5e:81:48:30:83:
7d:97:44:7f:10:ce:93:57:e2:55:fe:0a:e6:bb:e7:64:95:97:
28:76:5a:c4:65:7c:f9:6b:f2:44:f9:0f:6e:49:4c:50:a6:4d:
32:53:76:2e:61:cd:0c:c7:e6:7b:ff:24:f4:72:84:2f:65:82:
b9:de:5e:64:fb:b9:9f:94:c4:9e:12:2d:31:95:4d:ec:87:a4:
1f:15:17:65:90:53:9a:ed:f4:ac:85:51:d7:45:a2:2e:22:51:
57:70:93:be:a2:83:b1:2a:b4:62:21:ee:ae:4b:b1:8c:2d:3f:
eb:83:42:a4:b2:c0:b8:49:16:d6:2b:97:44:ef:6c:a0:e6:a6:
ef:7d:50:85:20:fb:de:30:66:f9:df:62:cc:aa:49:32:03:27:
61:ba:41:36:49:d8:8e:14:8f:29:20:2b:7a:b7:c6:a5:6a:56:
bf:ab:c6:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKOGB/WqpObxTLTOXIw+nynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjQ2ZDQyY2U4OWQ0MDkzZTRhYzkyN2E3ZjIzNmYzN2E1
MWFiZTIwHhcNMjIwODExMTgwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQwMGIxNjM2NzI0NDkwODliMzFiZTRlNDJkY2Q0MGM1Y2NhYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJd/+jng2Efk0B2W3ukLrgon4TEo
CJq7ux2xHSEKuvgRmDH7ctlPoA/xGXIONEZ9JmqSk6lhkbkyqlRUI2BoRk8IU25k
xs9tStNQLmdsGCaixO0FRarZrCbKPTAjKb91X2s6L77NLdesY5j4eB/EqMCm04ew
soTMHus+5A/CC8wfU89bpkpjuntWeZmrQerLaIQslnXILJpmlzGwTIVlWdZJnA01
bfC40DhfWlHvv61LPcn9WYIAr7oWRTkQQR74ZXnCQFSh0+CSRfWrCj+kTtetK9+L
vrJtyl+uUxvXugS3uubQ6bvvf6yHOb7jcr+ky0BHfJevg6j90FaR6xpT3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvQCxY2ckSQibMb5OQtzUDFzKwmMB8GA1UdIwQY
MBaAFBtkbULOidQJPkrJJ6fyNvN6UaviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJSdFFzNkoxQWstU3NrbnBfSTI4M3BScS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kZjFiY2MtMDIwMC00NmNiLWE5MzMt
NjYzNDBiYmZmMGI5LzEvMjlBTEZqWnlSSkNKc3h2azVDM05RTVhNckNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kZjFiY2MtMDIwMC00NmNiLWE5MzMtNjYzNDBiYmZmMGI5
LzEvRzJSdFFzNkoxQWstU3NrbnBfSTI4M3BScS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW84uMA0G
CSqGSIb3DQEBCwUAA4IBAQCA04tcSCHVjXGILn+WHrEU8dKNDgkhSaLOWZlRVl0M
rQoYyc3pQ9T9klzvV1CxzHWfTI2IXDu0i9NHpnNhcjw/Y6ckN+Y64QK/MHLAEuPj
5xbokjViXoFIMIN9l0R/EM6TV+JV/grmu+dklZcodlrEZXz5a/JE+Q9uSUxQpk0y
U3YuYc0Mx+Z7/yT0coQvZYK53l5k+7mflMSeEi0xlU3sh6QfFRdlkFOa7fSshVHX
RaIuIlFXcJO+ooOxKrRiIe6uS7GMLT/rg0KkssC4SRbWK5dE72yg5qbvfVCFIPve
MGb532LMqkkyAydhukE2SdiOFI8pICt6t8alala/q8Zg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:25 2025 by rpki-client