Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/4fJXZ4OKgYVHxoslOw1RqaeiNjA.roa
File: 4fJXZ4OKgYVHxoslOw1RqaeiNjA.roa (raw, json)
Hash identifier: lFSURxk7GqFn2AtSZ11ymwevAn36NJg7+LZcZ/hxUgk=
Subject key identifier: E1:F2:57:67:83:8A:81:85:47:C6:8B:25:3B:0D:51:A9:A7:A2:36:30
Certificate issuer: /CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Certificate serial: 0185729ECE00C594E38BD3D2CD961C151E12
Authority key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/4fJXZ4OKgYVHxoslOw1RqaeiNjA.roa
Signing time: Mon 02 Jan 2023 13:14:47 +0000
ROA not before: Mon 02 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49639
IP address blocks: 91.213.61.0/24 maxlen: 24
2001:67c:52c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ce:00:c5:94:e3:8b:d3:d2:cd:96:1c:15:1e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Validity
Not Before: Jan 2 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1f25767838a818547c68b253b0d51a9a7a23630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c4:c7:85:e1:6c:6b:37:94:d7:ed:a4:e5:e1:
00:de:8d:b9:e7:77:c8:66:5d:e4:d4:44:9d:d2:ca:
53:73:f2:b6:4c:a2:34:5a:12:54:ce:ca:65:91:a3:
0e:eb:18:10:f3:de:11:40:63:ea:ba:f9:aa:86:c7:
9b:1b:4f:f0:14:04:bd:d8:44:b0:ff:a9:24:06:09:
cd:5a:f2:ae:49:db:fe:93:e9:96:60:20:52:b6:50:
f9:d2:8b:7a:e4:c6:59:85:3d:3b:88:ba:a5:91:5f:
64:1a:e4:2d:97:bd:bc:69:c0:2a:40:83:2b:2f:f4:
34:14:59:ed:78:b3:11:2a:cd:1b:ee:dc:e5:de:4f:
80:54:d1:68:a7:5f:75:7f:bc:c9:44:4b:04:b5:e7:
fd:b9:6a:23:00:8a:fe:0d:d0:6e:02:86:ed:de:07:
77:ce:d7:1f:e7:75:56:3a:28:e1:1e:7f:f6:66:0d:
9c:dc:5e:fa:fd:cc:d0:a7:f8:28:bf:97:ff:e2:77:
c9:b5:0d:48:9d:3b:a9:59:35:79:95:d7:07:b8:ae:
31:85:1e:97:b4:58:3a:d1:ff:ce:e3:84:b2:1c:a5:
e8:e6:06:0c:a2:4c:40:a8:d6:4a:1f:9a:cc:31:c9:
76:bd:ef:e6:7e:9f:31:2a:ed:af:8c:bf:62:71:45:
f7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F2:57:67:83:8A:81:85:47:C6:8B:25:3B:0D:51:A9:A7:A2:36:30
X509v3 Authority Key Identifier:
keyid:D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/4fJXZ4OKgYVHxoslOw1RqaeiNjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.61.0/24
IPv6:
2001:67c:52c::/48
Signature Algorithm: sha256WithRSAEncryption
2a:76:75:89:4a:11:76:d4:b9:05:c3:c7:4b:04:ee:c7:d8:9e:
de:9a:05:11:28:bf:fe:4d:a9:de:f0:d7:94:98:d6:ad:de:39:
9c:15:fc:a6:99:05:ad:ea:d1:ea:72:4e:ce:61:e8:a3:df:f0:
c7:6c:4c:d9:e7:a9:7a:04:9e:25:db:33:81:91:35:eb:0d:5b:
73:76:7c:dc:f8:f5:88:74:f2:2c:d1:cb:21:85:c6:b0:06:9c:
d5:8d:d0:fe:46:2e:ff:91:a9:08:90:67:a7:00:a8:30:77:34:
3e:04:0d:cd:d9:ff:4c:e1:c9:74:34:32:29:a4:af:11:3c:de:
8c:2f:c2:ad:bd:6c:97:e3:a7:a6:88:71:1e:b2:a8:67:80:68:
21:1b:3b:a9:a7:d1:2e:8a:ed:a7:f0:bd:89:28:41:96:50:6b:
32:d9:56:3f:a7:fc:28:45:e6:95:3a:16:1b:50:5d:f4:76:7e:
3c:5d:aa:65:50:b8:fa:d7:3d:6c:bc:11:7f:78:80:10:d8:88:
a7:de:30:94:fc:03:2d:a8:77:b9:4b:49:e6:65:81:8a:46:c9:
46:3d:5d:c4:ca:69:99:49:de:c4:cd:08:19:7f:9f:ce:04:d3:
cc:05:9d:ea:8e:94:88:39:79:2d:15:88:d2:fa:47:0a:98:32:
1d:1a:47:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyns4AxZTji9PSzZYcFR4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzE5OThhYTE0MGFiN2MxZmYyNDBlYWIwYzkyMzU5MTNj
OTZlOGEwHhcNMjMwMTAyMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYyNTc2NzgzOGE4MTg1NDdjNjhiMjUzYjBkNTFhOWE3YTIzNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsTHheFsazeU1+2k5eEA3o2553fI
Zl3k1ESd0spTc/K2TKI0WhJUzsplkaMO6xgQ894RQGPquvmqhsebG0/wFAS92ESw
/6kkBgnNWvKuSdv+k+mWYCBStlD50ot65MZZhT07iLqlkV9kGuQtl728acAqQIMr
L/Q0FFnteLMRKs0b7tzl3k+AVNFop191f7zJREsEtef9uWojAIr+DdBuAobt3gd3
ztcf53VWOijhHn/2Zg2c3F76/czQp/gov5f/4nfJtQ1InTupWTV5ldcHuK4xhR6X
tFg60f/O44SyHKXo5gYMokxAqNZKH5rMMcl2ve/mfp8xKu2vjL9icUX3VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOHyV2eDioGFR8aLJTsNUamnojYwMB8GA1UdIwQY
MBaAFNhxmYqhQKt8H/JA6rDJI1kTyW6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUt
NWEzNGU1MmIwYjEwLzEvNGZKWFo0T0tnWVZIeG9zbE93MVJxYWVpTmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUtNWEzNGU1MmIwYjEw
LzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9U9MA8E
AgACMAkDBwAgAQZ8BSwwDQYJKoZIhvcNAQELBQADggEBACp2dYlKEXbUuQXDx0sE
7sfYnt6aBREov/5Nqd7w15SY1q3eOZwV/KaZBa3q0epyTs5h6KPf8MdsTNnnqXoE
niXbM4GRNesNW3N2fNz49Yh08izRyyGFxrAGnNWN0P5GLv+RqQiQZ6cAqDB3ND4E
Dc3Z/0zhyXQ0MimkrxE83owvwq29bJfjp6aIcR6yqGeAaCEbO6mn0S6K7afwvYko
QZZQazLZVj+n/ChF5pU6FhtQXfR2fjxdqmVQuPrXPWy8EX94gBDYiKfeMJT8Ay2o
d7lLSeZlgYpGyUY9XcTKaZlJ3sTNCBl/n84E08wFneqOlIg5eS0ViNL6RwqYMh0a
R18=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:24 2025 by rpki-client