Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/6f6758-c233-4ac0-99b0-5a922a62c571/1/idu-p9vHzkB5nophl3HVkJlfEMU.roa
File: idu-p9vHzkB5nophl3HVkJlfEMU.roa (raw, json)
Hash identifier: 4byzcvFLabCMifwmyZeBXkedrwiguMi32y3oEECc7vw=
Subject key identifier: 89:DB:BE:A7:DB:C7:CE:40:79:9E:8A:61:97:71:D5:90:99:5F:10:C5
Certificate issuer: /CN=cf2c30f34493c452a173e4de0c462c83a711c338
Certificate serial: 01856FD527572DDD309DC5970CA1BEF79B94
Authority key identifier: CF:2C:30:F3:44:93:C4:52:A1:73:E4:DE:0C:46:2C:83:A7:11:C3:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zyww80STxFKhc-TeDEYsg6cRwzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/6f6758-c233-4ac0-99b0-5a922a62c571/1/idu-p9vHzkB5nophl3HVkJlfEMU.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200966
IP address blocks: 91.215.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:27:57:2d:dd:30:9d:c5:97:0c:a1:be:f7:9b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf2c30f34493c452a173e4de0c462c83a711c338
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89dbbea7dbc7ce40799e8a619771d590995f10c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:6f:79:e2:0d:b0:c1:c0:3a:e9:43:7b:e6:
1c:fb:34:82:fb:e8:07:3a:5e:27:32:25:3b:6e:8b:
df:c4:e0:09:98:2f:29:03:c8:9b:c8:83:ed:6b:f2:
9f:31:db:ce:cd:e7:3a:1c:1d:a5:84:75:55:03:d7:
cd:cc:33:ab:e5:e9:6f:06:23:dd:a1:a9:5d:b8:07:
e3:0a:fb:a7:59:19:b3:d2:3c:00:c4:6a:32:20:92:
c5:53:86:60:99:66:81:60:0b:bd:4d:38:77:dd:c0:
a8:92:e6:2c:64:ea:47:e0:ed:5b:6a:da:9f:fc:95:
44:cf:15:b7:c7:bb:b0:00:89:88:15:8f:f1:f5:89:
40:aa:a7:b9:dc:28:de:1c:6f:4b:29:a7:80:33:c1:
e3:91:a6:e9:ed:ab:15:ce:37:19:83:db:72:ae:7a:
e3:67:93:56:6f:18:d8:12:b4:41:61:51:47:12:a3:
b4:c4:b2:dd:00:d9:c0:41:45:f7:6c:c1:52:83:13:
a7:85:5c:d7:cf:38:3a:74:1a:1e:22:c3:a2:fa:e6:
02:f9:27:8e:47:83:6c:26:b9:10:f8:1f:c1:f8:05:
a1:17:e1:db:f1:45:d5:86:67:8e:0f:77:2f:46:ad:
23:3f:25:39:d9:4f:3f:66:ac:0b:1e:34:9d:c0:ed:
54:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DB:BE:A7:DB:C7:CE:40:79:9E:8A:61:97:71:D5:90:99:5F:10:C5
X509v3 Authority Key Identifier:
keyid:CF:2C:30:F3:44:93:C4:52:A1:73:E4:DE:0C:46:2C:83:A7:11:C3:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zyww80STxFKhc-TeDEYsg6cRwzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6f6758-c233-4ac0-99b0-5a922a62c571/1/idu-p9vHzkB5nophl3HVkJlfEMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6f6758-c233-4ac0-99b0-5a922a62c571/1/zyww80STxFKhc-TeDEYsg6cRwzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.87.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:29:28:de:dc:8e:ba:60:52:14:f6:5e:79:0c:bd:55:5a:b5:
3a:7d:60:5c:24:0d:c8:75:0c:ba:a7:62:2c:8c:a8:0d:dd:55:
0c:5b:ba:fe:2b:fd:0e:aa:98:44:9b:b3:55:1f:34:7f:e2:b8:
35:7a:e6:f7:f7:6b:aa:a4:6a:24:03:26:7d:d7:0d:27:ef:d4:
bb:69:91:9e:d8:3e:7f:5e:db:0e:ef:bd:75:4d:9b:4f:b3:8e:
37:43:0b:7f:71:13:44:3b:42:63:32:49:40:54:5b:25:10:40:
45:c6:30:36:01:50:24:51:c5:3c:76:80:d5:1c:2e:7c:ea:c0:
59:46:fe:e9:15:fb:65:f6:8a:1a:35:3e:c7:1c:33:7c:f7:38:
31:2d:9f:f3:8b:60:f8:7d:57:8a:e5:32:fe:88:6b:00:d2:14:
bb:62:8c:ef:03:a6:38:df:af:0f:1a:5f:a1:1e:35:09:33:80:
83:a3:4b:e4:ab:18:e6:32:49:f0:4c:a4:74:ba:22:7b:3b:29:
e4:65:b1:eb:16:a0:6b:d3:69:47:4b:ee:1c:a9:24:49:42:36:
b5:a7:3d:ff:3c:e4:be:30:99:11:5d:e7:8a:6b:f8:80:41:22:
ff:31:1b:62:60:08:c1:e1:e9:6e:11:96:c2:13:9c:d2:6e:33:
44:f7:6c:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1SdXLd0wncWXDKG+95uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMmMzMGYzNDQ5M2M0NTJhMTczZTRkZTBjNDYyYzgzYTcx
MWMzMzgwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRiYmVhN2RiYzdjZTQwNzk5ZThhNjE5NzcxZDU5MDk5NWYxMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIJveeINsMHAOulDe+Yc+zSC++gH
Ol4nMiU7bovfxOAJmC8pA8ibyIPta/KfMdvOzec6HB2lhHVVA9fNzDOr5elvBiPd
oalduAfjCvunWRmz0jwAxGoyIJLFU4ZgmWaBYAu9TTh33cCokuYsZOpH4O1batqf
/JVEzxW3x7uwAImIFY/x9YlAqqe53CjeHG9LKaeAM8Hjkabp7asVzjcZg9tyrnrj
Z5NWbxjYErRBYVFHEqO0xLLdANnAQUX3bMFSgxOnhVzXzzg6dBoeIsOi+uYC+SeO
R4NsJrkQ+B/B+AWhF+Hb8UXVhmeOD3cvRq0jPyU52U8/ZqwLHjSdwO1UnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInbvqfbx85AeZ6KYZdx1ZCZXxDFMB8GA1UdIwQY
MBaAFM8sMPNEk8RSoXPk3gxGLIOnEcM4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenl3dzgwU1R4RktoYy1UZURFWXNnNmNSd3pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi82ZjY3NTgtYzIzMy00YWMwLTk5YjAt
NWE5MjJhNjJjNTcxLzEvaWR1LXA5dkh6a0I1bm9waGwzSFZrSmxmRU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi82ZjY3NTgtYzIzMy00YWMwLTk5YjAtNWE5MjJhNjJjNTcx
LzEvenl3dzgwU1R4RktoYy1UZURFWXNnNmNSd3pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9dXMA0G
CSqGSIb3DQEBCwUAA4IBAQALKSje3I66YFIU9l55DL1VWrU6fWBcJA3IdQy6p2Is
jKgN3VUMW7r+K/0OqphEm7NVHzR/4rg1eub392uqpGokAyZ91w0n79S7aZGe2D5/
XtsO7711TZtPs443Qwt/cRNEO0JjMklAVFslEEBFxjA2AVAkUcU8doDVHC586sBZ
Rv7pFftl9ooaNT7HHDN89zgxLZ/zi2D4fVeK5TL+iGsA0hS7YozvA6Y4368PGl+h
HjUJM4CDo0vkqxjmMknwTKR0uiJ7OynkZbHrFqBr02lHS+4cqSRJQja1pz3/POS+
MJkRXeeKa/iAQSL/MRtiYAjB4eluEZbCE5zSbjNE92z0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:06 2025 by rpki-client