Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/K9cLOVpx2cAZt7a2AwNh04mOB1Y.roa
File: K9cLOVpx2cAZt7a2AwNh04mOB1Y.roa (raw, json)
Hash identifier: e8gHTjI1GW1gPMc/CSILjxGiz9aZQM4g/LxBRqz35FQ=
Subject key identifier: 2B:D7:0B:39:5A:71:D9:C0:19:B7:B6:B6:03:03:61:D3:89:8E:07:56
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0185700B99A39BDCB1AAE89B3047DCF4343D
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/K9cLOVpx2cAZt7a2AwNh04mOB1Y.roa
Signing time: Mon 02 Jan 2023 01:14:46 +0000
ROA not before: Mon 02 Jan 2023 01:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19994
IP address blocks: 185.194.86.0/24 maxlen: 24
185.194.87.0/24 maxlen: 24
91.230.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:99:a3:9b:dc:b1:aa:e8:9b:30:47:dc:f4:34:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Jan 2 01:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd70b395a71d9c019b7b6b6030361d3898e0756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:96:23:18:f6:33:a1:fd:31:01:da:9d:65:04:
6d:e1:bb:57:cf:23:ec:55:a1:3b:3d:ba:ee:17:a1:
b2:31:9b:26:6d:72:b4:e6:0a:34:88:62:37:19:dc:
ea:46:6d:5e:95:3f:6e:29:e2:b1:03:ef:90:b3:44:
ca:93:f4:ba:b7:77:97:a6:00:b0:d7:b6:6a:fb:1e:
ba:53:f1:45:0e:d8:be:b2:00:ae:17:21:eb:0d:73:
28:b1:8b:cf:ee:6d:74:fd:4f:ef:06:d7:41:a4:9a:
ac:84:53:f7:20:48:91:95:f6:88:24:08:aa:88:65:
7f:34:40:d5:63:9e:ad:14:4f:bb:f4:b5:04:57:49:
f8:33:9a:0e:fb:1c:6d:76:08:89:32:d8:2b:4c:09:
2c:e6:7f:54:83:b3:63:1f:38:f3:4c:97:b7:71:14:
99:a4:79:8d:5f:1b:1c:ca:30:86:0a:87:95:39:94:
c9:3a:d4:f3:21:8c:29:66:e0:e9:2d:4f:b4:36:e5:
2b:cd:b6:bd:6d:96:e6:07:4e:cf:63:ab:3c:86:d3:
94:60:19:9d:0b:a0:ec:b2:32:c3:f7:0d:82:0d:c0:
59:63:e6:bd:37:2f:9c:0b:35:15:60:91:24:79:48:
2c:00:01:9b:d5:fb:d5:1a:44:56:b7:31:d4:49:27:
3c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D7:0B:39:5A:71:D9:C0:19:B7:B6:B6:03:03:61:D3:89:8E:07:56
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/K9cLOVpx2cAZt7a2AwNh04mOB1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.179.0/24
185.194.86.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:e9:09:4e:79:91:ab:16:c9:5c:9f:8b:10:82:ce:b8:d0:d9:
16:9b:9c:2e:ab:17:1a:b7:42:71:ac:ca:c6:a8:1b:29:7b:41:
a2:01:c7:f8:76:db:0b:42:25:1b:c3:5c:b5:7d:95:14:cb:e7:
a7:11:85:19:37:bc:8e:47:85:11:d7:37:95:4d:91:3f:0d:4e:
b9:c4:d8:78:56:08:85:a4:98:ef:12:f3:f2:33:df:e5:50:a7:
76:1e:5d:ca:09:fe:a6:11:42:e2:ee:b5:ed:d8:a9:05:d7:61:
dc:ec:e0:77:bd:da:b5:cf:b1:d2:1f:be:81:9d:d6:24:9c:5a:
58:2e:2b:1d:f9:a0:55:c1:97:04:bc:96:37:34:da:3b:5d:e6:
44:3b:b0:69:d0:99:37:1a:0e:42:b3:68:8a:0c:f5:ea:02:cd:
bf:64:45:6b:9d:7d:ee:3d:99:6a:46:f5:e5:71:c9:bc:56:a6:
da:57:36:20:4c:8d:36:69:31:7f:a3:2d:1f:c5:0c:bf:51:16:
c7:6a:0b:1e:5e:c2:3b:04:5c:9d:4e:65:d6:f5:a9:f9:b0:4b:
59:30:48:5a:79:a3:51:c6:4d:99:23:b3:f7:16:46:99:f4:55:
1a:dc:e2:ac:95:05:c8:0a:d3:a0:b5:24:53:08:e6:e6:94:72:
50:97:c8:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwC5mjm9yxquibMEfc9DQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTJjMmVjZjU4YzQ0YjM1YTBkYTI5NTdmZjRkY2EyZTYw
YjY4NmEwHhcNMjMwMTAyMDExNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ3MGIzOTVhNzFkOWMwMTliN2I2YjYwMzAzNjFkMzg5OGUwNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZYjGPYzof0xAdqdZQRt4btXzyPs
VaE7PbruF6GyMZsmbXK05go0iGI3GdzqRm1elT9uKeKxA++Qs0TKk/S6t3eXpgCw
17Zq+x66U/FFDti+sgCuFyHrDXMosYvP7m10/U/vBtdBpJqshFP3IEiRlfaIJAiq
iGV/NEDVY56tFE+79LUEV0n4M5oO+xxtdgiJMtgrTAks5n9Ug7NjHzjzTJe3cRSZ
pHmNXxscyjCGCoeVOZTJOtTzIYwpZuDpLU+0NuUrzba9bZbmB07PY6s8htOUYBmd
C6DssjLD9w2CDcBZY+a9Ny+cCzUVYJEkeUgsAAGb1fvVGkRWtzHUSSc8MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCvXCzlacdnAGbe2tgMDYdOJjgdWMB8GA1UdIwQY
MBaAFJmiwuz1jESzWg2ilX/03KLmC2hqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAt
ZTVkNTA3YTgyNmJmLzEvSzljTE9WcHgyY0FadDdhMkF3TmgwNG1PQjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAtZTVkNTA3YTgyNmJm
LzEvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+azAwQB
ucJWMA0GCSqGSIb3DQEBCwUAA4IBAQCe6QlOeZGrFslcn4sQgs640NkWm5wuqxca
t0JxrMrGqBspe0GiAcf4dtsLQiUbw1y1fZUUy+enEYUZN7yOR4UR1zeVTZE/DU65
xNh4VgiFpJjvEvPyM9/lUKd2Hl3KCf6mEULi7rXt2KkF12Hc7OB3vdq1z7HSH76B
ndYknFpYLisd+aBVwZcEvJY3NNo7XeZEO7Bp0Jk3Gg5Cs2iKDPXqAs2/ZEVrnX3u
PZlqRvXlccm8VqbaVzYgTI02aTF/oy0fxQy/URbHagseXsI7BFydTmXW9an5sEtZ
MEhaeaNRxk2ZI7P3FkaZ9FUa3OKslQXICtOgtSRTCObmlHJQl8gW
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:24:02 2025 by rpki-client