Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/yzWn3-7LDU9kgOIUd_ATB1a_mlg.roa
File: yzWn3-7LDU9kgOIUd_ATB1a_mlg.roa (raw, json)
Hash identifier: 9yRo8ovtVtX26rdcd3odhxkhdWpx2jyKdFLGU59kjU8=
Subject key identifier: CB:35:A7:DF:EE:CB:0D:4F:64:80:E2:14:77:F0:13:07:56:BF:9A:58
Certificate issuer: /CN=317a927426089f3b8c500083221a798a9d2e8466
Certificate serial: 0185714C1CB9D7B96B6E987E3368269559F2
Authority key identifier: 31:7A:92:74:26:08:9F:3B:8C:50:00:83:22:1A:79:8A:9D:2E:84:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXqSdCYInzuMUACDIhp5ip0uhGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/yzWn3-7LDU9kgOIUd_ATB1a_mlg.roa
Signing time: Mon 02 Jan 2023 07:04:51 +0000
ROA not before: Mon 02 Jan 2023 07:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12732
IP address blocks: 91.199.214.0/24 maxlen: 24
2001:67c:27fc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:1c:b9:d7:b9:6b:6e:98:7e:33:68:26:95:59:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317a927426089f3b8c500083221a798a9d2e8466
Validity
Not Before: Jan 2 07:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb35a7dfeecb0d4f6480e21477f0130756bf9a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fc:7c:b2:52:45:65:7b:d2:6d:00:91:1e:0b:
b0:88:92:81:4e:f2:50:db:56:b1:c7:55:de:ad:00:
6e:e2:f3:9b:c4:c0:1b:ba:52:23:26:9e:ef:13:20:
8f:a9:18:3e:17:c9:3e:d9:82:88:26:28:4a:96:83:
b1:df:8e:d8:68:e9:49:4a:42:22:6d:d7:0d:82:9e:
10:34:51:97:e2:0a:63:7b:a9:77:4f:c4:79:01:f0:
c2:3f:0f:6d:e3:10:39:43:c7:54:32:20:69:cd:d4:
71:f5:48:73:7c:c0:fb:eb:d1:8d:13:79:e0:9e:23:
4e:42:44:b3:37:2f:2a:91:94:a9:b7:cd:42:8b:b7:
54:9f:c5:8b:a8:cd:18:91:b1:60:c9:16:f9:58:39:
b9:4e:5b:81:51:af:60:9f:18:9f:71:9c:cf:3c:32:
75:fe:54:f2:12:60:6c:78:39:96:76:38:45:4d:25:
9b:5e:8c:e3:69:a8:24:5e:c0:63:05:0c:4a:5b:d2:
65:79:51:4a:32:9a:f6:5e:1e:7a:25:c9:63:30:66:
1f:1c:cb:7d:37:2a:12:4a:08:a2:f0:3c:35:76:db:
15:28:1e:bd:d3:38:67:33:ed:60:2f:9e:f3:bc:ca:
6a:03:2f:fa:d2:cc:a3:74:c9:18:67:f0:cc:e3:2d:
5e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:35:A7:DF:EE:CB:0D:4F:64:80:E2:14:77:F0:13:07:56:BF:9A:58
X509v3 Authority Key Identifier:
keyid:31:7A:92:74:26:08:9F:3B:8C:50:00:83:22:1A:79:8A:9D:2E:84:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXqSdCYInzuMUACDIhp5ip0uhGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/yzWn3-7LDU9kgOIUd_ATB1a_mlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/MXqSdCYInzuMUACDIhp5ip0uhGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.214.0/24
IPv6:
2001:67c:27fc::/48
Signature Algorithm: sha256WithRSAEncryption
8b:c0:a8:4d:c9:d1:d8:6f:42:33:a3:a4:67:71:80:4f:e7:6b:
8e:79:6f:7d:24:b0:24:71:f5:4a:a4:43:cc:b1:75:05:f4:49:
c2:66:ce:a9:3f:f3:42:b8:fb:53:a4:8a:f9:2d:c9:0a:f3:0f:
52:12:31:30:82:93:30:00:f1:1e:0e:99:9f:22:1e:a9:76:78:
b8:ca:50:2e:a4:34:71:64:8e:40:72:bb:9d:6c:ab:f5:12:a4:
7a:06:c9:bc:98:f8:44:da:51:be:c6:a1:b8:5f:c6:1d:db:c2:
f8:e2:50:d8:4f:38:9c:f7:6f:15:82:2e:b4:fa:14:c4:bd:fe:
87:7f:27:09:19:68:47:15:b4:cb:00:47:93:24:33:3c:d1:96:
c4:4a:50:18:a3:3b:21:b2:23:4f:b5:f5:27:61:63:09:49:84:
57:3f:14:38:25:0f:d6:80:35:ed:73:34:04:22:8e:1a:6d:ea:
f0:a1:84:96:99:e2:ec:fe:6d:1f:2f:66:e5:ca:f1:92:ac:d2:
46:91:c8:03:b1:c1:b0:0c:64:bd:0c:c6:ef:44:25:5b:52:8e:
01:95:15:ba:43:fd:a8:ed:90:17:a2:0f:10:04:76:19:c6:8e:
08:6d:3b:4c:66:56:59:8f:02:0e:d5:6c:8d:23:10:db:e0:56:
2f:79:fc:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxTBy517lrbph+M2gmlVnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxN2E5Mjc0MjYwODlmM2I4YzUwMDA4MzIyMWE3OThhOWQy
ZTg0NjYwHhcNMjMwMTAyMDcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM1YTdkZmVlY2IwZDRmNjQ4MGUyMTQ3N2YwMTMwNzU2YmY5YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifx8slJFZXvSbQCRHguwiJKBTvJQ
21axx1XerQBu4vObxMAbulIjJp7vEyCPqRg+F8k+2YKIJihKloOx347YaOlJSkIi
bdcNgp4QNFGX4gpje6l3T8R5AfDCPw9t4xA5Q8dUMiBpzdRx9UhzfMD769GNE3ng
niNOQkSzNy8qkZSpt81Ci7dUn8WLqM0YkbFgyRb5WDm5TluBUa9gnxifcZzPPDJ1
/lTyEmBseDmWdjhFTSWbXozjaagkXsBjBQxKW9JleVFKMpr2Xh56JcljMGYfHMt9
NyoSSgii8Dw1dtsVKB690zhnM+1gL57zvMpqAy/60syjdMkYZ/DM4y1eHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMs1p9/uyw1PZIDiFHfwEwdWv5pYMB8GA1UdIwQY
MBaAFDF6knQmCJ87jFAAgyIaeYqdLoRmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhxU2RDWUluenVNVUFDRElocDVpcDB1aEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kZTQ3NDAtZDM0ZS00MmE3LTg5Njgt
NDY0YjhmM2I4MzYzLzEveXpXbjMtN0xEVTlrZ09JVWRfQVRCMWFfbWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kZTQ3NDAtZDM0ZS00MmE3LTg5NjgtNDY0YjhmM2I4MzYz
LzEvTVhxU2RDWUluenVNVUFDRElocDVpcDB1aEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8fWMA8E
AgACMAkDBwAgAQZ8J/wwDQYJKoZIhvcNAQELBQADggEBAIvAqE3J0dhvQjOjpGdx
gE/na455b30ksCRx9UqkQ8yxdQX0ScJmzqk/80K4+1OkivktyQrzD1ISMTCCkzAA
8R4OmZ8iHql2eLjKUC6kNHFkjkByu51sq/USpHoGybyY+ETaUb7Gobhfxh3bwvji
UNhPOJz3bxWCLrT6FMS9/od/JwkZaEcVtMsAR5MkMzzRlsRKUBijOyGyI0+19Sdh
YwlJhFc/FDglD9aANe1zNAQijhpt6vChhJaZ4uz+bR8vZuXK8ZKs0kaRyAOxwbAM
ZL0Mxu9EJVtSjgGVFbpD/ajtkBeiDxAEdhnGjghtO0xmVlmPAg7VbI0jENvgVi95
/Ns=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:23 2025 by rpki-client