Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/n2vHRfFh3nAibbrYSlqiHL5dD2U.roa
File: n2vHRfFh3nAibbrYSlqiHL5dD2U.roa (raw, json)
Hash identifier: Oh2lJ2loX2tOUKARuERRUmIBi8sMWx2W0jhYP4PCk4I=
Subject key identifier: 9F:6B:C7:45:F1:61:DE:70:22:6D:BA:D8:4A:5A:A2:1C:BE:5D:0F:65
Certificate issuer: /CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Certificate serial: 0A182208
Authority key identifier: D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/n2vHRfFh3nAibbrYSlqiHL5dD2U.roa
Signing time: Sat 01 Jan 2022 14:55:07 +0000
ROA not before: Sat 01 Jan 2022 14:55:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13094
IP address blocks: 91.221.180.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169353736 (0xa182208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Validity
Not Before: Jan 1 14:55:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f6bc745f161de70226dbad84a5aa21cbe5d0f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f0:57:14:f1:f6:b0:b7:78:2f:35:b6:c2:5c:
f7:d5:5c:86:38:08:3d:8e:bd:6c:a9:43:1b:d2:6d:
e5:94:8e:0d:97:de:6f:51:6b:04:5a:72:ea:22:19:
12:25:9a:5c:d9:d7:96:25:14:a3:bd:9f:b0:61:4b:
fa:48:42:30:d4:96:00:67:7f:58:8f:0d:fe:47:56:
33:24:71:ef:bf:52:71:b7:16:25:f1:7b:df:a9:06:
e9:cd:9a:1a:bb:24:69:f7:1a:46:01:a6:6e:00:90:
66:cc:f5:06:0c:71:f7:cc:01:c8:2b:dc:64:ad:2b:
88:a5:29:b9:b6:2b:5d:23:0f:19:62:a0:ad:24:86:
59:fd:64:d0:fa:e8:9a:90:24:7c:ca:da:28:f5:b3:
5a:6f:cb:eb:8a:f0:9c:7a:89:1a:fa:18:91:7f:4b:
41:a5:3f:47:ff:ee:8c:f0:63:51:4f:ad:fc:58:77:
cf:8f:59:87:ae:81:fc:23:a5:57:5d:20:8b:a0:95:
36:a6:e2:4e:9b:ef:7a:77:0f:34:c6:b6:a4:f4:76:
f6:ac:b9:75:fa:c3:14:76:a3:1d:46:1d:79:11:3c:
67:01:8b:cf:96:0d:79:2e:6f:32:9e:4e:01:9e:70:
84:e0:f3:1c:ba:e7:4f:67:0c:8b:a9:02:af:b6:dd:
41:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6B:C7:45:F1:61:DE:70:22:6D:BA:D8:4A:5A:A2:1C:BE:5D:0F:65
X509v3 Authority Key Identifier:
keyid:D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/n2vHRfFh3nAibbrYSlqiHL5dD2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/0SO41GITRmfsap0eFU5cfwWWZiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.180.0/23
Signature Algorithm: sha256WithRSAEncryption
63:ef:df:c9:87:24:d8:4f:94:72:92:45:ea:4a:7b:71:d7:64:
a3:91:6b:8f:86:e6:fd:ae:ea:ca:8a:3b:b7:a6:8c:34:09:a0:
96:b9:66:78:54:b1:9f:4d:21:bd:b8:ef:ed:e4:d8:9d:9b:e4:
7c:0d:b8:3a:f0:8e:be:b5:48:29:0b:e8:50:d2:0d:dc:fb:91:
aa:c6:85:1f:75:83:6c:c2:11:f9:9f:00:c0:93:b8:ef:f0:ec:
7a:0f:a4:69:c7:b9:41:ee:15:9e:f0:25:dc:78:a8:58:5f:b4:
39:b1:03:d2:39:5a:7a:24:ed:2b:97:81:ea:d5:56:0e:cb:cd:
e1:52:c9:66:1b:73:52:9c:26:e4:58:61:64:b0:ce:37:aa:32:
84:5e:c3:5e:fd:d5:fe:b2:3c:fc:82:66:e0:52:94:88:d7:42:
6a:f3:ba:e1:3e:d7:a6:5e:a4:a2:5b:12:18:13:d7:ca:44:f4:
e8:59:07:6f:5c:02:69:83:9f:90:3e:08:a1:05:88:e6:cd:a3:
18:12:48:1d:3e:da:02:08:bb:11:65:12:b8:82:dc:a0:a4:4f:
79:ca:d8:14:35:b3:92:fc:eb:4e:b1:67:f1:91:bc:30:2f:27:
02:d7:7a:e1:09:51:02:8c:16:1e:98:df:cb:03:5a:f8:db:35:
4c:a1:e4:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChgiCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTIzYjhkNDYyMTM0NjY3ZWM2YTlkMWUxNTRlNWM3ZjA1OTY2NjJjMB4XDTIyMDEw
MTE0NTUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY2YmM3NDVmMTYx
ZGU3MDIyNmRiYWQ4NGE1YWEyMWNiZTVkMGY2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHwVxTx9rC3eC81tsJc99VchjgIPY69bKlDG9Jt5ZSODZfe
b1FrBFpy6iIZEiWaXNnXliUUo72fsGFL+khCMNSWAGd/WI8N/kdWMyRx779ScbcW
JfF736kG6c2aGrskafcaRgGmbgCQZsz1Bgxx98wByCvcZK0riKUpubYrXSMPGWKg
rSSGWf1k0PrompAkfMraKPWzWm/L64rwnHqJGvoYkX9LQaU/R//ujPBjUU+t/Fh3
z49Zh66B/COlV10gi6CVNqbiTpvvencPNMa2pPR29qy5dfrDFHajHUYdeRE8ZwGL
z5YNeS5vMp5OAZ5whODzHLrnT2cMi6kCr7bdQfcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfa8dF8WHecCJtuthKWqIcvl0PZTAfBgNVHSMEGDAWgBTRI7jUYhNGZ+xq
nR4VTlx/BZZmLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBTTzQxR0lUUm1mc2FwMGVGVTVjZndXV1ppdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvMGQ5MDNmLTE4MzEtNGQwMy1hYWI0LTgxYWY3YzY1N2UwNS8x
L24ydkhSZkZoM25BaWJicllTbHFpSEw1ZEQyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
MGQ5MDNmLTE4MzEtNGQwMy1hYWI0LTgxYWY3YzY1N2UwNS8xLzBTTzQxR0lUUm1m
c2FwMGVGVTVjZndXV1ppdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvdtDANBgkqhkiG9w0BAQsFAAOC
AQEAY+/fyYck2E+UcpJF6kp7cddko5Frj4bm/a7qyoo7t6aMNAmglrlmeFSxn00h
vbjv7eTYnZvkfA24OvCOvrVIKQvoUNIN3PuRqsaFH3WDbMIR+Z8AwJO47/Dseg+k
ace5Qe4VnvAl3HioWF+0ObED0jlaeiTtK5eB6tVWDsvN4VLJZhtzUpwm5FhhZLDO
N6oyhF7DXv3V/rI8/IJm4FKUiNdCavO64T7Xpl6kolsSGBPXykT06FkHb1wCaYOf
kD4IoQWI5s2jGBJIHT7aAgi7EWUSuILcoKRPecrYFDWzkvzrTrFn8ZG8MC8nAtd6
4QlRAowWHpjfywNa+Ns1TKHkTA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:15 2025 by rpki-client