Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/9765b7-be44-465c-9755-c202f717d447/1/5xNPL3bVNUYoUSWYHhVIp3ZqWuY.roa
File: 5xNPL3bVNUYoUSWYHhVIp3ZqWuY.roa (raw, json)
Hash identifier: jMRRpbK+vKrZ4NpTV7708NeLzYurKHnieMNM+sIhyJ4=
Subject key identifier: E7:13:4F:2F:76:D5:35:46:28:51:25:98:1E:15:48:A7:76:6A:5A:E6
Certificate issuer: /CN=1c2b2b36fb722509465ed9d948c2bf891160cd0e
Certificate serial: 01856E5D72FBFC5187B1FCC8A1BF5E93FC27
Authority key identifier: 1C:2B:2B:36:FB:72:25:09:46:5E:D9:D9:48:C2:BF:89:11:60:CD:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCsrNvtyJQlGXtnZSMK_iRFgzQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/9765b7-be44-465c-9755-c202f717d447/1/5xNPL3bVNUYoUSWYHhVIp3ZqWuY.roa
Signing time: Sun 01 Jan 2023 17:24:56 +0000
ROA not before: Sun 01 Jan 2023 17:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 91.232.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:72:fb:fc:51:87:b1:fc:c8:a1:bf:5e:93:fc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2b2b36fb722509465ed9d948c2bf891160cd0e
Validity
Not Before: Jan 1 17:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7134f2f76d53546285125981e1548a7766a5ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:04:a2:03:0b:47:5e:2c:01:2c:fa:dd:a1:
2d:98:a5:ff:b3:fd:97:9e:a0:4a:57:06:91:23:59:
43:26:98:0a:ff:f2:00:d2:38:1e:fd:b8:77:0e:d3:
ab:93:f4:25:7f:ae:61:d4:1d:60:97:75:04:c9:08:
0b:91:44:d8:2f:2e:7d:ee:98:d4:4c:ff:21:7d:7b:
09:e8:c8:e7:28:d1:10:a9:d3:97:4d:b4:a9:d2:ea:
4f:0e:d0:ac:fd:dd:0a:e4:d0:93:e9:12:a2:36:1b:
69:90:07:bb:be:72:f2:da:fc:2b:10:48:2e:4f:11:
0d:43:bb:c9:f4:df:f5:0a:5a:fd:e5:15:58:c0:1c:
8a:cd:c2:9e:1d:51:6f:40:f5:b5:8a:31:cf:98:f7:
89:fe:57:39:e0:50:74:82:69:3f:22:f9:e4:56:e2:
e2:e3:6c:bd:fa:9d:63:b9:3c:5b:21:63:e1:00:f6:
07:95:55:32:e8:e2:c5:e6:55:ff:69:2b:f2:5d:9c:
cf:02:e3:b6:7a:b6:85:41:c9:68:f2:a0:cc:03:92:
c0:65:2f:23:d9:64:a9:52:ba:4f:03:31:11:b9:3d:
1c:90:00:33:72:6a:80:11:6d:8e:d7:78:1a:b6:ec:
a3:9b:5a:70:0e:0f:e9:ee:10:c7:91:5b:9c:5f:d6:
05:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:13:4F:2F:76:D5:35:46:28:51:25:98:1E:15:48:A7:76:6A:5A:E6
X509v3 Authority Key Identifier:
keyid:1C:2B:2B:36:FB:72:25:09:46:5E:D9:D9:48:C2:BF:89:11:60:CD:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCsrNvtyJQlGXtnZSMK_iRFgzQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/9765b7-be44-465c-9755-c202f717d447/1/5xNPL3bVNUYoUSWYHhVIp3ZqWuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/9765b7-be44-465c-9755-c202f717d447/1/HCsrNvtyJQlGXtnZSMK_iRFgzQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ae:51:e8:a1:aa:6f:c9:b6:08:3e:18:f6:c4:b1:c8:53:6e:
83:f6:52:ae:1d:cd:c4:e9:ba:ad:f7:1a:62:85:20:0c:ee:b5:
37:d4:2b:63:da:ec:ea:6d:b6:07:39:64:f6:b6:95:a5:b9:4a:
e5:32:6a:ee:d0:7c:df:36:37:7d:c7:42:8a:b2:2c:38:97:3a:
b2:b2:ee:10:4c:90:df:0e:7c:a1:6f:9f:68:65:0d:1b:be:64:
19:ca:ce:6f:fa:fd:6e:b3:a7:18:b7:2b:e0:f3:0a:bf:ea:49:
63:71:45:74:f9:e3:c1:99:43:cb:96:26:1b:4c:77:30:3a:55:
6d:97:3d:da:45:9a:cd:ef:50:73:94:5a:1e:1e:31:59:b6:a2:
34:74:85:48:16:b9:9f:03:ee:8b:78:09:29:04:82:22:f9:dc:
23:e6:f5:23:ba:92:b1:1d:07:87:ad:46:09:df:76:a1:33:e3:
bd:cd:a4:9b:ef:86:cb:ff:87:98:0e:0b:bf:73:83:95:2c:81:
90:4b:7d:0c:7c:11:c8:2e:c5:b2:f6:94:3f:4c:cc:03:0d:86:
1c:64:9a:75:9a:f2:94:4c:1f:2a:93:48:82:f9:a9:61:9e:e4:
05:87:6d:fc:66:28:2a:5a:af:f2:d6:71:35:d0:25:9d:f8:55:
92:ad:0f:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXXL7/FGHsfzIob9ek/wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmIyYjM2ZmI3MjI1MDk0NjVlZDlkOTQ4YzJiZjg5MTE2
MGNkMGUwHhcNMjMwMTAxMTcyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzEzNGYyZjc2ZDUzNTQ2Mjg1MTI1OTgxZTE1NDhhNzc2NmE1YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4IEogMLR14sASz63aEtmKX/s/2X
nqBKVwaRI1lDJpgK//IA0jge/bh3DtOrk/Qlf65h1B1gl3UEyQgLkUTYLy597pjU
TP8hfXsJ6MjnKNEQqdOXTbSp0upPDtCs/d0K5NCT6RKiNhtpkAe7vnLy2vwrEEgu
TxENQ7vJ9N/1Clr95RVYwByKzcKeHVFvQPW1ijHPmPeJ/lc54FB0gmk/IvnkVuLi
42y9+p1juTxbIWPhAPYHlVUy6OLF5lX/aSvyXZzPAuO2eraFQclo8qDMA5LAZS8j
2WSpUrpPAzERuT0ckAAzcmqAEW2O13gatuyjm1pwDg/p7hDHkVucX9YFvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcTTy921TVGKFElmB4VSKd2alrmMB8GA1UdIwQY
MBaAFBwrKzb7ciUJRl7Z2UjCv4kRYM0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENzck52dHlKUWxHWHRuWlNNS19pUkZnelE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC85NzY1YjctYmU0NC00NjVjLTk3NTUt
YzIwMmY3MTdkNDQ3LzEvNXhOUEwzYlZOVVlvVVNXWUhoVklwM1pxV3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC85NzY1YjctYmU0NC00NjVjLTk3NTUtYzIwMmY3MTdkNDQ3
LzEvSENzck52dHlKUWxHWHRuWlNNS19pUkZnelE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+ijMA0G
CSqGSIb3DQEBCwUAA4IBAQBrrlHooapvybYIPhj2xLHIU26D9lKuHc3E6bqt9xpi
hSAM7rU31Ctj2uzqbbYHOWT2tpWluUrlMmru0HzfNjd9x0KKsiw4lzqysu4QTJDf
Dnyhb59oZQ0bvmQZys5v+v1us6cYtyvg8wq/6kljcUV0+ePBmUPLliYbTHcwOlVt
lz3aRZrN71BzlFoeHjFZtqI0dIVIFrmfA+6LeAkpBIIi+dwj5vUjupKxHQeHrUYJ
33ahM+O9zaSb74bL/4eYDgu/c4OVLIGQS30MfBHILsWy9pQ/TMwDDYYcZJp1mvKU
TB8qk0iC+alhnuQFh238ZigqWq/y1nE10CWd+FWSrQ8V
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:08 2025 by rpki-client