Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/eWsX_f4qIFMFQchBtUNIlewRVOM.roa
File: eWsX_f4qIFMFQchBtUNIlewRVOM.roa (raw, json)
Hash identifier: rRyC2cNTrybI8+nl6mVgn9EDgFJGAz+Bm6890F6wO8E=
Subject key identifier: 79:6B:17:FD:FE:2A:20:53:05:41:C8:41:B5:43:48:95:EC:11:54:E3
Certificate issuer: /CN=7c590b733c56e14ebac69f7b44d4bc954e9370e3
Certificate serial: 018C371B8D3ABBD8969F3F841BB3EF742E33
Authority key identifier: 7C:59:0B:73:3C:56:E1:4E:BA:C6:9F:7B:44:D4:BC:95:4E:93:70:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fFkLczxW4U66xp97RNS8lU6TcOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/eWsX_f4qIFMFQchBtUNIlewRVOM.roa
Signing time: Mon 04 Dec 2023 23:13:21 +0000
ROA not before: Mon 04 Dec 2023 23:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197602
IP address blocks: 91.224.178.0/24 maxlen: 24
91.224.178.0/23 maxlen: 24
91.224.179.0/24 maxlen: 24
2001:678:f58::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:37:1b:8d:3a:bb:d8:96:9f:3f:84:1b:b3:ef:74:2e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c590b733c56e14ebac69f7b44d4bc954e9370e3
Validity
Not Before: Dec 4 23:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=796b17fdfe2a20530541c841b5434895ec1154e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:96:a9:c6:e1:cb:72:3d:ac:6f:b6:b3:ec:
b3:e0:22:38:b2:b9:38:01:2a:c1:69:01:0f:ee:33:
b1:23:34:1c:bb:f1:43:bb:1f:1c:25:da:56:5b:d5:
ca:e0:0e:68:fb:d1:b1:25:c2:43:36:81:16:dc:39:
c1:a9:ff:ee:d8:9d:70:ec:1f:d3:9a:84:47:84:2e:
f8:6c:84:c3:b4:7b:6a:01:51:3e:4b:9d:d5:29:a8:
5e:b9:bd:52:b9:40:71:5e:49:ec:bd:db:92:01:ea:
fd:fa:ab:e2:9e:ed:8a:1b:d0:3f:b1:42:f4:08:b1:
1d:d7:43:86:94:af:45:81:af:34:79:18:b3:2d:e0:
f3:99:aa:91:24:2d:fe:cb:64:82:23:80:8e:06:51:
6b:f1:d9:12:ba:33:e1:7e:6d:dc:51:01:0f:02:df:
9f:f4:7a:1e:cc:a7:27:d6:1b:16:60:7a:87:30:4e:
cc:8a:2a:6f:a8:d6:ca:74:a3:e7:99:43:62:43:e4:
90:21:55:36:1d:13:ba:75:0d:79:52:6c:5e:da:97:
76:59:c3:31:ab:4d:ad:68:10:9f:5b:93:f8:41:aa:
09:0a:c4:6e:f9:d4:4d:c8:58:20:d2:1e:35:53:18:
5e:b9:88:33:2d:04:3e:ee:5b:a7:a1:64:1b:53:16:
20:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6B:17:FD:FE:2A:20:53:05:41:C8:41:B5:43:48:95:EC:11:54:E3
X509v3 Authority Key Identifier:
keyid:7C:59:0B:73:3C:56:E1:4E:BA:C6:9F:7B:44:D4:BC:95:4E:93:70:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fFkLczxW4U66xp97RNS8lU6TcOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/eWsX_f4qIFMFQchBtUNIlewRVOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/fFkLczxW4U66xp97RNS8lU6TcOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.178.0/23
IPv6:
2001:678:f58::/48
Signature Algorithm: sha256WithRSAEncryption
b6:30:c6:31:54:d4:09:1c:aa:7e:51:ca:fa:30:f9:d0:28:d1:
28:ab:80:d2:62:4d:0b:0e:e4:6b:95:5c:51:3d:3f:10:d5:2a:
3d:c9:d1:9a:6c:91:54:5d:5f:df:40:3a:b5:73:dc:5c:bc:15:
79:2b:f1:a0:bd:c9:13:4e:c6:0d:fa:fb:e4:96:25:1c:d1:d7:
00:66:5e:32:ee:34:ce:30:ab:5c:69:a0:61:64:3b:79:8c:02:
e9:bb:8f:37:d8:ed:c5:20:a2:6d:d4:0e:80:5c:42:65:81:0d:
a1:d2:1e:ec:d5:8b:6c:c2:e1:f9:a7:c9:96:d1:06:ea:2b:96:
96:09:d0:03:56:9f:a7:9d:fd:04:5f:38:28:a8:ae:4d:40:72:
12:ec:8b:29:c8:c7:52:75:6b:5f:64:b2:78:d0:90:ee:5b:57:
5b:d9:64:0c:d7:ae:68:3a:f0:5d:9c:ad:02:bc:03:4c:5e:5a:
a0:d3:e6:40:2a:9d:01:f6:26:26:4c:6c:f5:9d:e5:80:b5:9d:
10:c0:e8:bc:8f:9f:79:82:e9:3e:4c:e7:3b:31:8f:13:91:c4:
33:a8:0f:b6:79:a7:69:0e:9d:f1:4c:da:6d:4a:2d:de:18:8f:
07:74:25:a0:be:17:a3:d6:65:52:11:f0:75:a6:70:3d:77:86:
ce:15:ba:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw3G406u9iWnz+EG7PvdC4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNTkwYjczM2M1NmUxNGViYWM2OWY3YjQ0ZDRiYzk1NGU5
MzcwZTMwHhcNMjMxMjA0MjMxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTZiMTdmZGZlMmEyMDUzMDU0MWM4NDFiNTQzNDg5NWVjMTE1NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAqWqcbhy3I9rG+2s+yz4CI4srk4
ASrBaQEP7jOxIzQcu/FDux8cJdpWW9XK4A5o+9GxJcJDNoEW3DnBqf/u2J1w7B/T
moRHhC74bITDtHtqAVE+S53VKaheub1SuUBxXknsvduSAer9+qvinu2KG9A/sUL0
CLEd10OGlK9Fga80eRizLeDzmaqRJC3+y2SCI4COBlFr8dkSujPhfm3cUQEPAt+f
9HoezKcn1hsWYHqHME7MiipvqNbKdKPnmUNiQ+SQIVU2HRO6dQ15Umxe2pd2WcMx
q02taBCfW5P4QaoJCsRu+dRNyFgg0h41UxheuYgzLQQ+7lunoWQbUxYg6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHlrF/3+KiBTBUHIQbVDSJXsEVTjMB8GA1UdIwQY
MBaAFHxZC3M8VuFOusafe0TUvJVOk3DjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkZrTGN6eFc0VTY2eHA5N1JOUzhsVTZUY09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lM2I2ZmMtZWY2My00YzA2LWEzMDQt
ZjNiNWU4MDI1MGRkLzEvZVdzWF9mNHFJRk1GUWNoQnRVTklsZXdSVk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lM2I2ZmMtZWY2My00YzA2LWEzMDQtZjNiNWU4MDI1MGRk
LzEvZkZrTGN6eFc0VTY2eHA5N1JOUzhsVTZUY09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+CyMA8E
AgACMAkDBwAgAQZ4D1gwDQYJKoZIhvcNAQELBQADggEBALYwxjFU1Akcqn5Ryvow
+dAo0SirgNJiTQsO5GuVXFE9PxDVKj3J0ZpskVRdX99AOrVz3Fy8FXkr8aC9yRNO
xg36++SWJRzR1wBmXjLuNM4wq1xpoGFkO3mMAum7jzfY7cUgom3UDoBcQmWBDaHS
HuzVi2zC4fmnyZbRBuorlpYJ0ANWn6ed/QRfOCiork1AchLsiynIx1J1a19ksnjQ
kO5bV1vZZAzXrmg68F2crQK8A0xeWqDT5kAqnQH2JiZMbPWd5YC1nRDA6LyPn3mC
6T5M5zsxjxORxDOoD7Z5p2kOnfFM2m1KLd4Yjwd0JaC+F6PWZVIR8HWmcD13hs4V
ug0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:36 2025 by rpki-client