Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/n7I_B7z8BiJN64MwK6qJlSBL7cY.roa
File: n7I_B7z8BiJN64MwK6qJlSBL7cY.roa (raw, json)
Hash identifier: wnEest1BwC5iKoYNfn+vuH5YjgMeNMYBpuYp36cGEIw=
Subject key identifier: 9F:B2:3F:07:BC:FC:06:22:4D:EB:83:30:2B:AA:89:95:20:4B:ED:C6
Certificate issuer: /CN=7c590b733c56e14ebac69f7b44d4bc954e9370e3
Certificate serial: 01856D41729DF1DD6AD21415CBDE298C4E83
Authority key identifier: 7C:59:0B:73:3C:56:E1:4E:BA:C6:9F:7B:44:D4:BC:95:4E:93:70:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fFkLczxW4U66xp97RNS8lU6TcOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/n7I_B7z8BiJN64MwK6qJlSBL7cY.roa
Signing time: Sun 01 Jan 2023 12:14:43 +0000
ROA not before: Sun 01 Jan 2023 12:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197602
IP address blocks: 91.224.178.0/24 maxlen: 24
91.224.179.0/24 maxlen: 24
2001:678:f58::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:72:9d:f1:dd:6a:d2:14:15:cb:de:29:8c:4e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c590b733c56e14ebac69f7b44d4bc954e9370e3
Validity
Not Before: Jan 1 12:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fb23f07bcfc06224deb83302baa8995204bedc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:33:99:a1:87:ee:c4:c6:97:25:47:8e:d3:bc:
4c:55:1c:92:a5:0a:2c:4e:d3:12:33:ef:af:01:c0:
c3:61:ac:62:59:6a:6f:4b:fe:6a:c0:fc:e5:17:de:
31:cd:74:f3:12:a6:ff:2a:20:97:a1:08:1d:d9:eb:
d2:61:ca:8c:c6:6b:4f:e0:f0:7a:00:b5:9c:d0:d8:
21:34:8f:7f:5e:10:43:73:4f:e6:0f:5e:66:a1:a8:
d0:8e:f9:9d:ca:ed:f8:fb:83:04:4f:94:63:e6:7e:
03:d4:62:f4:39:f8:ed:d0:d1:68:03:cf:d4:99:cd:
01:18:f7:db:1a:1d:b4:34:38:6f:c2:fb:55:26:32:
b2:a8:38:41:33:ad:c9:c9:bd:f6:bf:41:f3:dd:84:
b2:04:04:5b:27:f3:ae:0e:d6:87:a1:24:50:c4:2c:
19:58:8c:2d:60:27:a8:d7:a0:ea:09:e1:6c:aa:81:
b9:65:3f:18:59:fe:6a:b2:96:83:1b:74:dd:c9:c8:
b3:49:9b:f2:fc:3b:2b:3a:d7:50:25:28:fa:db:9b:
36:37:58:6d:f7:d4:b1:0b:e0:97:3a:15:b0:f8:11:
f3:4c:81:81:14:f8:ee:3e:54:48:8a:43:c3:b6:fe:
d0:7f:ae:e8:82:80:ce:e7:30:60:a3:e8:55:ab:c2:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B2:3F:07:BC:FC:06:22:4D:EB:83:30:2B:AA:89:95:20:4B:ED:C6
X509v3 Authority Key Identifier:
keyid:7C:59:0B:73:3C:56:E1:4E:BA:C6:9F:7B:44:D4:BC:95:4E:93:70:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fFkLczxW4U66xp97RNS8lU6TcOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/n7I_B7z8BiJN64MwK6qJlSBL7cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e3b6fc-ef63-4c06-a304-f3b5e80250dd/1/fFkLczxW4U66xp97RNS8lU6TcOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.178.0/23
IPv6:
2001:678:f58::/48
Signature Algorithm: sha256WithRSAEncryption
34:9d:6e:95:2c:04:f6:c7:3c:f1:c4:aa:24:c4:d7:fa:78:9a:
77:5c:08:8e:e4:38:d8:aa:26:bd:d7:24:6a:32:98:d4:ef:60:
a1:49:09:15:13:e8:f5:c7:78:10:62:e2:43:8d:3d:f5:4e:0a:
b0:0c:41:1e:ec:f3:be:6f:6b:2f:6e:23:0a:af:2d:6e:53:fe:
6e:14:f1:c3:39:94:60:0a:ad:00:57:f0:61:cc:36:11:79:a9:
14:3d:6f:8e:d3:69:af:c1:44:e3:17:ef:57:68:b6:02:8e:c3:
c3:5d:22:64:ca:7f:d1:9c:76:c2:cb:c7:07:2f:31:fb:d8:86:
cb:3c:48:f5:93:7a:8a:34:ac:34:0f:4d:32:eb:7b:06:ed:e8:
b6:3b:e0:1f:0c:ee:ff:63:bb:12:ff:f1:a7:51:a2:2c:f3:70:
cd:f1:dd:b7:7f:b2:cd:28:9b:2e:88:5d:84:47:f9:5f:bd:2e:
c5:d0:e7:39:59:47:6f:e9:d3:65:24:3f:86:2c:cd:7e:0a:26:
1e:92:b3:93:6d:00:6e:70:92:6b:0e:85:e3:6a:29:47:95:dc:
b8:05:01:f6:e5:ae:79:1b:b1:18:07:47:0a:09:3e:08:a1:6b:
eb:56:26:48:b0:05:5e:b2:4b:70:45:97:62:82:bd:b2:61:2f:
6f:e8:b0:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtQXKd8d1q0hQVy94pjE6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNTkwYjczM2M1NmUxNGViYWM2OWY3YjQ0ZDRiYzk1NGU5
MzcwZTMwHhcNMjMwMTAxMTIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmIyM2YwN2JjZmMwNjIyNGRlYjgzMzAyYmFhODk5NTIwNGJlZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjOZoYfuxMaXJUeO07xMVRySpQos
TtMSM++vAcDDYaxiWWpvS/5qwPzlF94xzXTzEqb/KiCXoQgd2evSYcqMxmtP4PB6
ALWc0NghNI9/XhBDc0/mD15moajQjvmdyu34+4MET5Rj5n4D1GL0Ofjt0NFoA8/U
mc0BGPfbGh20NDhvwvtVJjKyqDhBM63Jyb32v0Hz3YSyBARbJ/OuDtaHoSRQxCwZ
WIwtYCeo16DqCeFsqoG5ZT8YWf5qspaDG3TdycizSZvy/DsrOtdQJSj625s2N1ht
99SxC+CXOhWw+BHzTIGBFPjuPlRIikPDtv7Qf67ogoDO5zBgo+hVq8KkKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ+yPwe8/AYiTeuDMCuqiZUgS+3GMB8GA1UdIwQY
MBaAFHxZC3M8VuFOusafe0TUvJVOk3DjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkZrTGN6eFc0VTY2eHA5N1JOUzhsVTZUY09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lM2I2ZmMtZWY2My00YzA2LWEzMDQt
ZjNiNWU4MDI1MGRkLzEvbjdJX0I3ejhCaUpONjRNd0s2cUpsU0JMN2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lM2I2ZmMtZWY2My00YzA2LWEzMDQtZjNiNWU4MDI1MGRk
LzEvZkZrTGN6eFc0VTY2eHA5N1JOUzhsVTZUY09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+CyMA8E
AgACMAkDBwAgAQZ4D1gwDQYJKoZIhvcNAQELBQADggEBADSdbpUsBPbHPPHEqiTE
1/p4mndcCI7kONiqJr3XJGoymNTvYKFJCRUT6PXHeBBi4kONPfVOCrAMQR7s875v
ay9uIwqvLW5T/m4U8cM5lGAKrQBX8GHMNhF5qRQ9b47Taa/BROMX71dotgKOw8Nd
ImTKf9GcdsLLxwcvMfvYhss8SPWTeoo0rDQPTTLrewbt6LY74B8M7v9juxL/8adR
oizzcM3x3bd/ss0omy6IXYRH+V+9LsXQ5zlZR2/p02UkP4YszX4KJh6Ss5NtAG5w
kmsOheNqKUeV3LgFAfblrnkbsRgHRwoJPgiha+tWJkiwBV6yS3BFl2KCvbJhL2/o
sOw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:24 2025 by rpki-client