Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/H3T0V3wlnTfIz0i0HjNGpEw9f7s.roa
File: H3T0V3wlnTfIz0i0HjNGpEw9f7s.roa (raw, json)
Hash identifier: SzEKK1QKNeHjZutSdIRyqIQZaZ9V9V6i7LRjg+/CRPw=
Subject key identifier: 1F:74:F4:57:7C:25:9D:37:C8:CF:48:B4:1E:33:46:A4:4C:3D:7F:BB
Certificate issuer: /CN=926c98b51061f340cce4e0b4ce361ce34abc2fce
Certificate serial: 018C25032246BFF9B8C1E7869AD09EFEA7EE
Authority key identifier: 92:6C:98:B5:10:61:F3:40:CC:E4:E0:B4:CE:36:1C:E3:4A:BC:2F:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmyYtRBh80DM5OC0zjYc40q8L84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/H3T0V3wlnTfIz0i0HjNGpEw9f7s.roa
Signing time: Fri 01 Dec 2023 10:53:31 +0000
ROA not before: Fri 01 Dec 2023 10:53:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59945
IP address blocks: 91.224.46.0/24 maxlen: 24
91.224.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:03:22:46:bf:f9:b8:c1:e7:86:9a:d0:9e:fe:a7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926c98b51061f340cce4e0b4ce361ce34abc2fce
Validity
Not Before: Dec 1 10:53:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f74f4577c259d37c8cf48b41e3346a44c3d7fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b4:a7:fa:b6:f8:b2:1c:93:d5:07:fb:22:54:
ca:62:d5:31:bc:d5:28:f1:dc:92:d3:2c:e8:b1:97:
72:78:d4:05:ec:d9:eb:7a:25:1d:f0:57:42:db:4a:
d0:31:9f:00:0b:d2:3e:12:a5:4c:ac:34:df:70:57:
07:cc:51:6a:d7:43:9f:e4:c4:62:08:c2:e9:1d:97:
cd:57:36:85:a1:62:76:ac:e3:56:fc:b6:1b:fc:0c:
83:a4:bc:f7:84:bf:57:f5:d4:e8:91:ba:c2:d7:b7:
49:21:2c:53:72:94:4d:9b:45:61:6f:0a:17:a7:9c:
d9:91:86:94:ec:07:8a:be:5b:03:f2:9f:58:79:de:
46:27:98:84:fe:5f:a2:39:b7:1a:cf:38:18:99:77:
33:7e:2c:64:90:af:ae:b4:0b:5f:a4:27:73:2a:7e:
e5:68:ed:cd:0b:21:0f:d3:bf:e4:cf:81:8e:6b:8f:
1c:ac:c9:2a:2e:fb:63:3f:e0:51:e3:02:6d:5e:20:
b0:d7:46:70:33:47:5e:3f:2e:f6:f1:b8:f2:63:1b:
2d:da:b0:9a:92:df:92:05:b2:0f:fe:ca:6a:73:cd:
a3:4a:a0:06:94:e9:b8:9f:49:76:cb:31:73:0b:07:
30:b6:17:63:e3:2d:b8:7b:3a:6b:94:80:e8:5f:aa:
d4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:74:F4:57:7C:25:9D:37:C8:CF:48:B4:1E:33:46:A4:4C:3D:7F:BB
X509v3 Authority Key Identifier:
keyid:92:6C:98:B5:10:61:F3:40:CC:E4:E0:B4:CE:36:1C:E3:4A:BC:2F:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmyYtRBh80DM5OC0zjYc40q8L84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/H3T0V3wlnTfIz0i0HjNGpEw9f7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/kmyYtRBh80DM5OC0zjYc40q8L84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.46.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:b9:78:5d:5b:1b:e5:ac:87:5a:17:da:f8:cf:ed:80:9e:4e:
4c:5c:19:6f:8a:c6:54:72:5b:33:f5:2a:1b:aa:9d:96:f0:f8:
d3:36:35:47:a7:98:72:66:43:f7:8a:69:34:c6:2f:ec:a5:53:
cf:eb:ef:e8:78:b5:31:0a:14:51:b5:e5:da:44:f2:68:4b:d3:
82:f3:1a:73:14:00:52:04:e8:29:df:22:32:77:cb:96:bd:85:
1d:60:3f:20:6b:9c:1b:39:fe:e2:aa:34:de:af:96:3c:b4:c4:
94:0e:cd:3e:34:86:f8:6e:9c:d7:5b:79:e9:cf:e9:8f:99:38:
6a:1e:c2:09:6b:7f:d9:a9:9e:f4:0d:a3:2b:3f:09:c2:35:a3:
d9:61:a6:09:b5:64:b0:88:a6:b7:f7:78:75:61:a7:c9:ad:35:
42:79:bf:1b:a2:f9:1d:bc:ea:bb:bd:ac:dc:76:08:33:86:48:
13:2a:dc:d0:22:ac:83:ac:1f:45:0c:3e:db:9d:bc:3b:3c:eb:
84:cd:59:b0:e1:74:6f:ad:ea:8f:a5:93:df:bd:80:69:b2:f0:
76:c2:28:e0:a3:f5:15:48:c5:5b:9f:f0:dc:a1:9a:96:f8:b1:
28:a7:96:56:7d:30:7e:39:5d:29:af:4f:5a:2e:96:43:c7:d7:
b5:c7:54:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwlAyJGv/m4weeGmtCe/qfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmM5OGI1MTA2MWYzNDBjY2U0ZTBiNGNlMzYxY2UzNGFi
YzJmY2UwHhcNMjMxMjAxMTA1MzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjc0ZjQ1NzdjMjU5ZDM3YzhjZjQ4YjQxZTMzNDZhNDRjM2Q3ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7Sn+rb4shyT1Qf7IlTKYtUxvNUo
8dyS0yzosZdyeNQF7NnreiUd8FdC20rQMZ8AC9I+EqVMrDTfcFcHzFFq10Of5MRi
CMLpHZfNVzaFoWJ2rONW/LYb/AyDpLz3hL9X9dTokbrC17dJISxTcpRNm0VhbwoX
p5zZkYaU7AeKvlsD8p9Yed5GJ5iE/l+iObcazzgYmXczfixkkK+utAtfpCdzKn7l
aO3NCyEP07/kz4GOa48crMkqLvtjP+BR4wJtXiCw10ZwM0dePy728bjyYxst2rCa
kt+SBbIP/spqc82jSqAGlOm4n0l2yzFzCwcwthdj4y24ezprlIDoX6rU5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB909Fd8JZ03yM9ItB4zRqRMPX+7MB8GA1UdIwQY
MBaAFJJsmLUQYfNAzOTgtM42HONKvC/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva215WXRSQmg4MERNNU9DMHpqWWM0MHE4TDg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNTE1OWEtNDUyOS00OGZhLTk1ZTkt
ZGM3NmZlY2E5NGJmLzEvSDNUMFYzd2xuVGZJejBpMEhqTkdwRXc5ZjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNTE1OWEtNDUyOS00OGZhLTk1ZTktZGM3NmZlY2E5NGJm
LzEva215WXRSQmg4MERNNU9DMHpqWWM0MHE4TDg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+AuMA0G
CSqGSIb3DQEBCwUAA4IBAQAuuXhdWxvlrIdaF9r4z+2Ank5MXBlvisZUclsz9Sob
qp2W8PjTNjVHp5hyZkP3imk0xi/spVPP6+/oeLUxChRRteXaRPJoS9OC8xpzFABS
BOgp3yIyd8uWvYUdYD8ga5wbOf7iqjTer5Y8tMSUDs0+NIb4bpzXW3npz+mPmThq
HsIJa3/ZqZ70DaMrPwnCNaPZYaYJtWSwiKa393h1YafJrTVCeb8bovkdvOq7vazc
dggzhkgTKtzQIqyDrB9FDD7bnbw7POuEzVmw4XRvreqPpZPfvYBpsvB2wijgo/UV
SMVbn/DcoZqW+LEop5ZWfTB+OV0pr09aLpZDx9e1x1Qo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:07 2025 by rpki-client