Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/7d9ppz2nWWu5bsRzgU5yEIZNcbs.roa
File: 7d9ppz2nWWu5bsRzgU5yEIZNcbs.roa (raw, json)
Hash identifier: rGGSyMzlbnEmz+1Vmrj+ZWJHlAli3eDQD4NSdhLxz6s=
Subject key identifier: ED:DF:69:A7:3D:A7:59:6B:B9:6E:C4:73:81:4E:72:10:86:4D:71:BB
Certificate issuer: /CN=2fa5f05f99e0250040a431d2bedcab7f8928e9b2
Certificate serial: 01856E1420F228509EB54154693DC4BA6325
Authority key identifier: 2F:A5:F0:5F:99:E0:25:00:40:A4:31:D2:BE:DC:AB:7F:89:28:E9:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6XwX5ngJQBApDHSvtyrf4ko6bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/7d9ppz2nWWu5bsRzgU5yEIZNcbs.roa
Signing time: Sun 01 Jan 2023 16:04:51 +0000
ROA not before: Sun 01 Jan 2023 16:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8896
IP address blocks: 91.201.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:20:f2:28:50:9e:b5:41:54:69:3d:c4:ba:63:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa5f05f99e0250040a431d2bedcab7f8928e9b2
Validity
Not Before: Jan 1 16:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eddf69a73da7596bb96ec473814e7210864d71bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f7:34:3a:64:48:25:67:22:f7:66:1c:84:98:
94:90:42:2d:67:81:d8:76:c1:10:9e:59:dd:ed:3f:
51:e9:1d:72:e6:d6:db:15:68:7f:64:94:02:ea:ac:
79:36:57:44:c9:02:2d:26:06:8d:67:a6:c0:55:ea:
3e:e4:1c:a2:23:e8:bc:5f:d8:71:df:86:3f:57:c8:
32:85:49:b0:9c:4b:36:10:13:93:df:00:cb:ba:90:
06:24:1f:a4:19:88:35:ed:4b:61:9e:83:f0:fb:18:
89:2a:d9:27:17:44:a1:e1:8a:4f:99:2a:41:cd:9b:
b0:0a:39:7b:58:73:1f:b5:0e:44:aa:f4:94:f2:8f:
9d:a4:29:45:19:53:de:05:ac:81:1b:9f:e6:c7:91:
b5:fd:77:db:f0:d6:be:54:f9:f2:2c:1d:b7:74:c5:
15:bd:53:65:96:83:43:28:08:b0:cb:78:77:61:8b:
3c:4e:aa:08:b8:a3:2e:b3:51:04:0d:74:e4:61:7f:
b5:c0:a8:64:f7:07:84:51:47:a1:3a:f1:69:df:15:
c9:37:87:4b:ae:ce:e0:8b:2b:09:63:9d:6a:1c:2c:
a5:eb:c4:a4:f0:ab:29:37:4d:df:0b:5b:35:27:d8:
69:c3:3e:ab:e2:ea:6c:74:0c:e7:32:81:49:08:2f:
0a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:DF:69:A7:3D:A7:59:6B:B9:6E:C4:73:81:4E:72:10:86:4D:71:BB
X509v3 Authority Key Identifier:
keyid:2F:A5:F0:5F:99:E0:25:00:40:A4:31:D2:BE:DC:AB:7F:89:28:E9:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6XwX5ngJQBApDHSvtyrf4ko6bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/7d9ppz2nWWu5bsRzgU5yEIZNcbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/L6XwX5ngJQBApDHSvtyrf4ko6bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.201.0/24
Signature Algorithm: sha256WithRSAEncryption
32:79:02:26:1e:7c:22:4a:85:66:31:32:c4:51:6b:98:20:99:
6b:c9:93:ee:15:5f:7c:6c:ce:3b:69:27:38:88:cc:da:fa:63:
bf:d2:3f:d5:62:07:e9:df:a0:6c:09:79:a9:2f:5d:0d:ce:05:
44:a2:40:6a:bb:3f:4c:3b:84:57:c0:61:c1:9f:ca:a6:68:92:
30:63:59:f1:79:f5:7a:07:f2:4d:ce:59:82:94:e3:1d:10:ec:
e9:ae:db:1b:63:16:24:f7:32:e1:7a:14:07:cc:46:0e:fe:8c:
25:e4:cd:0f:32:56:0e:f0:43:d7:59:89:98:3a:e8:09:dd:f1:
13:9f:62:77:8d:a1:16:fd:8a:21:90:1c:98:1c:ae:1a:60:bc:
05:f8:1d:96:4e:bf:67:21:b4:59:f2:8e:8e:61:57:c1:65:e1:
30:5e:4a:14:c5:52:21:d6:75:c5:c0:e1:ad:c9:30:92:25:0a:
56:ae:6d:81:4b:6b:0a:21:9a:b6:89:40:74:98:63:ad:26:ea:
d3:34:24:2f:9b:0f:de:a4:fc:99:f0:ac:34:0d:60:24:ef:b4:
97:68:45:22:9f:d1:83:1a:6f:eb:00:a5:0d:13:62:d9:f5:01:
4b:d4:e3:79:1c:d0:97:45:ea:e0:60:92:47:45:83:46:29:76:
5e:97:47:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFCDyKFCetUFUaT3EumMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTVmMDVmOTllMDI1MDA0MGE0MzFkMmJlZGNhYjdmODky
OGU5YjIwHhcNMjMwMTAxMTYwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGRmNjlhNzNkYTc1OTZiYjk2ZWM0NzM4MTRlNzIxMDg2NGQ3MWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPc0OmRIJWci92YchJiUkEItZ4HY
dsEQnlnd7T9R6R1y5tbbFWh/ZJQC6qx5NldEyQItJgaNZ6bAVeo+5ByiI+i8X9hx
34Y/V8gyhUmwnEs2EBOT3wDLupAGJB+kGYg17UthnoPw+xiJKtknF0Sh4YpPmSpB
zZuwCjl7WHMftQ5EqvSU8o+dpClFGVPeBayBG5/mx5G1/Xfb8Na+VPnyLB23dMUV
vVNlloNDKAiwy3h3YYs8TqoIuKMus1EEDXTkYX+1wKhk9weEUUehOvFp3xXJN4dL
rs7giysJY51qHCyl68Sk8KspN03fC1s1J9hpwz6r4upsdAznMoFJCC8KkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO3faac9p1lruW7Ec4FOchCGTXG7MB8GA1UdIwQY
MBaAFC+l8F+Z4CUAQKQx0r7cq3+JKOmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZYd1g1bmdKUUJBcERIU3Z0eXJmNGtvNmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYzA2YmQtZTgzNC00MDVmLThjMzMt
OWU1ZjkwNTM4MzM2LzEvN2Q5cHB6Mm5XV3U1YnNSemdVNXlFSVpOY2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYzA2YmQtZTgzNC00MDVmLThjMzMtOWU1ZjkwNTM4MzM2
LzEvTDZYd1g1bmdKUUJBcERIU3Z0eXJmNGtvNmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8nJMA0G
CSqGSIb3DQEBCwUAA4IBAQAyeQImHnwiSoVmMTLEUWuYIJlryZPuFV98bM47aSc4
iMza+mO/0j/VYgfp36BsCXmpL10NzgVEokBquz9MO4RXwGHBn8qmaJIwY1nxefV6
B/JNzlmClOMdEOzprtsbYxYk9zLhehQHzEYO/owl5M0PMlYO8EPXWYmYOugJ3fET
n2J3jaEW/YohkByYHK4aYLwF+B2WTr9nIbRZ8o6OYVfBZeEwXkoUxVIh1nXFwOGt
yTCSJQpWrm2BS2sKIZq2iUB0mGOtJurTNCQvmw/epPyZ8Kw0DWAk77SXaEUin9GD
Gm/rAKUNE2LZ9QFL1ON5HNCXRergYJJHRYNGKXZel0fR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:35 2025 by rpki-client