Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/MraKnYGFHDyaxje1bhBpq89Ptgk.roa
File: MraKnYGFHDyaxje1bhBpq89Ptgk.roa (raw, json)
Hash identifier: sS9TgNOCSUDaUxeGYTwo3tNhxL4IBl0hmQEnyvnHIRU=
Subject key identifier: 32:B6:8A:9D:81:85:1C:3C:9A:C6:37:B5:6E:10:69:AB:CF:4F:B6:09
Certificate issuer: /CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Certificate serial: 0185CFBC38D6D12D9E32BF09B799CA7485D7
Authority key identifier: F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/MraKnYGFHDyaxje1bhBpq89Ptgk.roa
Signing time: Fri 20 Jan 2023 15:11:37 +0000
ROA not before: Fri 20 Jan 2023 15:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12874
IP address blocks: 91.205.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:bc:38:d6:d1:2d:9e:32:bf:09:b7:99:ca:74:85:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Validity
Not Before: Jan 20 15:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32b68a9d81851c3c9ac637b56e1069abcf4fb609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:54:de:21:3d:7f:02:5d:d5:ff:ce:c5:bc:9a:
df:2d:76:2e:30:cf:b7:89:c8:7f:2e:2b:b9:4f:ce:
90:d4:49:96:19:cc:c7:b5:17:35:98:7f:90:25:b0:
c0:32:3f:cf:15:2a:97:d8:3f:cc:42:9c:42:14:50:
64:64:de:bc:1e:14:0d:97:4e:56:6e:62:60:26:35:
5a:0c:17:31:3f:d2:2d:46:d0:d4:b2:0f:b8:ac:1f:
1b:36:57:8e:b8:e0:9c:9a:80:8c:46:91:a1:49:3d:
14:b7:4d:48:71:ce:08:16:f9:7e:b0:bf:08:82:65:
0b:89:d3:75:13:29:e5:ac:52:1d:87:ff:b0:78:3c:
03:73:93:1a:8d:dd:37:c2:e7:c8:00:f0:82:b8:a3:
61:21:e0:63:28:3f:03:df:dc:ae:6f:d9:28:31:eb:
49:c9:51:49:36:04:f5:7e:2f:00:99:43:bf:11:9c:
63:90:46:e0:72:06:b0:88:80:1f:a1:cf:0f:1c:12:
76:6e:84:ad:23:9b:7d:3c:97:bc:06:ce:bd:52:00:
0c:95:0f:d5:99:91:ee:1a:c7:06:36:03:ea:f6:06:
03:1d:c9:7a:eb:4b:32:f6:67:29:6f:1b:30:96:8b:
d6:1a:bf:7c:0a:fd:46:bb:21:79:c6:ea:f9:6e:f4:
f7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B6:8A:9D:81:85:1C:3C:9A:C6:37:B5:6E:10:69:AB:CF:4F:B6:09
X509v3 Authority Key Identifier:
keyid:F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/MraKnYGFHDyaxje1bhBpq89Ptgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.82.0/24
Signature Algorithm: sha256WithRSAEncryption
17:53:07:ee:c3:89:f8:fa:63:49:90:b4:8b:b9:2c:59:4d:42:
28:ac:2f:32:9f:63:d7:fa:2e:ea:6e:a1:6b:81:5b:11:0f:ce:
34:be:e1:db:c1:40:36:d4:41:f2:21:f3:e8:bc:20:fa:8a:26:
b8:58:e8:00:01:0c:d4:c0:85:99:a7:98:9f:fb:de:16:38:25:
e4:48:41:7b:50:9f:3c:62:44:16:67:86:1a:84:9a:11:e4:a3:
ed:f1:fd:33:73:98:43:02:00:61:ef:99:44:54:83:6d:3d:f6:
72:38:cf:ce:e6:3a:3c:28:a6:c2:9d:42:ad:ef:6f:9c:72:14:
c2:01:cc:39:ed:54:8d:33:4e:4c:0f:d6:6e:5d:bb:70:95:97:
d8:d4:91:ab:c1:67:04:ac:bc:af:1d:0a:5d:e9:bd:a1:fa:b3:
5b:14:ed:3e:f7:ac:db:c3:a2:b2:22:bb:c1:d2:de:c0:ea:ae:
dc:5f:c2:62:1c:f6:f3:af:e3:15:58:2c:25:69:73:6c:93:b5:
e5:17:33:a0:fd:4d:f4:be:2c:21:54:bc:91:18:71:53:9e:6a:
81:5f:54:fd:2a:8a:69:4e:42:8d:ca:3f:11:79:6f:3a:90:0b:
33:ad:9c:f9:91:fc:ef:9c:9d:fb:d8:a9:1b:cb:01:72:a3:ad:
1d:06:8a:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXPvDjW0S2eMr8Jt5nKdIXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NTdjMDIwY2RjMjJiNjhkYTI2YTQ2OWY2ZmZhNmI0NDgz
NzBkMWQwHhcNMjMwMTIwMTUxMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmI2OGE5ZDgxODUxYzNjOWFjNjM3YjU2ZTEwNjlhYmNmNGZiNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFTeIT1/Al3V/87FvJrfLXYuMM+3
ich/Liu5T86Q1EmWGczHtRc1mH+QJbDAMj/PFSqX2D/MQpxCFFBkZN68HhQNl05W
bmJgJjVaDBcxP9ItRtDUsg+4rB8bNleOuOCcmoCMRpGhST0Ut01Icc4IFvl+sL8I
gmULidN1EynlrFIdh/+weDwDc5Majd03wufIAPCCuKNhIeBjKD8D39yub9koMetJ
yVFJNgT1fi8AmUO/EZxjkEbgcgawiIAfoc8PHBJ2boStI5t9PJe8Bs69UgAMlQ/V
mZHuGscGNgPq9gYDHcl660sy9mcpbxswlovWGr98Cv1GuyF5xur5bvT3sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDK2ip2BhRw8msY3tW4QaavPT7YJMB8GA1UdIwQY
MBaAFPRXwCDNwito2iakafb/prRINw0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAt
N2JhZmQ0M2U3ODYyLzEvTXJhS25ZR0ZIRHlheGplMWJoQnBxODlQdGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAtN2JhZmQ0M2U3ODYy
LzEvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW81SMA0G
CSqGSIb3DQEBCwUAA4IBAQAXUwfuw4n4+mNJkLSLuSxZTUIorC8yn2PX+i7qbqFr
gVsRD840vuHbwUA21EHyIfPovCD6iia4WOgAAQzUwIWZp5if+94WOCXkSEF7UJ88
YkQWZ4YahJoR5KPt8f0zc5hDAgBh75lEVINtPfZyOM/O5jo8KKbCnUKt72+cchTC
Acw57VSNM05MD9ZuXbtwlZfY1JGrwWcErLyvHQpd6b2h+rNbFO0+96zbw6KyIrvB
0t7A6q7cX8JiHPbzr+MVWCwlaXNsk7XlFzOg/U30viwhVLyRGHFTnmqBX1T9Kopp
TkKNyj8ReW86kAszrZz5kfzvnJ372KkbywFyo60dBoq8
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:17 2025 by rpki-client