Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/amAxoUhcovHlhukeOlGtM8gChwI.roa
File: amAxoUhcovHlhukeOlGtM8gChwI.roa (raw, json)
Hash identifier: oZhTbICRGYvXmHyOhiyRDA+IEME3Eto3FPll6uV1DJA=
Subject key identifier: 6A:60:31:A1:48:5C:A2:F1:E5:86:E9:1E:3A:51:AD:33:C8:02:87:02
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14AA3250C612A5AD71E594BD2192B3
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/amAxoUhcovHlhukeOlGtM8gChwI.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49617
IP address blocks: 91.215.60.0/23 maxlen: 23
91.215.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:aa:32:50:c6:12:a5:ad:71:e5:94:bd:21:92:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a6031a1485ca2f1e586e91e3a51ad33c8028702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b6:47:4c:8c:9e:6c:3e:2c:01:a1:aa:ec:16:
35:ff:40:75:55:05:5e:e7:5a:a1:76:ff:e2:5a:c3:
63:fa:1a:00:20:67:de:1b:cb:7d:04:e5:67:25:39:
5d:97:bd:90:d5:85:6a:2f:9b:5a:b3:dc:af:36:2f:
20:fd:32:6b:3a:c6:df:d7:a4:db:77:b7:9d:4e:88:
f5:20:a7:05:b5:1b:76:c0:a7:19:e8:8f:c9:9a:e7:
fd:9d:70:1d:1e:d9:d6:47:ad:d5:36:a9:1e:57:95:
7b:64:86:56:cb:a1:9b:66:78:59:35:86:91:2d:ac:
dd:0f:77:31:e7:31:df:41:b9:00:72:5a:dd:ab:9e:
6b:19:41:c6:4b:cb:dd:82:d9:07:27:a7:05:ba:9d:
72:91:89:9e:89:b3:b4:90:0a:e3:6f:f5:32:53:0d:
44:7f:ef:09:b9:90:c1:e5:f3:df:ef:18:9c:36:88:
19:cf:a0:91:3e:56:5c:95:7c:6d:77:17:ea:4f:b2:
9c:2a:1e:d7:0a:dc:28:d5:1a:f2:c3:04:cb:c9:9e:
ed:2c:ec:8d:b6:ba:08:2b:4e:07:b2:11:27:82:57:
d0:e6:36:29:6c:70:63:5b:26:b2:a2:78:70:a6:2b:
fc:0c:e4:d4:36:fd:1d:90:87:28:7a:2a:e4:23:f6:
9b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:60:31:A1:48:5C:A2:F1:E5:86:E9:1E:3A:51:AD:33:C8:02:87:02
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/amAxoUhcovHlhukeOlGtM8gChwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.60.0/22
Signature Algorithm: sha256WithRSAEncryption
03:53:02:9a:ac:aa:22:be:1e:ad:ea:04:40:b4:18:16:c1:16:
36:81:b7:0f:5d:d4:5c:9e:09:30:09:09:3f:8c:a1:75:9e:23:
61:39:84:aa:15:98:03:66:28:f0:0a:0c:90:91:49:ec:ac:c5:
fe:48:6d:a1:2c:91:22:f9:f9:e1:18:e1:df:04:f3:10:98:18:
db:cf:12:73:03:97:6b:e2:33:c7:21:ca:de:59:28:b0:fd:d0:
5f:bf:45:e1:dc:c4:36:91:ec:ae:b2:6b:e5:31:16:23:82:8f:
05:af:a9:4d:1a:3d:6d:e8:83:4a:a7:18:2e:e3:92:53:1c:83:
bf:0a:75:ca:23:d7:3e:d1:99:97:03:39:0b:31:56:86:2a:22:
49:f9:38:45:46:22:64:0b:ff:6e:e9:71:26:95:49:89:64:e2:
0a:38:37:99:43:9b:70:9e:15:60:14:e3:47:e3:92:27:7c:e9:
7a:f9:7e:4d:8f:2b:3f:81:21:78:3e:64:0c:97:71:23:dc:51:
4e:89:22:26:d2:a7:d1:cd:5b:37:a5:61:ff:17:62:88:2a:7d:
65:b4:42:f1:03:5b:00:95:4c:5a:d3:ae:c1:f7:0c:43:23:cb:
d7:9b:b4:ad:69:8d:08:e7:0a:d3:cb:e8:d2:10:85:53:d5:8b:
c3:55:83:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFKoyUMYSpa1x5ZS9IZKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYwMzFhMTQ4NWNhMmYxZTU4NmU5MWUzYTUxYWQzM2M4MDI4NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57ZHTIyebD4sAaGq7BY1/0B1VQVe
51qhdv/iWsNj+hoAIGfeG8t9BOVnJTldl72Q1YVqL5tas9yvNi8g/TJrOsbf16Tb
d7edToj1IKcFtRt2wKcZ6I/Jmuf9nXAdHtnWR63VNqkeV5V7ZIZWy6GbZnhZNYaR
LazdD3cx5zHfQbkAclrdq55rGUHGS8vdgtkHJ6cFup1ykYmeibO0kArjb/UyUw1E
f+8JuZDB5fPf7xicNogZz6CRPlZclXxtdxfqT7KcKh7XCtwo1RrywwTLyZ7tLOyN
troIK04HshEnglfQ5jYpbHBjWyayonhwpiv8DOTUNv0dkIcoeirkI/abnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpgMaFIXKLx5YbpHjpRrTPIAocCMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvYW1BeG9VaGNvdkhsaHVrZU9sR3RNOGdDaHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9c8MA0G
CSqGSIb3DQEBCwUAA4IBAQADUwKarKoivh6t6gRAtBgWwRY2gbcPXdRcngkwCQk/
jKF1niNhOYSqFZgDZijwCgyQkUnsrMX+SG2hLJEi+fnhGOHfBPMQmBjbzxJzA5dr
4jPHIcreWSiw/dBfv0Xh3MQ2keyusmvlMRYjgo8Fr6lNGj1t6INKpxgu45JTHIO/
CnXKI9c+0ZmXAzkLMVaGKiJJ+ThFRiJkC/9u6XEmlUmJZOIKODeZQ5twnhVgFONH
45InfOl6+X5Njys/gSF4PmQMl3Ej3FFOiSIm0qfRzVs3pWH/F2KIKn1ltELxA1sA
lUxa067B9wxDI8vXm7StaY0I5wrTy+jSEIVT1YvDVYOI
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:18:36 2025 by rpki-client