Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/963dvOEqVX99oF18Npk69DwLUhQ.roa
File: 963dvOEqVX99oF18Npk69DwLUhQ.roa (raw, json)
Hash identifier: /m5/TxkO+qdGlLySLTJUOmD/JdpH3Zrwg4eQ6zEw/3o=
Subject key identifier: F7:AD:DD:BC:E1:2A:55:7F:7D:A0:5D:7C:36:99:3A:F4:3C:0B:52:14
Certificate issuer: /CN=2b81c753b77665e7a59f8e508314f159356c228e
Certificate serial: 018571D7B5DDA5E16CF9F311B4AE3B347F85
Authority key identifier: 2B:81:C7:53:B7:76:65:E7:A5:9F:8E:50:83:14:F1:59:35:6C:22:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4HHU7d2Zeeln45QgxTxWTVsIo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/963dvOEqVX99oF18Npk69DwLUhQ.roa
Signing time: Mon 02 Jan 2023 09:37:20 +0000
ROA not before: Mon 02 Jan 2023 09:37:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56565
IP address blocks: 91.230.251.0/24 maxlen: 24
194.0.209.0/24 maxlen: 24
91.208.238.0/24 maxlen: 24
91.236.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b5:dd:a5:e1:6c:f9:f3:11:b4:ae:3b:34:7f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b81c753b77665e7a59f8e508314f159356c228e
Validity
Not Before: Jan 2 09:37:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7adddbce12a557f7da05d7c36993af43c0b5214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:27:d8:ab:77:c3:39:d7:1d:7b:92:1c:51:ee:
38:a7:ff:af:c4:5a:4c:05:03:02:7c:6a:22:4d:22:
86:c2:c4:03:d1:15:b8:cf:70:ca:3d:a9:bb:22:3b:
37:32:5d:01:9c:cd:a3:55:2b:8d:7e:8d:59:f5:93:
c9:dd:10:f5:44:50:84:da:a3:a6:87:10:1e:cb:4d:
2a:41:35:d2:af:dd:f8:5a:6d:22:2f:37:91:96:b2:
74:6f:9f:ae:7d:ef:5f:cc:5c:bb:b1:c0:ac:c7:d4:
bb:24:ff:d5:ad:a5:e0:23:71:6f:ab:27:48:04:3e:
44:e6:bf:49:3d:56:35:a7:fc:6d:ee:6d:b5:2d:26:
ab:55:34:68:49:05:dd:15:d2:e1:c0:ad:ea:c2:26:
d2:2b:64:c9:c3:76:52:4a:c5:c6:12:52:35:31:4e:
d7:bb:a3:2a:0f:32:30:4d:df:e9:04:2b:95:b5:8b:
97:0e:4e:60:b2:7a:6a:3d:ec:ef:53:a1:e9:8d:4b:
bd:2b:eb:6f:71:cc:c4:f6:b6:5f:80:d4:fd:e6:43:
52:10:da:7d:18:db:65:6e:23:6d:3a:9e:c6:9d:9c:
7d:e6:2c:9f:c9:06:ef:c4:1d:e7:ae:ae:25:57:59:
c3:4b:e7:7c:d1:46:81:db:02:15:4f:f3:68:4e:a5:
40:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AD:DD:BC:E1:2A:55:7F:7D:A0:5D:7C:36:99:3A:F4:3C:0B:52:14
X509v3 Authority Key Identifier:
keyid:2B:81:C7:53:B7:76:65:E7:A5:9F:8E:50:83:14:F1:59:35:6C:22:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4HHU7d2Zeeln45QgxTxWTVsIo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/963dvOEqVX99oF18Npk69DwLUhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/K4HHU7d2Zeeln45QgxTxWTVsIo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.238.0/24
91.230.251.0/24
91.236.205.0/24
194.0.209.0/24
Signature Algorithm: sha256WithRSAEncryption
13:6a:d7:19:66:90:1c:b1:0b:84:25:c5:89:12:19:a8:7a:e8:
d8:6e:af:04:5b:79:34:5d:32:4a:51:b6:57:03:23:75:1f:0c:
35:d0:63:8d:3c:be:73:3a:ef:af:58:3a:12:c1:56:03:67:51:
30:19:66:a7:4f:86:76:7b:54:45:d9:02:28:9b:93:de:92:60:
c3:e2:1a:fb:11:30:b6:17:b8:c1:05:87:3f:d6:bb:54:58:f7:
e2:69:70:49:48:c0:7f:24:76:b0:17:09:c7:e4:34:b0:d3:e8:
78:fc:9d:0c:4a:ba:da:b5:ed:72:fe:7e:2d:43:f4:2e:66:0c:
ee:c6:8f:ea:98:d4:eb:88:e5:cf:1d:60:a8:9d:0d:7c:db:31:
fd:91:d3:34:0e:93:dc:9b:e3:7f:98:f2:47:d3:cc:b5:79:c0:
9a:d9:cc:46:e0:c3:66:16:f4:c1:74:2c:fb:8d:d8:c6:d3:69:
53:75:37:65:f1:7f:98:b0:b9:e0:4d:a8:8b:fe:85:f9:fa:12:
1d:5f:42:35:7d:f4:8f:fa:b8:06:88:d5:eb:e7:c0:5a:8d:02:
ec:77:63:fe:91:99:5c:46:1b:1d:35:ea:89:6c:8b:da:29:84:
19:23:60:8d:28:91:bb:f5:15:24:03:d1:8e:61:78:f8:77:4b:
77:f6:a7:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx17XdpeFs+fMRtK47NH+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODFjNzUzYjc3NjY1ZTdhNTlmOGU1MDgzMTRmMTU5MzU2
YzIyOGUwHhcNMjMwMTAyMDkzNzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FkZGRiY2UxMmE1NTdmN2RhMDVkN2MzNjk5M2FmNDNjMGI1MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCfYq3fDOdcde5IcUe44p/+vxFpM
BQMCfGoiTSKGwsQD0RW4z3DKPam7Ijs3Ml0BnM2jVSuNfo1Z9ZPJ3RD1RFCE2qOm
hxAey00qQTXSr934Wm0iLzeRlrJ0b5+ufe9fzFy7scCsx9S7JP/VraXgI3FvqydI
BD5E5r9JPVY1p/xt7m21LSarVTRoSQXdFdLhwK3qwibSK2TJw3ZSSsXGElI1MU7X
u6MqDzIwTd/pBCuVtYuXDk5gsnpqPezvU6HpjUu9K+tvcczE9rZfgNT95kNSENp9
GNtlbiNtOp7GnZx95iyfyQbvxB3nrq4lV1nDS+d80UaB2wIVT/NoTqVA+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPet3bzhKlV/faBdfDaZOvQ8C1IUMB8GA1UdIwQY
MBaAFCuBx1O3dmXnpZ+OUIMU8Vk1bCKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRISFU3ZDJaZWVsbjQ1UWd4VHhXVFZzSW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZjdiMDMtZTc5Ni00MGFkLWI2NmIt
NTg3YWVmNmRjMjg1LzEvOTYzZHZPRXFWWDk5b0YxOE5wazY5RHdMVWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZjdiMDMtZTc5Ni00MGFkLWI2NmItNTg3YWVmNmRjMjg1
LzEvSzRISFU3ZDJaZWVsbjQ1UWd4VHhXVFZzSW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9DuAwQA
W+b7AwQAW+zNAwQAwgDRMA0GCSqGSIb3DQEBCwUAA4IBAQATatcZZpAcsQuEJcWJ
EhmoeujYbq8EW3k0XTJKUbZXAyN1Hww10GONPL5zOu+vWDoSwVYDZ1EwGWanT4Z2
e1RF2QIom5PekmDD4hr7ETC2F7jBBYc/1rtUWPfiaXBJSMB/JHawFwnH5DSw0+h4
/J0MSrrate1y/n4tQ/QuZgzuxo/qmNTriOXPHWConQ182zH9kdM0DpPcm+N/mPJH
08y1ecCa2cxG4MNmFvTBdCz7jdjG02lTdTdl8X+YsLngTaiL/oX5+hIdX0I1ffSP
+rgGiNXr58BajQLsd2P+kZlcRhsdNeqJbIvaKYQZI2CNKJG79RUkA9GOYXj4d0t3
9qeJ
-----END CERTIFICATE-----
Generated at Thu May 1 05:00:08 2025 by rpki-client