Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/F0CqAuL9VIK844bro0891hUXlIE.roa
File: F0CqAuL9VIK844bro0891hUXlIE.roa (raw, json)
Hash identifier: /r0H9FGu3igDGE/tmDyCw+T7Y+SpKFMcWNv+zo6HwVw=
Subject key identifier: 17:40:AA:02:E2:FD:54:82:BC:E3:86:EB:A3:4F:3D:D6:15:17:94:81
Certificate issuer: /CN=5965c62f10c25e7a7ef18356833aa4f9b9842c6a
Certificate serial: 01856DCAFFD94E59037B2643F5E02D203FE3
Authority key identifier: 59:65:C6:2F:10:C2:5E:7A:7E:F1:83:56:83:3A:A4:F9:B9:84:2C:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WWXGLxDCXnp-8YNWgzqk-bmELGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/F0CqAuL9VIK844bro0891hUXlIE.roa
Signing time: Sun 01 Jan 2023 14:44:58 +0000
ROA not before: Sun 01 Jan 2023 14:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59437
IP address blocks: 91.239.86.0/24 maxlen: 24
2a11:cc80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ff:d9:4e:59:03:7b:26:43:f5:e0:2d:20:3f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5965c62f10c25e7a7ef18356833aa4f9b9842c6a
Validity
Not Before: Jan 1 14:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1740aa02e2fd5482bce386eba34f3dd615179481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:08:0e:de:2c:c5:67:b7:3b:a3:c8:24:ce:7f:
47:a3:1d:47:28:82:e0:1e:12:40:40:77:0c:3c:4e:
26:91:a1:d6:ae:a9:d6:3b:9f:8d:e1:1a:2b:a3:be:
d4:0e:56:19:0f:e3:a3:16:d2:b7:fe:b0:13:a3:e9:
da:2d:7d:14:c0:6c:c2:c6:b6:33:84:a5:ac:40:24:
09:5d:e3:d5:35:06:51:46:4b:93:84:89:b0:72:2a:
5c:0a:bf:a7:0e:be:1a:42:7c:23:b8:2a:65:7c:72:
49:a0:3d:8f:67:5f:d0:36:60:29:53:04:07:bc:7d:
06:a0:55:d8:db:c9:cc:0a:cd:a6:78:1c:06:ac:ca:
df:91:d3:12:84:e8:ab:cf:bf:6a:25:86:76:5a:d7:
89:6d:9c:28:d3:f0:a9:12:4b:45:12:a9:2d:62:89:
1f:88:1b:4e:c0:76:79:14:89:c3:97:02:bc:ba:79:
af:34:2c:d0:9e:f1:65:09:f0:88:9b:ec:7d:15:92:
39:90:78:09:72:c2:2c:d2:68:98:9b:6f:d3:09:d8:
01:95:64:20:57:c4:a2:d0:d3:4f:28:60:d6:63:bc:
39:70:0b:ca:bf:88:b4:2b:7e:b6:ad:0e:1b:7f:53:
96:79:73:ae:93:ab:18:83:f4:f8:17:5d:77:68:2c:
88:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:40:AA:02:E2:FD:54:82:BC:E3:86:EB:A3:4F:3D:D6:15:17:94:81
X509v3 Authority Key Identifier:
keyid:59:65:C6:2F:10:C2:5E:7A:7E:F1:83:56:83:3A:A4:F9:B9:84:2C:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WWXGLxDCXnp-8YNWgzqk-bmELGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/F0CqAuL9VIK844bro0891hUXlIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/WWXGLxDCXnp-8YNWgzqk-bmELGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.86.0/24
IPv6:
2a11:cc80::/29
Signature Algorithm: sha256WithRSAEncryption
b0:2b:9f:f6:e8:c4:c5:e7:f3:af:e0:e1:ee:27:81:68:99:44:
d5:99:59:a6:86:6d:bb:1e:20:21:eb:24:37:d8:8c:0c:bb:e1:
14:73:6d:5b:6a:c1:37:9b:05:22:d9:30:4b:19:66:1a:16:b4:
66:c9:2c:c2:0e:f6:d7:20:23:a8:dc:71:d3:9c:a4:76:2d:cd:
a7:1d:96:c6:45:d4:69:26:80:20:80:48:08:ae:f9:36:0c:11:
2d:de:b6:48:ee:f2:42:91:a4:74:7d:ae:7c:fe:08:38:03:f3:
8e:b6:54:83:00:69:d0:3a:7b:02:ef:f3:98:70:6d:09:4a:9f:
2c:43:3f:f8:6f:02:4e:5e:f7:f0:37:3d:47:bf:58:04:65:42:
4a:e4:57:71:17:09:e8:66:b8:81:86:35:0a:ec:24:ca:ec:d9:
79:39:04:f6:46:d8:6c:92:15:eb:d8:3c:e6:dd:fc:d0:7e:5c:
9b:4b:fa:48:6f:1c:36:fb:d8:a8:aa:81:38:48:96:32:95:7b:
f6:b6:48:5b:36:80:96:55:ec:f2:ab:7f:ed:be:5d:a0:53:b1:
cf:5d:e1:b2:46:49:b5:1e:ba:45:24:01:71:fc:ee:c3:bf:7f:
b1:ae:a2:60:d0:96:b0:61:59:00:15:21:8d:09:53:b1:0c:3f:
15:f5:14:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtyv/ZTlkDeyZD9eAtID/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NjVjNjJmMTBjMjVlN2E3ZWYxODM1NjgzM2FhNGY5Yjk4
NDJjNmEwHhcNMjMwMTAxMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQwYWEwMmUyZmQ1NDgyYmNlMzg2ZWJhMzRmM2RkNjE1MTc5NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlggO3izFZ7c7o8gkzn9Hox1HKILg
HhJAQHcMPE4mkaHWrqnWO5+N4Roro77UDlYZD+OjFtK3/rATo+naLX0UwGzCxrYz
hKWsQCQJXePVNQZRRkuThImwcipcCr+nDr4aQnwjuCplfHJJoD2PZ1/QNmApUwQH
vH0GoFXY28nMCs2meBwGrMrfkdMShOirz79qJYZ2WteJbZwo0/CpEktFEqktYokf
iBtOwHZ5FInDlwK8unmvNCzQnvFlCfCIm+x9FZI5kHgJcsIs0miYm2/TCdgBlWQg
V8Si0NNPKGDWY7w5cAvKv4i0K362rQ4bf1OWeXOuk6sYg/T4F113aCyIfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBdAqgLi/VSCvOOG66NPPdYVF5SBMB8GA1UdIwQY
MBaAFFllxi8Qwl56fvGDVoM6pPm5hCxqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1dYR0x4RENYbnAtOFlOV2d6cWstYm1FTEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hYmQyYTctM2JmZC00NjEzLTlmMDEt
NmNhN2M1NDI2M2I5LzEvRjBDcUF1TDlWSUs4NDRicm8wODkxaFVYbElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hYmQyYTctM2JmZC00NjEzLTlmMDEtNmNhN2M1NDI2M2I5
LzEvV1dYR0x4RENYbnAtOFlOV2d6cWstYm1FTEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+9WMA0E
AgACMAcDBQMqEcyAMA0GCSqGSIb3DQEBCwUAA4IBAQCwK5/26MTF5/Ov4OHuJ4Fo
mUTVmVmmhm27HiAh6yQ32IwMu+EUc21basE3mwUi2TBLGWYaFrRmySzCDvbXICOo
3HHTnKR2Lc2nHZbGRdRpJoAggEgIrvk2DBEt3rZI7vJCkaR0fa58/gg4A/OOtlSD
AGnQOnsC7/OYcG0JSp8sQz/4bwJOXvfwNz1Hv1gEZUJK5FdxFwnoZriBhjUK7CTK
7Nl5OQT2RthskhXr2Dzm3fzQflybS/pIbxw2+9ioqoE4SJYylXv2tkhbNoCWVezy
q3/tvl2gU7HPXeGyRkm1HrpFJAFx/O7Dv3+xrqJg0JawYVkAFSGNCVOxDD8V9RQy
-----END CERTIFICATE-----
Generated at Thu May 1 01:10:04 2025 by rpki-client