Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/42fMV6obNSKznnoqwE8paEJGOBY.roa
File: 42fMV6obNSKznnoqwE8paEJGOBY.roa (raw, json)
Hash identifier: rXv+HmwrgtHu8sOhcJBCUgK0/DHpTBPgFIFiFHC/sWY=
Subject key identifier: E3:67:CC:57:AA:1B:35:22:B3:9E:7A:2A:C0:4F:29:68:42:46:38:16
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0189C21CE2DAFF28373C8CE4A28D7FC1873C
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/42fMV6obNSKznnoqwE8paEJGOBY.roa
Signing time: Fri 04 Aug 2023 19:53:40 +0000
ROA not before: Fri 04 Aug 2023 19:53:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 91.247.36.0/23 maxlen: 23
91.215.152.0/24 maxlen: 24
91.215.153.0/24 maxlen: 24
91.215.154.0/24 maxlen: 24
91.215.155.0/24 maxlen: 24
91.210.166.0/24 maxlen: 24
91.210.166.0/23 maxlen: 23
2001:67c:2f4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c2:1c:e2:da:ff:28:37:3c:8c:e4:a2:8d:7f:c1:87:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Aug 4 19:53:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e367cc57aa1b3522b39e7a2ac04f296842463816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d4:89:c1:8d:7e:df:8d:e2:09:62:52:cd:5b:
93:1f:a1:b0:c3:34:93:97:23:ab:bc:d4:e4:de:26:
63:aa:4c:9d:28:06:86:fc:18:f9:60:31:e0:ec:d3:
45:c7:3e:f3:1c:9f:7c:b3:e2:0a:50:7b:31:e1:5f:
2b:b7:44:06:7e:c1:92:d6:a1:6f:66:d2:c7:91:85:
6f:59:2d:e2:ea:b8:57:0c:8d:9a:93:da:1b:38:cd:
e5:e2:c3:be:82:a9:46:d0:75:e2:d9:af:83:db:c6:
cc:0d:2a:91:3a:ed:43:f6:dc:a8:f2:88:53:7f:4f:
1b:38:bd:8b:29:0a:43:35:a7:7f:57:f6:1a:a6:23:
9b:00:51:59:84:27:2d:dd:ae:56:83:1d:a3:7d:33:
a4:62:f3:13:fd:7d:43:11:50:33:aa:79:33:4b:1a:
8b:d4:bc:10:e1:cc:d1:7f:87:55:c9:02:97:14:f3:
1e:80:f8:23:7a:37:55:ab:c2:d5:84:b0:d3:c6:f4:
db:8a:f9:f2:80:f6:ca:24:81:52:2c:0a:1a:35:d8:
c2:62:21:13:7f:71:03:50:16:56:c3:16:21:8d:8e:
4e:6d:b2:e6:c9:78:2d:62:45:e6:08:08:50:a7:36:
54:5b:86:58:38:67:aa:cd:0e:f6:47:77:db:55:d2:
12:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:67:CC:57:AA:1B:35:22:B3:9E:7A:2A:C0:4F:29:68:42:46:38:16
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/42fMV6obNSKznnoqwE8paEJGOBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.166.0/23
91.215.152.0/22
91.247.36.0/23
IPv6:
2001:67c:2f4c::/48
Signature Algorithm: sha256WithRSAEncryption
6a:db:a4:8e:c6:f3:0b:15:34:0e:b8:ad:11:bc:64:18:1c:84:
66:a8:15:3e:e5:a7:cf:bb:b4:e8:d3:eb:c0:bd:ca:08:e5:82:
8a:ad:d9:61:34:82:8c:ab:70:2d:81:e6:1b:dc:7e:9e:b5:c6:
92:a9:c9:34:48:ae:4b:62:47:b5:d9:2f:64:75:53:9b:20:97:
b4:41:dd:1e:b9:1d:a8:cc:f7:f4:28:54:14:f6:e3:33:24:55:
16:76:b9:a1:fb:2f:de:63:59:c1:68:f8:5c:82:c6:c8:f9:0c:
43:34:50:6e:b3:6e:e4:c0:3a:68:64:d0:dd:2b:b4:c6:f3:50:
d0:4f:b2:96:3c:fb:af:22:b2:0d:02:2a:53:ca:91:6e:04:24:
91:4b:05:3c:34:40:4b:c2:17:ff:80:93:30:16:e8:6b:7f:7c:
19:4a:65:a9:9c:05:a2:41:c0:8e:70:b8:b1:a4:c9:d0:40:5c:
64:4d:dc:03:2e:1a:90:9f:94:8c:2c:e2:08:1f:d9:55:7c:22:
a8:a8:0d:de:a6:66:9b:37:f8:dc:5d:9d:42:4a:c1:82:44:6f:
33:40:d0:76:09:f0:84:9a:8f:e4:9e:8b:d4:b0:65:c9:78:e1:
a5:1e:f8:c5:44:a0:92:61:23:ba:0f:ba:b7:a0:98:b3:ba:3f:
5b:bd:5a:e8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYnCHOLa/yg3PIzkoo1/wYc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMwODA0MTk1MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY3Y2M1N2FhMWIzNTIyYjM5ZTdhMmFjMDRmMjk2ODQyNDYzODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdSJwY1+343iCWJSzVuTH6GwwzST
lyOrvNTk3iZjqkydKAaG/Bj5YDHg7NNFxz7zHJ98s+IKUHsx4V8rt0QGfsGS1qFv
ZtLHkYVvWS3i6rhXDI2ak9obOM3l4sO+gqlG0HXi2a+D28bMDSqROu1D9tyo8ohT
f08bOL2LKQpDNad/V/YapiObAFFZhCct3a5Wgx2jfTOkYvMT/X1DEVAzqnkzSxqL
1LwQ4czRf4dVyQKXFPMegPgjejdVq8LVhLDTxvTbivnygPbKJIFSLAoaNdjCYiET
f3EDUBZWwxYhjY5ObbLmyXgtYkXmCAhQpzZUW4ZYOGeqzQ72R3fbVdISlwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFONnzFeqGzUis556KsBPKWhCRjgWMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvNDJmTVY2b2JOU0t6bm5vcXdFOHBhRUpHT0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW9KmAwQC
W9eYAwQBW/ckMA8EAgACMAkDBwAgAQZ8L0wwDQYJKoZIhvcNAQELBQADggEBAGrb
pI7G8wsVNA64rRG8ZBgchGaoFT7lp8+7tOjT68C9ygjlgoqt2WE0goyrcC2B5hvc
fp61xpKpyTRIrktiR7XZL2R1U5sgl7RB3R65HajM9/QoVBT24zMkVRZ2uaH7L95j
WcFo+FyCxsj5DEM0UG6zbuTAOmhk0N0rtMbzUNBPspY8+68isg0CKlPKkW4EJJFL
BTw0QEvCF/+AkzAW6Gt/fBlKZamcBaJBwI5wuLGkydBAXGRN3AMuGpCflIws4ggf
2VV8IqioDd6mZps3+NxdnUJKwYJEbzNA0HYJ8ISaj+Sei9SwZcl44aUe+MVEoJJh
I7oPuregmLO6P1u9Wug=
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:10:48 2025 by rpki-client