Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5nI_BJ0p8U7XumHBWF0JZULYjNE.roa
File: 5nI_BJ0p8U7XumHBWF0JZULYjNE.roa (raw, json)
Hash identifier: 2TkoKRcJypw1MJEf1UaPWCRJi5jYAwb2exjP7d8yfv0=
Subject key identifier: E6:72:3F:04:9D:29:F1:4E:D7:BA:61:C1:58:5D:09:65:42:D8:8C:D1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A6979DAE1951F8FD62FCA4C4C27B2358F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5nI_BJ0p8U7XumHBWF0JZULYjNE.roa
Signing time: Wed 06 Sep 2023 07:51:48 +0000
ROA not before: Wed 06 Sep 2023 07:51:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:79:da:e1:95:1f:8f:d6:2f:ca:4c:4c:27:b2:35:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 6 07:51:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6723f049d29f14ed7ba61c1585d096542d88cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:3c:3e:b5:ea:d5:fe:9d:0f:b2:67:5f:4f:
17:6b:64:18:cf:cd:ba:af:50:d9:b6:47:97:82:7e:
9a:66:13:e8:4c:84:46:52:1f:8e:71:ed:0d:3b:2b:
2a:b4:51:fe:04:24:91:92:58:12:86:8a:90:05:c5:
c6:01:10:81:66:56:5e:53:17:07:de:f1:77:4a:4d:
54:fa:45:28:09:8e:00:26:12:aa:a8:4d:cf:df:05:
db:34:5b:9c:08:13:b2:0b:81:ea:76:d9:73:e9:e3:
f3:95:20:f6:70:19:eb:f7:88:50:2e:d0:89:c6:3d:
b1:97:5d:82:c4:85:7c:c3:36:8e:1f:1d:4a:d8:19:
f5:f1:bf:8b:90:3b:7d:32:9f:97:c5:67:44:82:95:
28:4c:85:3b:19:f6:56:70:e4:51:4a:d2:71:06:3e:
ea:21:26:d3:05:dd:d1:59:07:6b:f2:a3:16:34:a1:
e8:f0:09:63:07:43:90:80:de:d9:a8:e0:9f:ab:7b:
bb:f0:79:42:36:2b:dd:32:65:0a:ef:80:40:e2:18:
7a:83:0c:84:58:4b:8d:55:bc:e0:72:31:4e:cf:4f:
e5:f9:02:28:4a:0e:ab:63:c3:3e:ce:26:c0:7f:ec:
c4:26:dc:ee:12:7f:74:64:48:50:e4:01:a0:55:ed:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:72:3F:04:9D:29:F1:4E:D7:BA:61:C1:58:5D:09:65:42:D8:8C:D1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5nI_BJ0p8U7XumHBWF0JZULYjNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.249.0-91.217.250.255
188.213.202.0/24
Signature Algorithm: sha256WithRSAEncryption
90:78:7a:8f:3e:d7:e5:e1:a9:05:d1:fe:88:18:0e:e5:ba:6f:
ce:d8:01:de:8f:3e:2e:01:23:a1:31:d1:e0:db:bb:fa:81:2a:
2c:52:6c:f3:ea:eb:a3:e7:18:a8:37:52:be:65:2b:16:e3:7b:
f5:8d:ca:0f:29:e0:15:ed:19:26:78:af:9c:cf:3f:6a:f5:62:
47:d6:af:e3:ca:9c:e1:c7:2d:63:3f:d9:21:b3:9a:4c:a7:3f:
a3:b6:e9:fa:62:1e:5e:c2:4f:3a:63:29:69:b4:ef:e3:d0:33:
b6:f0:a9:8b:a1:83:1c:48:85:4f:45:ed:f9:8f:81:0b:47:dd:
70:bf:91:a6:02:86:a2:94:3e:ba:1c:7b:11:13:83:1e:cb:10:
9e:d8:1d:65:ee:53:5d:1c:d5:44:46:85:8a:7b:a4:43:53:d1:
f2:e7:0d:21:14:c5:cf:f3:5a:15:d3:2b:44:e7:e6:76:7e:b6:
3a:9a:13:2d:2c:be:0c:d7:e8:d9:fc:0b:2f:4d:bd:c9:d9:f1:
15:47:d0:05:b3:8c:ac:9b:fc:61:af:e9:4a:6d:cb:7f:00:40:
8d:f6:8d:46:5d:c2:7a:b6:8e:9a:65:9f:03:72:76:48:de:9a:
0a:4d:1a:67:ad:d4:1b:bb:89:d4:78:dd:e3:83:da:3a:d2:eb:
c6:17:8d:bd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYppedrhlR+P1i/KTEwnsjWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTA2MDc1MTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjcyM2YwNDlkMjlmMTRlZDdiYTYxYzE1ODVkMDk2NTQyZDg4Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGI8PrXq1f6dD7JnX08Xa2QYz826
r1DZtkeXgn6aZhPoTIRGUh+Oce0NOysqtFH+BCSRklgShoqQBcXGARCBZlZeUxcH
3vF3Sk1U+kUoCY4AJhKqqE3P3wXbNFucCBOyC4Hqdtlz6ePzlSD2cBnr94hQLtCJ
xj2xl12CxIV8wzaOHx1K2Bn18b+LkDt9Mp+XxWdEgpUoTIU7GfZWcORRStJxBj7q
ISbTBd3RWQdr8qMWNKHo8AljB0OQgN7ZqOCfq3u78HlCNivdMmUK74BA4hh6gwyE
WEuNVbzgcjFOz0/l+QIoSg6rY8M+zibAf+zEJtzuEn90ZEhQ5AGgVe3v6wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOZyPwSdKfFO17phwVhdCWVC2IzRMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNW5JX0JKMHA4VTdYdW1IQldGMEpaVUxZak5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABb2fkD
BABb2foDBAC81cowDQYJKoZIhvcNAQELBQADggEBAJB4eo8+1+XhqQXR/ogYDuW6
b87YAd6PPi4BI6Ex0eDbu/qBKixSbPPq66PnGKg3Ur5lKxbje/WNyg8p4BXtGSZ4
r5zPP2r1YkfWr+PKnOHHLWM/2SGzmkynP6O26fpiHl7CTzpjKWm07+PQM7bwqYuh
gxxIhU9F7fmPgQtH3XC/kaYChqKUProcexETgx7LEJ7YHWXuU10c1URGhYp7pENT
0fLnDSEUxc/zWhXTK0Tn5nZ+tjqaEy0svgzX6Nn8Cy9NvcnZ8RVH0AWzjKyb/GGv
6Upty38AQI32jUZdwnq2jpplnwNydkjemgpNGmet1Bu7idR43eOD2jrS68YXjb0=
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:24:40 2025 by rpki-client