Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/EhYVUW_WTuH1KrmgTzpFP6_e0ac.roa
File: EhYVUW_WTuH1KrmgTzpFP6_e0ac.roa (raw, json)
Hash identifier: 9G0e9XvUAY/+0ShOomsGcri7opugw0zVlYGeeT/Brtk=
Subject key identifier: 12:16:15:51:6F:D6:4E:E1:F5:2A:B9:A0:4F:3A:45:3F:AF:DE:D1:A7
Certificate issuer: /CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Certificate serial: 01856FD4EFAC8E8067EB810F0030B1409EEE
Authority key identifier: 28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/EhYVUW_WTuH1KrmgTzpFP6_e0ac.roa
Signing time: Mon 02 Jan 2023 00:15:03 +0000
ROA not before: Mon 02 Jan 2023 00:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60945
IP address blocks: 92.60.44.0/22 maxlen: 24
91.218.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:ef:ac:8e:80:67:eb:81:0f:00:30:b1:40:9e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Validity
Not Before: Jan 2 00:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=121615516fd64ee1f52ab9a04f3a453fafded1a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:79:3d:02:f6:44:e6:1c:68:7f:c8:6d:ee:2e:
3a:ca:bb:d9:e8:36:1a:e3:36:18:0b:00:38:98:7c:
11:fa:27:96:98:3f:90:4e:cf:18:6e:78:e3:a8:e7:
e5:84:87:d1:13:ed:5c:da:a2:78:7b:1e:81:32:b6:
fe:4d:09:23:dd:f8:ac:83:a2:49:04:d8:da:e4:61:
4a:5a:5f:97:9a:b7:23:09:25:58:fa:09:16:21:e0:
4f:53:54:7b:c2:b8:f1:10:db:71:c6:db:06:77:47:
e4:36:bb:d3:7e:6f:2f:fa:8a:33:62:f2:fc:fb:3c:
63:ae:95:5a:04:90:06:f2:37:ce:8b:c3:47:cd:03:
fc:9f:f4:8b:35:d2:4c:c8:43:14:2b:e6:30:71:76:
3d:b9:14:95:77:42:d8:9b:3b:0f:55:dd:4f:8e:80:
f7:c9:3a:51:52:57:f9:b0:8f:de:6b:04:0d:9d:27:
3b:56:73:07:38:7d:9a:ea:36:f7:24:25:37:a0:40:
db:00:c5:44:eb:4a:06:14:14:cf:5a:58:c0:c7:f8:
3a:27:2c:f7:7b:2f:2e:5b:4e:99:9a:70:21:53:9d:
2c:b8:56:7a:5c:ff:1b:0c:f9:a9:46:b6:9c:e6:96:
49:c3:ea:97:4c:4d:a0:de:79:74:62:e4:33:e8:3f:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:16:15:51:6F:D6:4E:E1:F5:2A:B9:A0:4F:3A:45:3F:AF:DE:D1:A7
X509v3 Authority Key Identifier:
keyid:28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/EhYVUW_WTuH1KrmgTzpFP6_e0ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/KKye3SQL_EUgzgvJskWWPSTiv-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.58.0/24
92.60.44.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:81:8b:0d:a6:a7:f5:d4:a2:31:6e:14:fd:f9:82:0b:18:db:
a9:12:2f:63:93:91:6b:46:aa:1c:3b:06:dd:37:2a:91:08:c6:
40:a4:92:41:0d:6b:22:32:2d:57:a6:f7:27:c9:d4:c9:65:d6:
52:3b:9f:30:72:b5:7d:64:2a:f8:8d:1e:47:ba:06:aa:40:e3:
01:7b:26:16:d8:c7:72:e9:9a:5b:72:da:c4:a1:4b:8c:99:68:
f7:56:0e:21:2c:50:cc:94:9b:0d:20:2f:03:c1:c0:2b:28:72:
d4:f9:61:35:ec:6f:b8:65:af:10:b6:19:99:7d:94:84:17:fe:
da:a1:5f:d5:f1:f1:40:f8:1b:0a:4b:81:a9:7c:af:72:5c:49:
f8:b0:46:f1:a8:a8:0d:7f:6c:39:b5:4c:64:c5:77:84:40:ee:
b8:bc:5f:93:fb:9f:55:5a:e4:32:62:d1:dd:ec:90:15:3f:25:
a4:83:cf:f9:f0:e0:94:61:0f:04:bb:47:ed:af:7f:44:57:84:
df:b8:de:10:44:8d:68:74:7c:ff:d1:fb:52:22:ce:22:f1:79:
59:fe:cb:1b:5c:37:26:c9:d2:87:bd:db:fc:36:1e:75:77:e1:
35:6d:d3:3e:98:1b:02:5f:d5:d4:23:2c:49:da:b6:07:d2:f5:
0c:82:d1:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv1O+sjoBn64EPADCxQJ7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YWM5ZWRkMjQwYmZjNDUyMGNlMGJjOWIyNDU5NjNkMjRl
MmJmZTIwHhcNMjMwMTAyMDAxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE2MTU1MTZmZDY0ZWUxZjUyYWI5YTA0ZjNhNDUzZmFmZGVkMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXk9AvZE5hxof8ht7i46yrvZ6DYa
4zYYCwA4mHwR+ieWmD+QTs8YbnjjqOflhIfRE+1c2qJ4ex6BMrb+TQkj3fisg6JJ
BNja5GFKWl+XmrcjCSVY+gkWIeBPU1R7wrjxENtxxtsGd0fkNrvTfm8v+oozYvL8
+zxjrpVaBJAG8jfOi8NHzQP8n/SLNdJMyEMUK+YwcXY9uRSVd0LYmzsPVd1PjoD3
yTpRUlf5sI/eawQNnSc7VnMHOH2a6jb3JCU3oEDbAMVE60oGFBTPWljAx/g6Jyz3
ey8uW06ZmnAhU50suFZ6XP8bDPmpRrac5pZJw+qXTE2g3nl0YuQz6D+4owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBIWFVFv1k7h9Sq5oE86RT+v3tGnMB8GA1UdIwQY
MBaAFCisnt0kC/xFIM4LybJFlj0k4r/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUt
ODVhNTM0ZjE4MGZkLzEvRWhZVlVXX1dUdUgxS3JtZ1R6cEZQNl9lMGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUtODVhNTM0ZjE4MGZk
LzEvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9o6AwQC
XDwsMA0GCSqGSIb3DQEBCwUAA4IBAQAbgYsNpqf11KIxbhT9+YILGNupEi9jk5Fr
RqocOwbdNyqRCMZApJJBDWsiMi1XpvcnydTJZdZSO58wcrV9ZCr4jR5HugaqQOMB
eyYW2Mdy6ZpbctrEoUuMmWj3Vg4hLFDMlJsNIC8DwcArKHLU+WE17G+4Za8QthmZ
fZSEF/7aoV/V8fFA+BsKS4GpfK9yXEn4sEbxqKgNf2w5tUxkxXeEQO64vF+T+59V
WuQyYtHd7JAVPyWkg8/58OCUYQ8Eu0ftr39EV4TfuN4QRI1odHz/0ftSIs4i8XlZ
/ssbXDcmydKHvdv8Nh51d+E1bdM+mBsCX9XUIyxJ2rYH0vUMgtGX
-----END CERTIFICATE-----
Generated at Wed May 14 03:29:31 2025 by rpki-client