Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/pnSGFhOtdA4RnCyDq8xBwAq1ENo.roa
File: pnSGFhOtdA4RnCyDq8xBwAq1ENo.roa (raw, json)
Hash identifier: Bb/qsNKUuMx0CvG5Nu94uYh/+Qx+qWT3rSLKUIBHWnU=
Subject key identifier: A6:74:86:16:13:AD:74:0E:11:9C:2C:83:AB:CC:41:C0:0A:B5:10:DA
Certificate issuer: /CN=4e36cce2142ca18b505897158d26e5839d2b417f
Certificate serial: 07F7D4A3
Authority key identifier: 4E:36:CC:E2:14:2C:A1:8B:50:58:97:15:8D:26:E5:83:9D:2B:41:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TjbM4hQsoYtQWJcVjSblg50rQX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/pnSGFhOtdA4RnCyDq8xBwAq1ENo.roa
Signing time: Sat 01 Jan 2022 09:55:09 +0000
ROA not before: Sat 01 Jan 2022 09:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51520
IP address blocks: 91.194.2.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133682339 (0x7f7d4a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e36cce2142ca18b505897158d26e5839d2b417f
Validity
Not Before: Jan 1 09:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a674861613ad740e119c2c83abcc41c00ab510da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1c:cf:a9:b5:99:61:82:c9:61:b7:eb:f7:6b:
04:f5:42:03:3a:be:6a:8e:90:7f:d3:7e:fd:b3:24:
dd:9b:fc:5d:63:a5:4d:4b:08:6a:0c:0d:20:25:95:
4e:a8:54:de:2d:d5:7c:83:51:32:5b:98:7e:f0:83:
4c:5e:77:20:9f:2a:71:72:56:3c:7c:05:3f:c8:39:
da:91:5d:04:22:5b:ee:0e:7a:93:fb:75:15:93:db:
82:a5:f1:6c:3e:8e:2f:58:d9:ae:f4:ec:b7:27:9f:
b3:43:72:cd:d0:43:0e:9b:5d:dd:65:b2:bc:37:8a:
32:b0:4d:c8:ce:e2:0e:b6:db:85:cb:c3:27:70:f1:
6b:41:df:4d:92:ca:2e:60:05:63:2a:5c:73:4c:76:
7e:b9:26:91:92:31:52:77:85:dd:18:f6:aa:a2:64:
ad:e1:ca:cd:93:e3:4b:7d:7c:cd:7a:5b:6c:1c:2f:
ed:76:ec:41:d9:fa:ee:1e:fe:11:0a:cd:f4:c8:4d:
5e:a2:ad:5c:23:d6:50:f7:d3:c4:b4:dd:eb:27:48:
52:68:3a:ec:d3:01:f9:95:e6:3f:88:bd:75:f5:f0:
7b:b8:a0:e1:e5:1d:dd:20:eb:35:f0:c7:06:42:15:
0d:b1:32:16:a1:3a:96:79:f5:40:0d:56:9b:59:6d:
3d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:74:86:16:13:AD:74:0E:11:9C:2C:83:AB:CC:41:C0:0A:B5:10:DA
X509v3 Authority Key Identifier:
keyid:4E:36:CC:E2:14:2C:A1:8B:50:58:97:15:8D:26:E5:83:9D:2B:41:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TjbM4hQsoYtQWJcVjSblg50rQX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/pnSGFhOtdA4RnCyDq8xBwAq1ENo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/TjbM4hQsoYtQWJcVjSblg50rQX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.2.0/23
Signature Algorithm: sha256WithRSAEncryption
87:67:c4:5a:39:b0:8c:26:37:26:a2:62:a9:e3:83:59:53:62:
0c:71:c0:fa:d1:46:bc:6a:c3:66:26:40:40:36:de:d1:d5:f0:
a6:66:4b:b6:b4:35:a4:48:5d:3b:66:ee:c0:fd:e3:d1:97:da:
2d:99:64:65:b9:88:f2:6d:73:70:7a:6a:c7:13:87:a7:d7:a4:
4e:f5:89:8a:44:d8:a3:d0:f3:5c:4b:d5:c1:6a:bc:af:ee:ec:
67:ff:7d:cc:6c:16:c7:7c:6f:fa:d6:cb:a1:6d:1d:b3:1d:c0:
37:82:94:22:ea:21:40:d4:ec:f1:a5:f1:f3:c6:7e:fb:a6:47:
b5:6e:88:a4:b2:8d:b1:9c:a4:e6:31:71:24:66:b7:de:b5:a2:
88:eb:ae:89:ff:f3:c0:43:34:da:1c:b9:a4:95:e2:1e:9f:94:
9a:97:6b:5c:f5:da:de:62:72:60:a0:fd:11:6b:b6:b3:c3:b3:
76:3e:64:a1:0e:9c:26:7e:05:36:45:8c:c7:22:01:9b:93:52:
37:b0:9d:d4:3a:23:64:20:54:75:44:73:06:0a:0c:54:f1:86:
3a:77:59:0d:c1:3e:bb:d4:43:c9:83:b3:b7:e2:c6:07:33:1c:
78:6b:e0:80:58:a9:62:bb:c2:e9:bb:e4:b4:00:91:2b:dd:3e:
2d:b8:73:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/fUozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTM2Y2NlMjE0MmNhMThiNTA1ODk3MTU4ZDI2ZTU4MzlkMmI0MTdmMB4XDTIyMDEw
MTA5NTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY3NDg2MTYxM2Fk
NzQwZTExOWMyYzgzYWJjYzQxYzAwYWI1MTBkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQcz6m1mWGCyWG36/drBPVCAzq+ao6Qf9N+/bMk3Zv8XWOl
TUsIagwNICWVTqhU3i3VfINRMluYfvCDTF53IJ8qcXJWPHwFP8g52pFdBCJb7g56
k/t1FZPbgqXxbD6OL1jZrvTstyefs0NyzdBDDptd3WWyvDeKMrBNyM7iDrbbhcvD
J3Dxa0HfTZLKLmAFYypcc0x2frkmkZIxUneF3Rj2qqJkreHKzZPjS318zXpbbBwv
7XbsQdn67h7+EQrN9MhNXqKtXCPWUPfTxLTd6ydIUmg67NMB+ZXmP4i9dfXwe7ig
4eUd3SDrNfDHBkIVDbEyFqE6lnn1QA1Wm1ltPSMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmdIYWE610DhGcLIOrzEHACrUQ2jAfBgNVHSMEGDAWgBRONsziFCyhi1BY
lxWNJuWDnStBfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RqYk00aFFzb1l0UVdKY1ZqU2JsZzUwclFYOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMjIwYjM4LTc3Y2EtNGRlNC04Yjg2LTlmODQ1YzU0NjQ3MC8x
L3BuU0dGaE90ZEE0Um5DeURxOHhCd0FxMUVOby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MjIwYjM4LTc3Y2EtNGRlNC04Yjg2LTlmODQ1YzU0NjQ3MC8xL1RqYk00aFFzb1l0
UVdKY1ZqU2JsZzUwclFYOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvCAjANBgkqhkiG9w0BAQsFAAOC
AQEAh2fEWjmwjCY3JqJiqeODWVNiDHHA+tFGvGrDZiZAQDbe0dXwpmZLtrQ1pEhd
O2buwP3j0ZfaLZlkZbmI8m1zcHpqxxOHp9ekTvWJikTYo9DzXEvVwWq8r+7sZ/99
zGwWx3xv+tbLoW0dsx3AN4KUIuohQNTs8aXx88Z++6ZHtW6IpLKNsZyk5jFxJGa3
3rWiiOuuif/zwEM02hy5pJXiHp+UmpdrXPXa3mJyYKD9EWu2s8Ozdj5koQ6cJn4F
NkWMxyIBm5NSN7Cd1DojZCBUdURzBgoMVPGGOndZDcE+u9RDyYOzt+LGBzMceGvg
gFipYrvC6bvktACRK90+Lbhz3A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-ams.rpki-client.org