Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/p1R8lWJO4l2V-b2UNxY1YBm7wXU.roa
File: p1R8lWJO4l2V-b2UNxY1YBm7wXU.roa (raw, json)
Hash identifier: IMFi/DzsfIVa2+TIiXrTF/YfmAZyTCYKvE6V1rZqmDk=
Subject key identifier: A7:54:7C:95:62:4E:E2:5D:95:F9:BD:94:37:16:35:60:19:BB:C1:75
Certificate issuer: /CN=84a69fc568894cb3985edef22216bd99974de251
Certificate serial: 03708D29
Authority key identifier: 84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/p1R8lWJO4l2V-b2UNxY1YBm7wXU.roa
Signing time: Sat 01 Jan 2022 13:55:29 +0000
ROA not before: Sat 01 Jan 2022 13:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212489
IP address blocks: 91.243.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57707817 (0x3708d29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84a69fc568894cb3985edef22216bd99974de251
Validity
Not Before: Jan 1 13:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7547c95624ee25d95f9bd943716356019bbc175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:d5:3d:32:fe:12:87:35:43:30:8a:23:3e:
ab:15:65:30:2e:33:3e:c4:c8:4f:21:77:94:19:89:
0f:88:1b:27:45:49:bd:b9:80:9a:11:2f:fc:b7:68:
04:0e:48:82:82:2e:fe:8f:64:7f:47:6b:cc:5d:7d:
a5:ee:d7:34:65:b0:07:51:cc:44:95:65:03:d7:4e:
d7:41:19:37:93:3e:9c:83:c1:ec:6b:b8:51:4c:56:
9a:62:17:44:39:9b:27:8f:e3:fe:b2:50:b9:78:3e:
41:0d:b9:9b:54:af:ad:84:32:c7:86:08:f1:62:fd:
fe:82:5c:4a:6e:43:5d:c3:5f:42:93:29:6f:fb:c0:
6b:27:3b:4a:32:f2:a8:52:ec:5b:06:98:e1:1c:c0:
d0:ca:28:cf:84:a1:23:db:ba:c7:7a:60:10:50:a0:
11:a1:f2:60:85:eb:68:b7:61:fe:ec:77:a5:2e:ab:
cd:2f:9c:0f:24:b1:ce:e3:ca:c6:3a:27:d5:e0:87:
cf:d9:d8:5a:20:80:be:76:96:69:7d:43:43:78:72:
7f:00:73:67:4f:da:01:df:4c:c4:c4:56:93:1f:86:
09:20:8c:7f:f5:d1:93:d6:c7:13:e9:e2:31:09:c5:
96:ad:04:76:d3:0f:dd:55:42:14:63:48:b5:1d:3f:
51:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:54:7C:95:62:4E:E2:5D:95:F9:BD:94:37:16:35:60:19:BB:C1:75
X509v3 Authority Key Identifier:
keyid:84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/p1R8lWJO4l2V-b2UNxY1YBm7wXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.117.0/24
Signature Algorithm: sha256WithRSAEncryption
33:74:82:f9:3b:31:cc:7f:47:88:97:3c:d0:fa:db:f2:ad:10:
9c:7f:02:91:71:78:2d:56:92:3b:fd:41:29:60:14:bf:64:9e:
59:fd:b5:3c:13:51:ea:61:80:f0:02:51:6a:87:43:89:c6:42:
12:cf:3c:2b:08:5c:ee:83:6c:e7:1e:5e:0f:11:45:b0:01:7f:
50:d9:60:bc:7a:73:b1:ac:b2:7b:3e:e2:a8:36:f0:87:7f:eb:
8a:87:30:5a:73:02:38:14:1a:ef:c7:ab:8e:f2:7f:4e:95:3c:
29:12:49:8e:eb:6c:47:67:0e:ab:f8:98:1c:2e:0f:73:f4:0c:
a1:aa:94:8b:b2:38:e7:ec:36:4c:6d:60:05:a6:20:09:c4:93:
9d:93:ac:47:d2:23:0e:e9:46:41:99:ab:f8:7e:65:5a:a8:77:
ce:03:87:8f:00:fe:2e:d9:34:9c:0c:91:35:b6:eb:e3:51:65:
fc:d7:9b:ac:ea:8b:c3:14:72:e0:be:57:71:c4:1a:22:20:00:
e1:c7:07:d2:07:fa:d2:bc:d2:7c:5a:dd:6a:7d:f1:c6:65:52:
b2:1e:c7:e8:7e:3c:d5:ca:a5:82:72:be:5e:9a:2a:f2:66:ce:
d8:ad:3f:81:99:44:60:be:84:55:16:7e:fe:65:74:85:b4:43:
bb:04:29:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3CNKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGE2OWZjNTY4ODk0Y2IzOTg1ZWRlZjIyMjE2YmQ5OTk3NGRlMjUxMB4XDTIyMDEw
MTEzNTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc1NDdjOTU2MjRl
ZTI1ZDk1ZjliZDk0MzcxNjM1NjAxOWJiYzE3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGU1T0y/hKHNUMwiiM+qxVlMC4zPsTITyF3lBmJD4gbJ0VJ
vbmAmhEv/LdoBA5IgoIu/o9kf0drzF19pe7XNGWwB1HMRJVlA9dO10EZN5M+nIPB
7Gu4UUxWmmIXRDmbJ4/j/rJQuXg+QQ25m1SvrYQyx4YI8WL9/oJcSm5DXcNfQpMp
b/vAayc7SjLyqFLsWwaY4RzA0Mooz4ShI9u6x3pgEFCgEaHyYIXraLdh/ux3pS6r
zS+cDySxzuPKxjon1eCHz9nYWiCAvnaWaX1DQ3hyfwBzZ0/aAd9MxMRWkx+GCSCM
f/XRk9bHE+niMQnFlq0EdtMP3VVCFGNItR0/URsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnVHyVYk7iXZX5vZQ3FjVgGbvBdTAfBgNVHSMEGDAWgBSEpp/FaIlMs5he
3vIiFr2Zl03iUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hLYWZ4V2lKVExPWVh0N3lJaGE5bVpkTjRsRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYzYwYTFlLTkwODAtNGIwOC05NWRhLTQzN2ZlNTBiYjRmNy8x
L3AxUjhsV0pPNGwyVi1iMlVOeFkxWUJtN3dYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YzYwYTFlLTkwODAtNGIwOC05NWRhLTQzN2ZlNTBiYjRmNy8xL2hLYWZ4V2lKVExP
WVh0N3lJaGE5bVpkTjRsRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvzdTANBgkqhkiG9w0BAQsFAAOC
AQEAM3SC+TsxzH9HiJc80Prb8q0QnH8CkXF4LVaSO/1BKWAUv2SeWf21PBNR6mGA
8AJRaodDicZCEs88Kwhc7oNs5x5eDxFFsAF/UNlgvHpzsayyez7iqDbwh3/riocw
WnMCOBQa78erjvJ/TpU8KRJJjutsR2cOq/iYHC4Pc/QMoaqUi7I45+w2TG1gBaYg
CcSTnZOsR9IjDulGQZmr+H5lWqh3zgOHjwD+Ltk0nAyRNbbr41Fl/NebrOqLwxRy
4L5XccQaIiAA4ccH0gf60rzSfFrdan3xxmVSsh7H6H481cqlgnK+Xpoq8mbO2K0/
gZlEYL6EVRZ+/mV0hbRDuwQp6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:41 2024 by rpki-client on console-fra.rpki-client.org