Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/1lUSWxfO5kflvdcfppUNRYC0VUM.roa
File: 1lUSWxfO5kflvdcfppUNRYC0VUM.roa (raw, json)
Hash identifier: lFhlKReZekGWXMHunAUTpH/mEu5u1tF2xCDU+HOkGvs=
Subject key identifier: D6:55:12:5B:17:CE:E6:47:E5:BD:D7:1F:A6:95:0D:45:80:B4:55:43
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01845E23527E8C019EBC2B1DB78BD2A859F2
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/1lUSWxfO5kflvdcfppUNRYC0VUM.roa
Signing time: Wed 09 Nov 2022 20:44:43 +0000
ROA not before: Wed 09 Nov 2022 20:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 91.221.117.0/24 maxlen: 24
91.221.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5e:23:52:7e:8c:01:9e:bc:2b:1d:b7:8b:d2:a8:59:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Nov 9 20:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d655125b17cee647e5bdd71fa6950d4580b45543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:46:d7:ed:7a:65:30:69:ec:99:b3:b7:f4:
f1:1a:17:c6:56:b7:69:4c:29:21:d7:01:25:f2:5f:
0a:15:92:a9:65:fe:2a:fa:e6:1e:4e:7c:48:35:f7:
58:b1:55:6a:84:d0:da:ea:9f:e9:f6:0c:ac:9a:3e:
fb:48:38:43:49:73:46:86:ef:b7:68:ae:40:0f:51:
c3:1e:11:90:55:04:4d:ad:5d:6c:d0:a1:ff:6a:99:
a5:b7:8e:74:ba:f7:23:4a:2f:80:9e:ab:6c:b8:00:
38:43:6d:72:6e:75:ce:bc:3b:8e:04:cd:4f:ee:55:
f6:a5:f6:e1:3c:00:8e:a5:79:03:69:f7:4b:93:57:
a1:de:a9:6a:02:a2:90:7c:12:27:59:b8:37:fd:94:
dc:ba:f4:5b:e2:64:d8:ba:7f:b8:ec:cf:5e:14:04:
95:d1:0f:81:51:07:49:ef:c3:d6:c5:0f:ba:45:90:
56:0b:79:6f:0b:b6:15:ae:aa:4b:d7:56:19:fa:35:
19:23:3a:9b:74:db:c3:7a:fa:3f:e2:a1:33:ad:2b:
1d:50:01:ae:fa:b6:ba:6b:bf:9f:72:e4:d0:f5:58:
59:b0:33:73:62:9b:29:07:19:85:54:06:65:2d:f9:
01:6c:ec:97:3e:1c:d4:a9:b3:1a:07:5a:cb:35:d3:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:55:12:5B:17:CE:E6:47:E5:BD:D7:1F:A6:95:0D:45:80:B4:55:43
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/1lUSWxfO5kflvdcfppUNRYC0VUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.117.0/24
91.221.233.0/24
Signature Algorithm: sha256WithRSAEncryption
45:97:a6:41:8b:80:52:03:3a:0a:1b:ea:6c:11:a4:0f:4e:cd:
e9:f4:b2:a8:ed:ce:51:4e:ab:ae:2a:46:c2:cf:a3:1a:82:57:
c2:75:e0:eb:41:ad:16:45:6e:f2:8a:0e:e4:ed:f0:29:5b:a7:
c7:d1:44:e3:8c:1a:f7:75:c4:9e:d9:70:9f:11:77:36:4d:d5:
54:41:1c:81:30:7e:2b:c7:8a:3c:f5:c0:60:41:cd:9d:3d:53:
f5:59:1d:1e:3a:21:7e:0a:6a:35:0d:1a:19:ad:30:f6:0b:58:
16:cd:5b:93:be:f4:b7:f8:e0:d1:3a:45:ca:e8:3d:7b:26:d3:
08:e0:5a:bd:8d:dd:3e:7f:42:22:0a:b9:b0:e1:51:c9:f5:0b:
fc:69:87:7b:45:b3:fa:bb:dd:21:ea:49:1d:b1:ba:0c:87:9a:
aa:c5:80:67:c0:ed:5f:81:1e:32:5f:0e:7a:f0:a1:a1:36:47:
f3:f9:f1:86:94:45:bb:3b:9d:ce:ce:55:3f:29:e6:a3:37:d1:
59:be:74:39:8c:f5:fd:d2:fb:07:46:ac:81:b9:7a:1a:df:2e:
b6:b5:03:c6:00:0a:5f:df:6e:4f:b0:35:08:7e:0c:bd:14:9b:
4c:f1:58:51:15:e9:cf:7c:37:6a:b4:e6:ee:36:05:11:b7:ce:
be:39:a6:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYReI1J+jAGevCsdt4vSqFnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjIxMTA5MjA0NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU1MTI1YjE3Y2VlNjQ3ZTViZGQ3MWZhNjk1MGQ0NTgwYjQ1NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr5G1+16ZTBp7Jmzt/TxGhfGVrdp
TCkh1wEl8l8KFZKpZf4q+uYeTnxINfdYsVVqhNDa6p/p9gysmj77SDhDSXNGhu+3
aK5AD1HDHhGQVQRNrV1s0KH/apmlt450uvcjSi+AnqtsuAA4Q21ybnXOvDuOBM1P
7lX2pfbhPACOpXkDafdLk1eh3qlqAqKQfBInWbg3/ZTcuvRb4mTYun+47M9eFASV
0Q+BUQdJ78PWxQ+6RZBWC3lvC7YVrqpL11YZ+jUZIzqbdNvDevo/4qEzrSsdUAGu
+ra6a7+fcuTQ9VhZsDNzYpspBxmFVAZlLfkBbOyXPhzUqbMaB1rLNdNk6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZVElsXzuZH5b3XH6aVDUWAtFVDMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvMWxVU1d4Zk81a2ZsdmRjZnBwVU5SWUMwVlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW911AwQA
W93pMA0GCSqGSIb3DQEBCwUAA4IBAQBFl6ZBi4BSAzoKG+psEaQPTs3p9LKo7c5R
TquuKkbCz6MaglfCdeDrQa0WRW7yig7k7fApW6fH0UTjjBr3dcSe2XCfEXc2TdVU
QRyBMH4rx4o89cBgQc2dPVP1WR0eOiF+Cmo1DRoZrTD2C1gWzVuTvvS3+ODROkXK
6D17JtMI4Fq9jd0+f0IiCrmw4VHJ9Qv8aYd7RbP6u90h6kkdsboMh5qqxYBnwO1f
gR4yXw568KGhNkfz+fGGlEW7O53OzlU/KeajN9FZvnQ5jPX90vsHRqyBuXoa3y62
tQPGAApf325PsDUIfgy9FJtM8VhRFenPfDdqtObuNgURt86+OaZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org