Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/wkztO8-8Hm-LpcvTNt0biCvl8iw.roa
File: wkztO8-8Hm-LpcvTNt0biCvl8iw.roa (raw, json)
Hash identifier: NP9ccpW8NVl+kt/rgOwv8HfraE4J/43WikYSub1B7i0=
Subject key identifier: C2:4C:ED:3B:CF:BC:1E:6F:8B:A5:CB:D3:36:DD:1B:88:2B:E5:F2:2C
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 4576AC
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/wkztO8-8Hm-LpcvTNt0biCvl8iw.roa
Signing time: Sat 01 Jan 2022 00:57:44 +0000
ROA not before: Sat 01 Jan 2022 00:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57903
IP address blocks: 91.236.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4552364 (0x4576ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 1 00:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c24ced3bcfbc1e6f8ba5cbd336dd1b882be5f22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:95:17:bd:e5:1f:20:27:87:9d:0c:d6:68:fa:
3d:32:06:49:2b:ce:9a:44:b5:6c:f5:d5:ae:f8:fd:
40:e1:dd:e0:95:15:c6:85:04:50:b6:2b:00:b2:aa:
d7:ae:38:90:80:fc:45:f7:d5:15:83:67:1b:d8:2e:
a8:b0:b4:e3:df:aa:73:17:76:76:89:3c:a0:eb:a0:
a7:70:18:27:2f:e9:10:d8:40:31:ec:6e:c2:46:96:
35:9c:07:e9:25:f1:09:0d:16:91:cc:cb:9e:6e:3f:
3f:d3:bd:7e:3d:0c:70:b5:53:e9:f9:c7:84:78:b2:
83:a3:4f:a5:d3:92:0e:c6:f8:47:ea:06:9d:2d:0d:
a2:a7:4f:d7:46:36:dd:59:69:f1:11:19:ef:f1:7e:
e5:fe:c4:38:40:55:7e:17:8d:b7:45:01:0b:ae:58:
6a:39:42:3f:b1:1a:23:8b:45:08:d9:a7:97:9a:a2:
e5:8b:1f:86:f0:eb:03:a2:b6:33:33:0e:2d:7e:3a:
57:f3:19:52:a2:f7:19:26:16:c1:d0:01:c9:c5:65:
46:50:c9:11:e4:cf:36:78:35:93:6b:b5:ed:b0:20:
68:62:66:ff:c3:e5:00:eb:a2:c1:7f:eb:ad:f3:b9:
4b:23:10:ab:77:d3:92:59:be:0e:5a:d9:56:78:9b:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:ED:3B:CF:BC:1E:6F:8B:A5:CB:D3:36:DD:1B:88:2B:E5:F2:2C
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/wkztO8-8Hm-LpcvTNt0biCvl8iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.114.0/24
Signature Algorithm: sha256WithRSAEncryption
32:21:db:39:7e:e8:d4:87:8f:f3:de:29:a1:06:82:21:2b:2c:
50:e2:af:f5:d2:82:62:25:57:ac:e3:e8:23:07:cd:68:64:45:
88:26:9b:67:3a:a6:52:0d:ad:0e:2c:83:f8:06:cd:e9:da:34:
ef:73:0e:59:46:34:67:99:bf:f6:6c:78:2e:c5:25:b5:08:fa:
d3:6d:47:86:8c:db:4e:cb:c0:5a:84:e4:5c:da:d4:5b:8d:75:
a3:b8:2c:16:d5:f1:30:23:93:89:0f:3f:54:d8:22:60:e7:d8:
24:d2:51:0e:9f:0c:f3:1a:c8:28:91:1d:e6:0e:96:40:3c:1d:
40:a0:78:66:9f:3b:b9:fd:23:3f:3a:7a:49:0f:10:54:00:c3:
e9:a2:32:d8:fd:95:77:ce:ef:88:97:0a:da:da:ff:01:db:61:
55:5b:c0:47:8b:56:99:86:86:57:0f:97:c4:b0:dd:bb:e0:48:
19:00:3c:34:e5:a1:d3:db:d6:a0:84:37:b7:8c:e3:b0:d0:05:
23:e3:14:0c:46:6c:1c:a6:9d:e3:81:a7:84:24:ca:d6:63:14:
95:a9:04:9a:df:0f:13:77:89:5d:c9:a6:2e:c1:5f:79:53:dc:
34:3a:29:09:65:5d:58:59:a1:6b:38:15:b0:24:b2:d6:cc:87:
4f:fd:44:1d
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDRXasMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5ZDNiYWUwHhcNMjIwMTAx
MDA1NzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMjRjZWQzYmNmYmMx
ZTZmOGJhNWNiZDMzNmRkMWI4ODJiZTVmMjJjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApZUXveUfICeHnQzWaPo9MgZJK86aRLVs9dWu+P1A4d3glRXG
hQRQtisAsqrXrjiQgPxF99UVg2cb2C6osLTj36pzF3Z2iTyg66CncBgnL+kQ2EAx
7G7CRpY1nAfpJfEJDRaRzMuebj8/071+PQxwtVPp+ceEeLKDo0+l05IOxvhH6gad
LQ2ip0/XRjbdWWnxERnv8X7l/sQ4QFV+F423RQELrlhqOUI/sRoji0UI2aeXmqLl
ix+G8OsDorYzMw4tfjpX8xlSovcZJhbB0AHJxWVGUMkR5M82eDWTa7XtsCBoYmb/
w+UA66LBf+ut87lLIxCrd9OSWb4OWtlWeJtX2QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMJM7TvPvB5vi6XL0zbdG4gr5fIsMB8GA1UdIwQYMBaAFDTVGSR0Arz73w7O
kCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVlLzEv
d2t6dE84LThIbS1McGN2VE50MGJpQ3ZsOGl3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8z
MDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVlLzEvTk5VWkpIUUN2UHZm
RHM2UUlLMWtZaTZkTzY0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+xyMA0GCSqGSIb3DQEBCwUAA4IB
AQAyIds5fujUh4/z3imhBoIhKyxQ4q/10oJiJVes4+gjB81oZEWIJptnOqZSDa0O
LIP4Bs3p2jTvcw5ZRjRnmb/2bHguxSW1CPrTbUeGjNtOy8BahORc2tRbjXWjuCwW
1fEwI5OJDz9U2CJg59gk0lEOnwzzGsgokR3mDpZAPB1AoHhmnzu5/SM/OnpJDxBU
AMPpojLY/ZV3zu+Ilwra2v8B22FVW8BHi1aZhoZXD5fEsN274EgZADw05aHT29ag
hDe3jOOw0AUj4xQMRmwcpp3jgaeEJMrWYxSVqQSa3w8Td4ldyaYuwV95U9w0OikJ
ZV1YWaFrOBWwJLLWzIdP/UQd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:58 2024 by rpki-client on console-ams.rpki-client.org