Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/IE3o9jkMkDqaEF4OKe3mUc_j5gw.roa
File: IE3o9jkMkDqaEF4OKe3mUc_j5gw.roa (raw, json)
Hash identifier: qUT9LD7ZUNMCqZzaEsDQPbuJKpkntKEGf5zLVhxaVEw=
Subject key identifier: 20:4D:E8:F6:39:0C:90:3A:9A:10:5E:0E:29:ED:E6:51:CF:E3:E6:0C
Certificate issuer: /CN=9d115fe9c9e9cfdef17e924165592c023efb2b16
Certificate serial: 0185543B9CFBB20D3796771A04D5B30F4385
Authority key identifier: 9D:11:5F:E9:C9:E9:CF:DE:F1:7E:92:41:65:59:2C:02:3E:FB:2B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/IE3o9jkMkDqaEF4OKe3mUc_j5gw.roa
Signing time: Tue 27 Dec 2022 15:37:51 +0000
ROA not before: Tue 27 Dec 2022 15:37:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43354
IP address blocks: 194.45.94.0/24 maxlen: 24
91.197.28.0/24 maxlen: 24
91.197.29.0/24 maxlen: 24
91.197.30.0/24 maxlen: 24
91.197.28.0/22 maxlen: 22
91.197.31.0/24 maxlen: 24
2001:67c:4d0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:54:3b:9c:fb:b2:0d:37:96:77:1a:04:d5:b3:0f:43:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d115fe9c9e9cfdef17e924165592c023efb2b16
Validity
Not Before: Dec 27 15:37:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=204de8f6390c903a9a105e0e29ede651cfe3e60c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d3:f3:e3:1a:f2:9e:1d:96:3b:0e:dd:37:7f:
55:68:4b:75:8a:5a:c0:29:bf:6d:4f:a3:48:9f:6a:
b7:90:b2:c8:8c:1e:75:32:b4:07:4c:68:3d:46:2c:
c2:85:ef:ef:3f:3a:54:25:cb:5d:68:7b:28:32:b2:
c2:06:f3:36:3b:92:41:4b:e2:8b:1a:f9:c7:a1:24:
00:8a:7e:ba:26:4e:00:e6:f7:51:73:51:a3:26:6a:
65:bd:6e:f1:be:9d:67:c7:28:83:1b:b4:0a:41:5f:
aa:37:7a:8c:da:f2:ed:8d:35:85:76:90:37:6a:85:
9e:dd:00:66:d7:1d:a3:bd:a1:e7:af:cf:7b:13:15:
e9:8a:42:4b:13:64:bc:d2:ef:fb:29:ec:ee:85:af:
00:67:c2:b0:4a:c6:88:2c:48:27:b9:89:83:05:de:
6e:dd:72:65:51:0c:a8:5e:66:11:84:e6:31:1f:cb:
9a:82:62:f7:4e:e0:76:f9:7c:46:43:11:c3:fc:cc:
f2:f0:88:08:24:3a:e1:af:fb:a7:4f:16:e2:d5:7b:
62:4d:1f:59:c4:7a:3a:66:42:c6:cf:8d:87:77:0f:
99:77:73:60:8d:72:86:d6:bc:63:58:24:ad:b4:f0:
36:90:de:71:57:b8:3e:91:a5:73:80:5a:4f:29:a7:
6c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4D:E8:F6:39:0C:90:3A:9A:10:5E:0E:29:ED:E6:51:CF:E3:E6:0C
X509v3 Authority Key Identifier:
keyid:9D:11:5F:E9:C9:E9:CF:DE:F1:7E:92:41:65:59:2C:02:3E:FB:2B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/IE3o9jkMkDqaEF4OKe3mUc_j5gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/nRFf6cnpz97xfpJBZVksAj77KxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.28.0/22
194.45.94.0/24
IPv6:
2001:67c:4d0::/48
Signature Algorithm: sha256WithRSAEncryption
74:8b:57:b7:bc:79:37:fd:fd:4a:c2:be:82:53:ae:b7:61:33:
de:39:29:da:5e:3a:a5:fd:c5:b3:50:f3:48:89:dc:71:98:26:
f8:7b:89:1d:42:b6:90:91:a8:cb:70:b1:70:0a:97:25:ea:9d:
33:62:7d:5e:fa:6c:5a:ac:9c:cb:65:70:7a:20:19:61:f6:65:
35:4e:fe:0d:84:e2:57:e9:53:f0:c8:e2:12:e4:d6:41:56:4c:
0e:f5:0e:cb:26:4e:1a:50:07:39:c4:e3:91:76:73:43:ae:28:
e7:7b:eb:02:d7:37:85:ad:e9:f0:c7:79:c1:68:c8:21:9b:30:
0a:54:05:ef:a8:0d:7f:ee:9f:5e:34:53:37:b9:00:10:dc:46:
fe:65:7e:b3:2e:91:1a:e8:9e:d9:36:85:a3:77:53:04:00:98:
74:8c:1e:a3:bf:76:04:4f:20:b1:e8:3f:75:bf:30:25:05:d8:
ca:b5:22:34:13:f8:3d:1c:9e:94:a6:c0:99:a1:a3:2c:bd:d2:
18:d7:26:65:d4:b1:41:3f:88:be:f5:d5:7a:61:c5:04:6f:dc:
4f:e4:e9:08:06:d6:4f:2f:fa:bb:a2:0d:59:a4:a8:32:c8:1e:
f5:00:70:fb:e9:d9:70:66:d5:84:8d:42:1d:79:dd:f2:c8:4d:
ba:f7:db:42
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVUO5z7sg03lncaBNWzD0OFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMTE1ZmU5YzllOWNmZGVmMTdlOTI0MTY1NTkyYzAyM2Vm
YjJiMTYwHhcNMjIxMjI3MTUzNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDRkZThmNjM5MGM5MDNhOWExMDVlMGUyOWVkZTY1MWNmZTNlNjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNPz4xrynh2WOw7dN39VaEt1ilrA
Kb9tT6NIn2q3kLLIjB51MrQHTGg9RizChe/vPzpUJctdaHsoMrLCBvM2O5JBS+KL
GvnHoSQAin66Jk4A5vdRc1GjJmplvW7xvp1nxyiDG7QKQV+qN3qM2vLtjTWFdpA3
aoWe3QBm1x2jvaHnr897ExXpikJLE2S80u/7Kezuha8AZ8KwSsaILEgnuYmDBd5u
3XJlUQyoXmYRhOYxH8uagmL3TuB2+XxGQxHD/Mzy8IgIJDrhr/unTxbi1XtiTR9Z
xHo6ZkLGz42Hdw+Zd3NgjXKG1rxjWCSttPA2kN5xV7g+kaVzgFpPKadsgwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCBN6PY5DJA6mhBeDint5lHP4+YMMB8GA1UdIwQY
MBaAFJ0RX+nJ6c/e8X6SQWVZLAI++ysWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblJGZjZjbnB6OTd4ZnBKQlpWa3NBajc3S3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9iNDE3ZjgtMDczMi00OGFmLWIwMGMt
YmI3OTdjZTdlMTA4LzEvSUUzbzlqa01rRHFhRUY0T0tlM21VY19qNWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9iNDE3ZjgtMDczMi00OGFmLWIwMGMtYmI3OTdjZTdlMTA4
LzEvblJGZjZjbnB6OTd4ZnBKQlpWa3NBajc3S3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW8UcAwQA
wi1eMA8EAgACMAkDBwAgAQZ8BNAwDQYJKoZIhvcNAQELBQADggEBAHSLV7e8eTf9
/UrCvoJTrrdhM945KdpeOqX9xbNQ80iJ3HGYJvh7iR1CtpCRqMtwsXAKlyXqnTNi
fV76bFqsnMtlcHogGWH2ZTVO/g2E4lfpU/DI4hLk1kFWTA71DssmThpQBznE45F2
c0OuKOd76wLXN4Wt6fDHecFoyCGbMApUBe+oDX/un140Uze5ABDcRv5lfrMukRro
ntk2haN3UwQAmHSMHqO/dgRPILHoP3W/MCUF2Mq1IjQT+D0cnpSmwJmhoyy90hjX
JmXUsUE/iL711XphxQRv3E/k6QgG1k8v+ruiDVmkqDLIHvUAcPvp2XBm1YSNQh15
3fLITbr320I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org