Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/TTvvDtYov-bJgFaarGVn4o6EQAg.roa
File: TTvvDtYov-bJgFaarGVn4o6EQAg.roa (raw, json)
Hash identifier: 2ysRP81B4WQPvjfQhyG3gdZah2bqnPaQtjYswPHPng4=
Subject key identifier: 4D:3B:EF:0E:D6:28:BF:E6:C9:80:56:9A:AC:65:67:E2:8E:84:40:08
Certificate issuer: /CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b
Certificate serial: 013A316F
Authority key identifier: 94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/TTvvDtYov-bJgFaarGVn4o6EQAg.roa
Signing time: Sat 01 Jan 2022 05:58:30 +0000
ROA not before: Sat 01 Jan 2022 05:58:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49248
IP address blocks: 91.212.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20590959 (0x13a316f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b
Validity
Not Before: Jan 1 05:58:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d3bef0ed628bfe6c980569aac6567e28e844008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1a:53:13:03:eb:eb:de:c6:11:c8:87:bd:18:
f7:3f:9d:43:c8:f5:f1:99:dd:1b:be:53:d1:d0:d7:
c1:60:6d:b6:6a:ac:3f:f4:18:b3:af:fc:96:6a:80:
7c:07:73:20:42:6f:2a:45:92:3a:9d:1d:d8:39:a9:
fe:a0:e4:22:32:7a:12:1c:5b:9f:19:61:5a:5c:f7:
3b:28:81:89:fc:f3:a0:63:16:40:ae:78:4f:3b:1d:
f0:a6:ac:6b:c4:0d:8f:f8:4c:80:16:b1:2f:1e:5c:
17:42:da:50:c5:e1:a6:7f:15:27:c0:1e:79:58:13:
ac:96:48:da:b1:8e:bd:44:fb:6c:e5:f7:49:82:e9:
e0:09:31:ff:9f:03:5d:23:ba:7b:b4:45:39:6d:50:
6a:e0:c8:e9:98:e7:3a:1e:ea:8c:bc:80:64:34:83:
a8:26:b9:3e:a6:e7:80:3f:ee:36:3d:a4:3d:8e:00:
6e:a5:fd:83:31:d3:ae:ac:3a:55:56:0c:f5:8f:5c:
aa:91:75:73:f0:9f:25:e1:fa:fe:0a:6b:65:30:26:
04:52:69:f7:3b:75:8f:0b:18:e2:d7:c0:23:e0:39:
57:3d:a6:0d:9b:07:28:d2:d4:35:e0:24:d8:27:0a:
4b:ad:49:03:a0:07:ad:5b:c8:90:37:f3:ca:a9:f3:
45:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:3B:EF:0E:D6:28:BF:E6:C9:80:56:9A:AC:65:67:E2:8E:84:40:08
X509v3 Authority Key Identifier:
keyid:94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/TTvvDtYov-bJgFaarGVn4o6EQAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.102.0/24
Signature Algorithm: sha256WithRSAEncryption
16:09:9e:7d:3b:87:d8:c4:b5:de:9e:fa:a0:c0:72:a1:74:ad:
67:f4:6a:ea:d5:be:f5:3c:bd:73:4b:f5:b4:1d:e8:ac:3b:0f:
38:62:3f:97:e6:5c:ae:97:e1:4c:a5:5f:d1:80:50:66:32:a7:
0e:44:5c:a3:35:a1:76:39:ac:2f:c4:32:95:32:a6:38:e9:ac:
1c:80:73:13:f1:ba:33:c3:0a:e8:30:90:c3:a6:36:06:fa:59:
ba:b6:77:eb:97:df:14:0c:1f:0d:04:dd:4d:ef:d8:9b:ed:0c:
c7:6f:5a:cb:95:e1:de:ff:49:2f:5d:c1:6c:ab:32:6e:1e:bd:
d4:5e:70:fc:29:dd:a2:b2:39:a7:09:f0:b2:50:bb:db:a3:6c:
6e:cd:a2:2e:41:82:45:fd:e1:f9:f8:0f:b8:3b:df:65:1c:e4:
be:3f:83:8d:ba:8a:6e:76:71:d9:73:01:43:31:aa:cb:02:24:
57:e2:9b:8c:1d:03:23:02:ef:e9:63:77:08:61:ea:fe:00:62:
50:67:99:59:72:8e:81:f0:6f:de:fc:37:54:ac:86:de:5c:98:
a4:65:51:3c:15:33:42:09:0c:9d:0d:2e:1f:cb:97:30:54:b5:
27:18:08:f3:55:b7:ee:c3:6f:0c:4f:4c:10:09:c2:66:79:b8:
3f:20:30:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAToxbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGFhNDE4YWU3NzBiZGE4ZWYwNTE2YjFkMWM2MzNhNjdlOTFmMzhiMB4XDTIyMDEw
MTA1NTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQzYmVmMGVkNjI4
YmZlNmM5ODA1NjlhYWM2NTY3ZTI4ZTg0NDAwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIaUxMD6+vexhHIh70Y9z+dQ8j18ZndG75T0dDXwWBttmqs
P/QYs6/8lmqAfAdzIEJvKkWSOp0d2Dmp/qDkIjJ6EhxbnxlhWlz3OyiBifzzoGMW
QK54Tzsd8Kasa8QNj/hMgBaxLx5cF0LaUMXhpn8VJ8AeeVgTrJZI2rGOvUT7bOX3
SYLp4Akx/58DXSO6e7RFOW1QauDI6ZjnOh7qjLyAZDSDqCa5PqbngD/uNj2kPY4A
bqX9gzHTrqw6VVYM9Y9cqpF1c/CfJeH6/gprZTAmBFJp9zt1jwsY4tfAI+A5Vz2m
DZsHKNLUNeAk2CcKS61JA6AHrVvIkDfzyqnzRcMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRNO+8O1ii/5smAVpqsZWfijoRACDAfBgNVHSMEGDAWgBSUqkGK53C9qO8F
FrHRxjOmfpHzizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xLcEJpdWR3dmFqdkJSYXgwY1l6cG42Ujg0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvMDllMmY3LWU2NTAtNGYzOC1hNzQ1LWMzOTYyMDBmZTBiZi8x
L1RUdnZEdFlvdi1iSmdGYWFyR1ZuNG82RVFBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
MDllMmY3LWU2NTAtNGYzOC1hNzQ1LWMzOTYyMDBmZTBiZi8xL2xLcEJpdWR3dmFq
dkJSYXgwY1l6cG42Ujg0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvUZjANBgkqhkiG9w0BAQsFAAOC
AQEAFgmefTuH2MS13p76oMByoXStZ/Rq6tW+9Ty9c0v1tB3orDsPOGI/l+Zcrpfh
TKVf0YBQZjKnDkRcozWhdjmsL8QylTKmOOmsHIBzE/G6M8MK6DCQw6Y2BvpZurZ3
65ffFAwfDQTdTe/Ym+0Mx29ay5Xh3v9JL13BbKsybh691F5w/CndorI5pwnwslC7
26Nsbs2iLkGCRf3h+fgPuDvfZRzkvj+DjbqKbnZx2XMBQzGqywIkV+KbjB0DIwLv
6WN3CGHq/gBiUGeZWXKOgfBv3vw3VKyG3lyYpGVRPBUzQgkMnQ0uH8uXMFS1JxgI
81W37sNvDE9MEAnCZnm4PyAwng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:58 2024 by rpki-client on console-ams.rpki-client.org