Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/XSJ04TwRlg2JbVS8stk2eoIVHd0.roa
File: XSJ04TwRlg2JbVS8stk2eoIVHd0.roa (raw, json)
Hash identifier: 6bkn6PBHjAxge09al363iz0vTVwlu7JlawJtqHh05pQ=
Subject key identifier: 5D:22:74:E1:3C:11:96:0D:89:6D:54:BC:B2:D9:36:7A:82:15:1D:DD
Certificate issuer: /CN=b543ef9bc3c2132361c1240972a180912bf7a859
Certificate serial: 02971BD9
Authority key identifier: B5:43:EF:9B:C3:C2:13:23:61:C1:24:09:72:A1:80:91:2B:F7:A8:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUPvm8PCEyNhwSQJcqGAkSv3qFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/XSJ04TwRlg2JbVS8stk2eoIVHd0.roa
Signing time: Sat 01 Jan 2022 07:53:03 +0000
ROA not before: Sat 01 Jan 2022 07:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9044
IP address blocks: 91.199.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43457497 (0x2971bd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b543ef9bc3c2132361c1240972a180912bf7a859
Validity
Not Before: Jan 1 07:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d2274e13c11960d896d54bcb2d9367a82151ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:60:ff:6c:ef:73:7f:c1:8c:21:f2:dd:ec:
e6:76:ce:61:52:c5:11:b8:5c:e1:49:1e:91:bf:b0:
23:f0:2a:35:eb:97:3c:bc:05:0c:d6:c2:ae:33:1e:
74:6e:36:5b:19:3b:64:28:4b:6a:0d:31:05:2a:33:
7b:37:37:62:d7:53:7e:f8:af:cb:d9:cb:68:6c:f8:
42:a9:25:1e:41:f8:d9:e2:52:b9:dc:f8:c4:26:76:
6c:09:79:48:9e:a3:60:a4:68:c2:fc:7a:1f:a8:5f:
d4:a5:26:33:31:27:76:87:cf:95:fe:8d:1a:c2:96:
ea:1a:40:e2:57:08:5b:a0:c6:ac:e6:2b:dc:04:e4:
fb:43:13:ea:c5:cb:d2:10:2e:57:f0:31:83:ec:26:
70:93:10:00:d1:67:cf:12:0f:34:e5:51:6c:01:f0:
d8:ef:73:f1:d5:41:13:fa:7a:ad:bb:d5:6f:fd:94:
b8:bf:f5:4c:43:52:0c:3d:2f:e4:b4:98:e0:30:79:
fd:6a:8b:86:0c:cc:00:e8:ca:84:30:f1:bc:46:f2:
8b:03:ee:38:cf:d8:2b:93:18:97:40:b1:b6:54:a0:
c2:51:53:cd:90:52:0c:b5:06:a3:ea:b9:5a:56:3a:
22:aa:39:c1:5a:2b:70:6a:b2:56:8b:69:46:0d:b6:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:22:74:E1:3C:11:96:0D:89:6D:54:BC:B2:D9:36:7A:82:15:1D:DD
X509v3 Authority Key Identifier:
keyid:B5:43:EF:9B:C3:C2:13:23:61:C1:24:09:72:A1:80:91:2B:F7:A8:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUPvm8PCEyNhwSQJcqGAkSv3qFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/XSJ04TwRlg2JbVS8stk2eoIVHd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/tUPvm8PCEyNhwSQJcqGAkSv3qFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:a5:4c:ec:87:c3:0e:19:4f:13:a7:6b:10:09:bd:77:4c:90:
09:15:95:fd:41:bf:af:12:e9:9c:5d:f0:86:c2:16:f9:2f:83:
a2:f6:aa:16:eb:3e:44:af:3f:96:1c:cd:b9:7f:3c:9c:af:28:
64:21:2c:56:e5:2d:af:f8:a8:a8:e2:68:50:c3:ef:1c:a0:b2:
e8:51:be:a2:60:7f:c1:40:73:1d:87:b0:13:95:8b:dc:50:a3:
ac:7b:2d:8b:ed:b5:3c:89:47:ce:86:51:2a:6f:ec:22:6d:78:
62:ac:e3:5e:c3:ce:38:79:a5:2b:e1:0a:a8:01:6b:cd:31:e9:
99:14:a9:cf:fd:83:88:5e:68:e6:f7:91:23:63:70:17:1f:f0:
16:82:76:8c:0d:6c:22:38:13:0a:06:50:3b:f8:ed:c5:78:26:
56:c5:3d:45:53:7a:82:32:c9:a1:ce:4e:5d:fb:8b:60:10:75:
57:4a:61:be:95:96:86:b9:ee:b5:e9:cb:58:53:33:32:bb:b5:
0c:3d:66:d3:70:7a:ce:1b:1a:55:e7:27:8e:4d:3b:50:64:72:
c1:ba:fc:44:11:2c:6a:76:98:8d:c5:f3:1f:10:4b:a6:7c:93:
42:a5:a1:8d:ef:5e:7d:4f:cb:ef:b7:9a:06:82:6c:46:09:ac:
03:6e:87:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApcb2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTQzZWY5YmMzYzIxMzIzNjFjMTI0MDk3MmExODA5MTJiZjdhODU5MB4XDTIyMDEw
MTA3NTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQyMjc0ZTEzYzEx
OTYwZDg5NmQ1NGJjYjJkOTM2N2E4MjE1MWRkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2lYP9s73N/wYwh8t3s5nbOYVLFEbhc4Ukekb+wI/AqNeuX
PLwFDNbCrjMedG42Wxk7ZChLag0xBSozezc3YtdTfvivy9nLaGz4QqklHkH42eJS
udz4xCZ2bAl5SJ6jYKRowvx6H6hf1KUmMzEndofPlf6NGsKW6hpA4lcIW6DGrOYr
3ATk+0MT6sXL0hAuV/Axg+wmcJMQANFnzxIPNOVRbAHw2O9z8dVBE/p6rbvVb/2U
uL/1TENSDD0v5LSY4DB5/WqLhgzMAOjKhDDxvEbyiwPuOM/YK5MYl0CxtlSgwlFT
zZBSDLUGo+q5WlY6Iqo5wVorcGqyVotpRg22GdkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdInThPBGWDYltVLyy2TZ6ghUd3TAfBgNVHSMEGDAWgBS1Q++bw8ITI2HB
JAlyoYCRK/eoWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RVUHZtOFBDRXlOaHdTUUpjcUdBa1N2M3FGay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvMjVlNmQ2LWNlZDEtNDI4My04YzlmLWM4NGNjYmE0ZTYwNy8x
L1hTSjA0VHdSbGcySmJWUzhzdGsyZW9JVkhkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
MjVlNmQ2LWNlZDEtNDI4My04YzlmLWM4NGNjYmE0ZTYwNy8xL3RVUHZtOFBDRXlO
aHdTUUpjcUdBa1N2M3FGay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvH5DANBgkqhkiG9w0BAQsFAAOC
AQEAp6VM7IfDDhlPE6drEAm9d0yQCRWV/UG/rxLpnF3whsIW+S+DovaqFus+RK8/
lhzNuX88nK8oZCEsVuUtr/ioqOJoUMPvHKCy6FG+omB/wUBzHYewE5WL3FCjrHst
i+21PIlHzoZRKm/sIm14YqzjXsPOOHmlK+EKqAFrzTHpmRSpz/2DiF5o5veRI2Nw
Fx/wFoJ2jA1sIjgTCgZQO/jtxXgmVsU9RVN6gjLJoc5OXfuLYBB1V0phvpWWhrnu
tenLWFMzMru1DD1m03B6zhsaVecnjk07UGRywbr8RBEsanaYjcXzHxBLpnyTQqWh
je9efU/L77eaBoJsRgmsA26HOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:38 2024 by rpki-client on console-ams.rpki-client.org