Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b66429-4f20-4b90-a6b8-4c10e3360577/1/1NDIa840QlM6yBZXw-KaEMynrNs.roa
File: 1NDIa840QlM6yBZXw-KaEMynrNs.roa (raw, json)
Hash identifier: hwSjZ2e5uVIuSfTHdyH1Z2gh68Vu85bjWeqDJYdFk8k=
Subject key identifier: D4:D0:C8:6B:CE:34:42:53:3A:C8:16:57:C3:E2:9A:10:CC:A7:AC:DB
Certificate issuer: /CN=a3c03158aed81161d4f57c1742d460834173a79e
Certificate serial: 018269150C1175B9A77B85E79C1D6B257D1A
Authority key identifier: A3:C0:31:58:AE:D8:11:61:D4:F5:7C:17:42:D4:60:83:41:73:A7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8AxWK7YEWHU9XwXQtRgg0Fzp54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b66429-4f20-4b90-a6b8-4c10e3360577/1/1NDIa840QlM6yBZXw-KaEMynrNs.roa
Signing time: Thu 04 Aug 2022 13:39:23 +0000
ROA not before: Thu 04 Aug 2022 13:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 91.194.236.0/24 maxlen: 24
91.194.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:69:15:0c:11:75:b9:a7:7b:85:e7:9c:1d:6b:25:7d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c03158aed81161d4f57c1742d460834173a79e
Validity
Not Before: Aug 4 13:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4d0c86bce3442533ac81657c3e29a10cca7acdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ab:da:88:c5:b1:f9:10:29:9a:87:5e:a8:1e:
77:64:92:e2:bb:d3:5f:4e:77:b1:c9:4a:40:4f:fe:
4b:76:89:37:14:9c:b0:af:d2:34:a9:be:cc:43:75:
c2:55:88:fb:d7:7b:eb:c1:51:59:fd:09:52:99:da:
5e:1f:32:96:ce:e8:e3:e8:c3:31:0d:72:d8:85:43:
45:72:79:b3:2e:75:84:a0:c0:5f:af:e9:5a:d7:44:
42:f1:8f:5b:ce:bd:27:f8:11:6c:8f:72:f9:d9:df:
3e:39:f7:a4:1a:06:90:23:81:67:64:91:72:bd:d4:
d9:ad:8a:9a:37:2c:ce:70:99:03:c7:40:d4:c4:8d:
f5:16:fc:43:ba:78:d0:1c:6b:7a:41:68:f0:65:6c:
d9:dd:f1:0a:ae:2b:44:68:80:49:bf:8d:92:97:19:
ab:e7:6a:0a:fd:d0:14:cd:16:c3:2a:8d:29:f2:bf:
9a:df:75:56:9c:fe:40:3b:57:a9:4f:aa:5a:b3:fa:
ee:0c:93:04:4b:4e:bd:ab:e5:5e:74:7f:db:2f:a7:
0f:6a:c5:63:6c:24:6e:b5:50:03:16:ce:25:da:e5:
21:75:fd:0b:7f:ae:02:17:bb:10:59:15:a5:07:78:
c3:76:2d:fb:9b:e3:c8:07:a1:ec:ec:a9:50:14:38:
c0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D0:C8:6B:CE:34:42:53:3A:C8:16:57:C3:E2:9A:10:CC:A7:AC:DB
X509v3 Authority Key Identifier:
keyid:A3:C0:31:58:AE:D8:11:61:D4:F5:7C:17:42:D4:60:83:41:73:A7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8AxWK7YEWHU9XwXQtRgg0Fzp54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b66429-4f20-4b90-a6b8-4c10e3360577/1/1NDIa840QlM6yBZXw-KaEMynrNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b66429-4f20-4b90-a6b8-4c10e3360577/1/o8AxWK7YEWHU9XwXQtRgg0Fzp54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.236.0/23
Signature Algorithm: sha256WithRSAEncryption
31:1d:dc:f0:3d:2b:ea:8c:de:e0:cc:47:7a:e5:23:18:cc:48:
0d:81:02:2e:05:20:68:93:06:6d:43:00:58:c9:33:9e:a0:91:
03:15:01:6f:9f:75:03:34:b4:cb:a9:02:81:1c:0a:d4:44:2e:
b1:48:1c:c0:1e:3c:f9:2a:49:25:4b:28:9d:6e:fe:fc:de:a2:
dc:e0:28:31:8d:36:a3:4a:7b:4f:b5:c4:27:a8:94:0b:07:cf:
ed:84:80:5b:05:46:24:1f:4a:3f:58:7a:c3:39:fe:aa:6f:45:
26:64:2f:6d:f0:8d:23:7c:74:07:d4:ae:b7:8a:21:b2:80:1f:
89:8c:89:60:9a:29:f5:98:c3:0c:86:96:bf:0b:c9:b9:c5:7a:
95:c5:48:24:54:2d:ee:00:d2:cc:c0:c6:10:0b:75:da:e1:80:
1f:b2:c0:6e:c1:57:e6:72:bb:b7:49:6f:c8:c3:10:e6:1d:e9:
43:36:ca:84:0d:5e:49:0c:e0:f3:4c:56:00:91:3a:72:3a:49:
8f:94:ea:7c:be:90:23:b0:e5:f7:ea:16:90:45:83:b8:0f:62:
33:df:44:5c:8e:c9:92:59:c3:66:15:b2:7c:84:ae:78:7c:b9:
b4:52:8e:c5:d8:e2:7e:7f:76:e6:3a:4e:1b:ce:34:fb:e1:fa:
50:9f:6b:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJpFQwRdbmne4XnnB1rJX0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzAzMTU4YWVkODExNjFkNGY1N2MxNzQyZDQ2MDgzNDE3
M2E3OWUwHhcNMjIwODA0MTMzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQwYzg2YmNlMzQ0MjUzM2FjODE2NTdjM2UyOWExMGNjYTdhY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6vaiMWx+RApmodeqB53ZJLiu9Nf
TnexyUpAT/5Ldok3FJywr9I0qb7MQ3XCVYj713vrwVFZ/QlSmdpeHzKWzujj6MMx
DXLYhUNFcnmzLnWEoMBfr+la10RC8Y9bzr0n+BFsj3L52d8+OfekGgaQI4FnZJFy
vdTZrYqaNyzOcJkDx0DUxI31FvxDunjQHGt6QWjwZWzZ3fEKritEaIBJv42Slxmr
52oK/dAUzRbDKo0p8r+a33VWnP5AO1epT6pas/ruDJMES069q+VedH/bL6cPasVj
bCRutVADFs4l2uUhdf0Lf64CF7sQWRWlB3jDdi37m+PIB6Hs7KlQFDjAaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTQyGvONEJTOsgWV8PimhDMp6zbMB8GA1UdIwQY
MBaAFKPAMViu2BFh1PV8F0LUYINBc6eeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhBeFdLN1lFV0hVOVh3WFF0UmdnMEZ6cDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iNjY0MjktNGYyMC00YjkwLWE2Yjgt
NGMxMGUzMzYwNTc3LzEvMU5ESWE4NDBRbE02eUJaWHctS2FFTXluck5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iNjY0MjktNGYyMC00YjkwLWE2YjgtNGMxMGUzMzYwNTc3
LzEvbzhBeFdLN1lFV0hVOVh3WFF0UmdnMEZ6cDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8LsMA0G
CSqGSIb3DQEBCwUAA4IBAQAxHdzwPSvqjN7gzEd65SMYzEgNgQIuBSBokwZtQwBY
yTOeoJEDFQFvn3UDNLTLqQKBHArURC6xSBzAHjz5KkklSyidbv783qLc4CgxjTaj
SntPtcQnqJQLB8/thIBbBUYkH0o/WHrDOf6qb0UmZC9t8I0jfHQH1K63iiGygB+J
jIlgmin1mMMMhpa/C8m5xXqVxUgkVC3uANLMwMYQC3Xa4YAfssBuwVfmcru3SW/I
wxDmHelDNsqEDV5JDODzTFYAkTpyOkmPlOp8vpAjsOX36haQRYO4D2Iz30RcjsmS
WcNmFbJ8hK54fLm0Uo7F2OJ+f3bmOk4bzjT74fpQn2uL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:39 2024 by rpki-client on console-fra.rpki-client.org