Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/xFlv3kwBJcP-xvQQNZNnsD_krFc.roa
File: xFlv3kwBJcP-xvQQNZNnsD_krFc.roa (raw, json)
Hash identifier: EDvXbhEhRPbTdP3m7SQuA1X+asSkccyjgyTzVgLnfXI=
Subject key identifier: C4:59:6F:DE:4C:01:25:C3:FE:C6:F4:10:35:93:67:B0:3F:E4:AC:57
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 1AFF376C
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/xFlv3kwBJcP-xvQQNZNnsD_krFc.roa
Signing time: Sat 01 Jan 2022 13:05:43 +0000
ROA not before: Sat 01 Jan 2022 13:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29372
IP address blocks: 91.68.249.0/24 maxlen: 24
91.68.247.0/24 maxlen: 24
91.68.248.0/24 maxlen: 24
91.68.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452933484 (0x1aff376c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 13:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4596fde4c0125c3fec6f410359367b03fe4ac57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:df:af:3c:b1:76:54:bb:19:a3:93:45:a2:
92:bc:37:df:9a:7f:f2:69:67:e2:19:75:64:9e:4b:
30:52:eb:a2:4c:98:13:b3:45:3e:5f:e8:2a:e0:74:
2b:9b:18:3a:c3:ff:26:6f:9a:22:00:17:3f:71:53:
a2:c3:e8:b9:9a:3f:0a:47:97:c2:d6:1e:db:1b:29:
6f:88:8a:20:02:8c:a0:62:99:70:0e:23:f9:ed:27:
b4:b9:06:e2:8d:00:8e:d6:d0:ab:c5:b7:90:fc:71:
ae:61:ae:81:b8:49:f8:6a:61:44:c4:e1:76:91:8c:
a5:35:44:ca:4c:b3:d5:ba:9b:92:73:c8:c2:f2:33:
9d:ab:1d:08:78:ff:84:3b:9f:99:54:09:27:39:32:
09:0f:8a:ce:09:3c:ab:d6:e7:96:58:df:d6:d1:39:
ac:fd:de:e3:ef:a8:e0:02:4d:06:54:7e:da:1a:e0:
77:89:b2:aa:22:11:e4:79:45:1d:6e:9f:3d:e5:8e:
6b:38:7c:e4:a5:56:f4:a5:31:7c:fb:15:39:a4:18:
c1:56:0a:2f:c6:4b:fb:9c:30:17:75:93:e3:ef:d2:
e1:06:7f:f4:2d:91:ca:cf:3e:ea:fa:c8:6b:49:25:
3f:14:e2:65:c0:9f:05:38:d4:74:b0:69:07:da:81:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:59:6F:DE:4C:01:25:C3:FE:C6:F4:10:35:93:67:B0:3F:E4:AC:57
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/xFlv3kwBJcP-xvQQNZNnsD_krFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.68.247.0-91.68.250.255
Signature Algorithm: sha256WithRSAEncryption
43:b9:00:98:c1:7b:80:65:3d:59:83:f7:3f:d3:00:e1:60:19:
66:5c:79:3a:1e:46:92:5c:f0:bf:cb:a2:66:30:98:0f:01:98:
37:2c:f1:62:aa:bb:e1:5d:40:97:0f:45:67:3d:00:2f:8a:cc:
99:1c:2e:63:b1:c2:d8:83:ec:78:72:c2:99:a9:32:56:63:e1:
16:18:da:ed:9b:97:47:45:33:0b:ac:35:e3:0d:76:ae:a4:0d:
c8:d5:2e:b6:50:d9:bc:54:82:c1:b6:b8:5e:03:52:1b:fe:b2:
83:d9:cb:c9:72:bd:a2:ba:07:37:36:03:b6:56:54:78:f5:eb:
73:62:b3:b0:ab:c6:8f:7f:3b:c9:37:23:50:c8:1a:d5:40:d8:
34:56:2a:82:cf:9d:82:be:b4:09:fe:08:60:02:5d:12:4d:e3:
96:de:e1:54:64:97:27:d1:8e:49:b6:79:d7:d7:9f:18:fe:7d:
ce:e8:ae:13:33:60:be:ed:99:f5:f0:e6:bd:ba:ec:32:d5:b5:
b1:07:99:20:34:be:e7:f6:42:d1:df:88:62:d1:71:69:ee:ea:
30:32:40:77:0e:42:4b:9a:a5:d5:66:cc:08:42:e9:e9:18:7e:
9e:43:e9:36:81:03:54:63:d3:8d:84:da:6c:1e:c1:2d:14:61:
04:12:dd:e5
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEGv83bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGVmNWZiYmZjYTdhOTNjZmVlOTY1ZWViNmJkZWU2ZmI0M2M0MDNlMB4XDTIyMDEw
MTEzMDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ1OTZmZGU0YzAx
MjVjM2ZlYzZmNDEwMzU5MzY3YjAzZmU0YWM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8S3688sXZUuxmjk0Wikrw335p/8mln4hl1ZJ5LMFLrokyY
E7NFPl/oKuB0K5sYOsP/Jm+aIgAXP3FTosPouZo/CkeXwtYe2xspb4iKIAKMoGKZ
cA4j+e0ntLkG4o0AjtbQq8W3kPxxrmGugbhJ+GphRMThdpGMpTVEykyz1bqbknPI
wvIznasdCHj/hDufmVQJJzkyCQ+Kzgk8q9bnlljf1tE5rP3e4++o4AJNBlR+2hrg
d4myqiIR5HlFHW6fPeWOazh85KVW9KUxfPsVOaQYwVYKL8ZL+5wwF3WT4+/S4QZ/
9C2Rys8+6vrIa0klPxTiZcCfBTjUdLBpB9qBhNUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTEWW/eTAElw/7G9BA1k2ewP+SsVzAfBgNVHSMEGDAWgBSg71+7/KepPP7p
Ze62ve5vtDxAPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29POWZ1X3lucVR6LTZXWHV0cjN1YjdROFFENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8x
L3hGbHYza3dCSmNQLXh2UVFOWk5uc0Rfa3JGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
ZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8xL29POWZ1X3lucVR6
LTZXWHV0cjN1YjdROFFENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAW0T3AwQAW0T6MA0GCSqGSIb3
DQEBCwUAA4IBAQBDuQCYwXuAZT1Zg/c/0wDhYBlmXHk6HkaSXPC/y6JmMJgPAZg3
LPFiqrvhXUCXD0VnPQAvisyZHC5jscLYg+x4csKZqTJWY+EWGNrtm5dHRTMLrDXj
DXaupA3I1S62UNm8VILBtrheA1Ib/rKD2cvJcr2iugc3NgO2VlR49etzYrOwq8aP
fzvJNyNQyBrVQNg0ViqCz52CvrQJ/ghgAl0STeOW3uFUZJcn0Y5JtnnX158Y/n3O
6K4TM2C+7Zn18Oa9uuwy1bWxB5kgNL7n9kLR34hi0XFp7uowMkB3DkJLmqXVZswI
QunpGH6eQ+k2gQNUY9ONhNpsHsEtFGEEEt3l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org