Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/li06Ik5BYap8gxU_GC4LOV9f9kI.roa
File: li06Ik5BYap8gxU_GC4LOV9f9kI.roa (raw, json)
Hash identifier: NsnzPwaF6/sLyF+e889CSbtcrfxJMA3fgl/qpJoC9f4=
Subject key identifier: 96:2D:3A:22:4E:41:61:AA:7C:83:15:3F:18:2E:0B:39:5F:5F:F6:42
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 26E6D287
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/li06Ik5BYap8gxU_GC4LOV9f9kI.roa
Signing time: Sat 01 Jan 2022 06:02:48 +0000
ROA not before: Sat 01 Jan 2022 06:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199284
IP address blocks: 91.137.16.0/20 maxlen: 24
91.137.50.0/23 maxlen: 24
91.137.48.0/22 maxlen: 24
91.137.56.0/22 maxlen: 22
91.137.60.0/22 maxlen: 24
91.137.62.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 652661383 (0x26e6d287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Jan 1 06:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=962d3a224e4161aa7c83153f182e0b395f5ff642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6a:18:22:e7:a2:8d:5b:06:df:b5:9e:ab:82:
89:b6:20:9e:8a:6b:8d:a4:8a:5b:8b:97:7f:46:ff:
b5:e2:cd:cf:6b:8b:59:0d:4d:86:86:10:df:47:3a:
c8:e3:25:10:6a:44:45:86:76:9c:b4:a4:ce:a7:80:
2b:7b:30:74:02:0f:97:23:33:95:6e:56:cd:d9:71:
a7:44:56:d0:a0:49:37:5e:cd:3a:73:51:be:d8:c1:
dc:3c:dd:d6:1b:fe:d4:78:08:3d:c6:8a:2a:f8:5a:
2c:6c:1a:01:2b:96:e3:8e:84:c8:11:64:05:bf:ea:
38:aa:9e:41:02:16:23:00:eb:ba:d7:8f:6e:89:c0:
70:30:1a:32:bb:98:f9:71:c5:74:49:ca:f6:6d:7a:
7a:6f:09:ef:3a:3e:90:34:da:1b:30:ac:54:7b:ed:
f5:2b:ee:3d:47:6a:51:ca:91:63:5f:ec:5f:f6:09:
13:29:77:86:1f:66:59:91:af:ae:80:6b:92:60:6a:
8e:34:26:4f:76:ad:92:ed:93:6f:80:29:82:98:26:
f4:c6:39:f0:45:ae:08:79:4c:3c:3a:74:24:b8:e8:
6a:ea:f0:8a:27:5f:18:b4:63:60:9c:fc:ae:44:81:
d1:92:68:df:dc:e5:9c:4f:65:d5:c2:71:d8:2f:74:
73:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2D:3A:22:4E:41:61:AA:7C:83:15:3F:18:2E:0B:39:5F:5F:F6:42
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/li06Ik5BYap8gxU_GC4LOV9f9kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.16.0/20
91.137.48.0/22
91.137.56.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:8d:a9:13:2a:e4:7d:6f:61:26:24:f1:50:40:9a:e4:1c:d3:
ad:32:42:62:38:51:c6:10:b7:22:3c:46:e8:f5:7a:1b:29:f6:
06:37:29:f3:8b:b7:8a:1c:3a:d6:e1:0c:eb:c9:59:f2:b1:91:
de:bd:71:b1:35:53:d7:bc:34:d0:0d:22:e9:6b:b8:2d:ed:a8:
14:38:bc:84:5a:1b:9f:52:ff:97:aa:53:25:8a:58:5d:f2:9a:
9b:e8:e6:d2:eb:62:57:9e:f9:79:fe:98:31:27:56:cf:68:8d:
f3:fd:d1:63:18:84:3e:ef:1d:ea:e1:25:e6:c5:65:63:cc:31:
08:62:f2:bc:97:4c:a3:8a:3e:ec:16:60:7f:a1:c5:9c:1d:a1:
2b:08:b8:77:a2:7d:d7:46:8e:eb:15:25:46:84:9e:40:ea:13:
48:3c:d4:2c:24:f3:b4:7a:53:4f:cb:26:a8:ae:0f:ca:6a:61:
86:b8:98:4c:df:fc:f4:1f:58:93:5f:f2:54:44:f2:3b:3f:7a:
f8:eb:fc:fa:a2:ed:77:10:30:bf:f9:b1:cf:d0:db:a3:c2:ce:
48:b9:c4:9c:f0:70:df:ba:59:1f:55:c9:51:e3:0e:84:39:80:
76:23:fd:e8:75:b9:9d:00:0f:5b:38:82:7d:27:88:00:21:b5:
46:8c:ad:97
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEJubShzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MGVhODM4NWExNGZkOTk2Nzk3OGFlN2YwNmVjNGRkNTIyMjlhNDRhMB4XDTIyMDEw
MTA2MDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYyZDNhMjI0ZTQx
NjFhYTdjODMxNTNmMTgyZTBiMzk1ZjVmZjY0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJqGCLnoo1bBt+1nquCibYgnoprjaSKW4uXf0b/teLNz2uL
WQ1NhoYQ30c6yOMlEGpERYZ2nLSkzqeAK3swdAIPlyMzlW5Wzdlxp0RW0KBJN17N
OnNRvtjB3Dzd1hv+1HgIPcaKKvhaLGwaASuW446EyBFkBb/qOKqeQQIWIwDruteP
bonAcDAaMruY+XHFdEnK9m16em8J7zo+kDTaGzCsVHvt9SvuPUdqUcqRY1/sX/YJ
Eyl3hh9mWZGvroBrkmBqjjQmT3atku2Tb4Apgpgm9MY58EWuCHlMPDp0JLjoaurw
iidfGLRjYJz8rkSB0ZJo39zlnE9l1cJx2C90cy0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSWLToiTkFhqnyDFT8YLgs5X1/2QjAfBgNVHSMEGDAWgBRg6oOFoU/Zlnl4
rn8G7E3VIimkSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lPcURoYUZQMlpaNWVLNV9CdXhOMVNJcHBFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMDMzMGZiLTk1ZDEtNDMwMi1iZWExLWY1NDU3N2Y3Y2MwZi8x
L2xpMDZJazVCWWFwOGd4VV9HQzRMT1Y5ZjlrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MDMzMGZiLTk1ZDEtNDMwMi1iZWExLWY1NDU3N2Y3Y2MwZi8xL1lPcURoYUZQMlpa
NWVLNV9CdXhOMVNJcHBFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBFuJEAMEAluJMAMEA1uJODANBgkq
hkiG9w0BAQsFAAOCAQEAqY2pEyrkfW9hJiTxUECa5BzTrTJCYjhRxhC3IjxG6PV6
Gyn2Bjcp84u3ihw61uEM68lZ8rGR3r1xsTVT17w00A0i6Wu4Le2oFDi8hFobn1L/
l6pTJYpYXfKam+jm0utiV575ef6YMSdWz2iN8/3RYxiEPu8d6uEl5sVlY8wxCGLy
vJdMo4o+7BZgf6HFnB2hKwi4d6J910aO6xUlRoSeQOoTSDzULCTztHpTT8smqK4P
ymphhriYTN/89B9Yk1/yVETyOz96+Ov8+qLtdxAwv/mxz9Dbo8LOSLnEnPBw37pZ
H1XJUeMOhDmAdiP96HW5nQAPWziCfSeIACG1Roytlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:39 2024 by rpki-client on console-ams.rpki-client.org