Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c0305e-59a1-4b67-9e61-7c4fe361037a/1/KOFgwQ20FRmVq9cbeOYutH1fy1s.roa
File: KOFgwQ20FRmVq9cbeOYutH1fy1s.roa (raw, json)
Hash identifier: 9MElEYqiZfzZ1LW55gEJ4WZVwtiM1xjxq6yPyPEDIAE=
Subject key identifier: 28:E1:60:C1:0D:B4:15:19:95:AB:D7:1B:78:E6:2E:B4:7D:5F:CB:5B
Certificate issuer: /CN=27f83e56b6af760083eb54bb5b6e19ddb41dd88a
Certificate serial: 03291F31
Authority key identifier: 27:F8:3E:56:B6:AF:76:00:83:EB:54:BB:5B:6E:19:DD:B4:1D:D8:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_g-VravdgCD61S7W24Z3bQd2Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c0305e-59a1-4b67-9e61-7c4fe361037a/1/KOFgwQ20FRmVq9cbeOYutH1fy1s.roa
Signing time: Sat 01 Jan 2022 15:58:52 +0000
ROA not before: Sat 01 Jan 2022 15:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57577
IP address blocks: 91.233.57.0/24 maxlen: 24
91.233.58.0/24 maxlen: 24
91.233.56.0/22 maxlen: 22
91.233.56.0/24 maxlen: 24
91.233.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53026609 (0x3291f31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f83e56b6af760083eb54bb5b6e19ddb41dd88a
Validity
Not Before: Jan 1 15:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28e160c10db4151995abd71b78e62eb47d5fcb5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1e:98:c0:34:c5:0f:1c:e1:f3:3f:d7:f4:72:
83:60:21:30:73:57:54:6d:e8:1f:f1:2a:df:0b:0b:
9d:c5:88:a6:15:e1:ee:08:fc:e7:09:8b:c2:f7:f3:
0d:ee:5f:84:8b:52:23:0f:e0:54:a0:36:03:f3:24:
fa:70:33:78:31:46:b7:90:8b:a2:4a:ba:81:0d:ab:
60:c0:d8:67:17:8f:e7:dc:13:ce:ad:89:f4:3d:4a:
38:ef:84:cb:4a:fa:97:1f:6f:48:9f:16:7f:08:77:
cb:14:22:aa:95:99:e8:42:65:53:b9:04:b6:d4:23:
3b:f4:ee:e0:aa:07:b9:7d:6f:65:19:6c:f9:3d:93:
cf:5b:2a:63:7a:f7:4b:0f:9b:ed:c5:48:38:bf:7c:
79:66:7c:62:b0:51:32:9d:da:9b:73:43:de:33:56:
04:99:d8:fe:1d:a4:8c:87:3f:e7:22:5c:2b:78:b3:
c0:4f:fc:f5:96:2a:f7:b2:9d:cd:54:59:67:79:41:
fc:af:c7:0a:64:93:07:e0:da:12:09:91:6f:c2:38:
3b:e8:75:dd:e8:b2:65:53:0a:3e:05:81:31:49:2c:
86:ea:49:71:7d:60:12:ff:d6:1d:ad:72:a4:57:70:
ff:0e:57:f8:7d:80:14:0a:69:45:ca:b5:54:0a:8f:
8b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E1:60:C1:0D:B4:15:19:95:AB:D7:1B:78:E6:2E:B4:7D:5F:CB:5B
X509v3 Authority Key Identifier:
keyid:27:F8:3E:56:B6:AF:76:00:83:EB:54:BB:5B:6E:19:DD:B4:1D:D8:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_g-VravdgCD61S7W24Z3bQd2Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c0305e-59a1-4b67-9e61-7c4fe361037a/1/KOFgwQ20FRmVq9cbeOYutH1fy1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c0305e-59a1-4b67-9e61-7c4fe361037a/1/J_g-VravdgCD61S7W24Z3bQd2Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.56.0/22
Signature Algorithm: sha256WithRSAEncryption
68:43:f6:fa:6a:25:b5:0a:b1:eb:37:d6:23:82:cd:56:b5:bf:
b8:0a:c1:3b:54:a4:ca:4b:4e:8c:05:5e:3e:93:68:ff:f8:c2:
0b:88:a5:5e:cb:ba:0b:6e:f3:3e:64:28:c3:ef:a9:ba:9a:cb:
37:89:1a:2d:82:87:14:e6:03:5d:ac:fb:63:11:42:af:fc:c0:
72:20:84:b7:3b:46:d5:bc:be:6e:fd:d4:6a:78:e2:1a:d4:e2:
9c:b8:01:b5:e5:35:61:3f:d7:98:d0:68:d9:42:35:d6:00:0d:
f1:b8:68:3a:26:c1:a0:cf:f5:ce:ef:54:b5:e1:1c:24:06:5d:
66:4a:f5:2c:5a:b6:ab:09:88:ba:7c:22:a8:ee:8a:91:b5:b3:
34:44:7d:86:17:68:a2:4f:50:59:cf:4d:ab:26:f5:a2:4a:f2:
f9:a8:91:71:85:18:ee:67:f9:90:64:4f:62:b8:91:0b:87:55:
ed:a0:4e:6f:d8:f3:12:40:f6:74:91:0c:95:94:42:4d:09:cd:
89:62:4d:04:be:80:11:ea:d6:ac:16:73:3f:d0:11:5a:68:50:
25:c1:19:4f:3b:0a:4f:6d:80:26:f9:45:70:cb:23:16:b0:7a:
07:81:3e:c4:66:71:82:18:4f:34:f6:87:0f:6a:3d:79:df:1b:
43:65:aa:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAykfMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2Y4M2U1NmI2YWY3NjAwODNlYjU0YmI1YjZlMTlkZGI0MWRkODhhMB4XDTIyMDEw
MTE1NTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhlMTYwYzEwZGI0
MTUxOTk1YWJkNzFiNzhlNjJlYjQ3ZDVmY2I1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoemMA0xQ8c4fM/1/Ryg2AhMHNXVG3oH/Eq3wsLncWIphXh
7gj85wmLwvfzDe5fhItSIw/gVKA2A/Mk+nAzeDFGt5CLokq6gQ2rYMDYZxeP59wT
zq2J9D1KOO+Ey0r6lx9vSJ8Wfwh3yxQiqpWZ6EJlU7kEttQjO/Tu4KoHuX1vZRls
+T2Tz1sqY3r3Sw+b7cVIOL98eWZ8YrBRMp3am3ND3jNWBJnY/h2kjIc/5yJcK3iz
wE/89ZYq97KdzVRZZ3lB/K/HCmSTB+DaEgmRb8I4O+h13eiyZVMKPgWBMUkshupJ
cX1gEv/WHa1ypFdw/w5X+H2AFAppRcq1VAqPi7UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQo4WDBDbQVGZWr1xt45i60fV/LWzAfBgNVHSMEGDAWgBQn+D5Wtq92AIPr
VLtbbhndtB3YijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pfZy1WcmF2ZGdDRDYxUzdXMjRaM2JRZDJJby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYzAzMDVlLTU5YTEtNGI2Ny05ZTYxLTdjNGZlMzYxMDM3YS8x
L0tPRmd3UTIwRlJtVnE5Y2JlT1l1dEgxZnkxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YzAzMDVlLTU5YTEtNGI2Ny05ZTYxLTdjNGZlMzYxMDM3YS8xL0pfZy1WcmF2ZGdD
RDYxUzdXMjRaM2JRZDJJby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvpODANBgkqhkiG9w0BAQsFAAOC
AQEAaEP2+moltQqx6zfWI4LNVrW/uArBO1SkyktOjAVePpNo//jCC4ilXsu6C27z
PmQow++puprLN4kaLYKHFOYDXaz7YxFCr/zAciCEtztG1by+bv3UanjiGtTinLgB
teU1YT/XmNBo2UI11gAN8bhoOibBoM/1zu9UteEcJAZdZkr1LFq2qwmIunwiqO6K
kbWzNER9hhdook9QWc9Nqyb1okry+aiRcYUY7mf5kGRPYriRC4dV7aBOb9jzEkD2
dJEMlZRCTQnNiWJNBL6AEerWrBZzP9ARWmhQJcEZTzsKT22AJvlFcMsjFrB6B4E+
xGZxghhPNPaHD2o9ed8bQ2WqnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:04 2024 by rpki-client on console-fra.rpki-client.org