Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/DJkyUthb2-FQqLWW-CKZCAIQrhY.roa
File: DJkyUthb2-FQqLWW-CKZCAIQrhY.roa (raw, json)
Hash identifier: GGw5dvovMgmLxsLzdYdtNMBgjsLdic0mxDWZLkLRcgg=
Subject key identifier: 0C:99:32:52:D8:5B:DB:E1:50:A8:B5:96:F8:22:99:08:02:10:AE:16
Certificate issuer: /CN=fb5602802a8793a24fda4d0edcc30a196c0f77e0
Certificate serial: 0184F6403C38EB0FA2FF5BA66DA275CBBEF4
Authority key identifier: FB:56:02:80:2A:87:93:A2:4F:DA:4D:0E:DC:C3:0A:19:6C:0F:77:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-1YCgCqHk6JP2k0O3MMKGWwPd-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/DJkyUthb2-FQqLWW-CKZCAIQrhY.roa
Signing time: Fri 09 Dec 2022 09:38:35 +0000
ROA not before: Fri 09 Dec 2022 09:38:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203046
IP address blocks: 91.208.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:40:3c:38:eb:0f:a2:ff:5b:a6:6d:a2:75:cb:be:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb5602802a8793a24fda4d0edcc30a196c0f77e0
Validity
Not Before: Dec 9 09:38:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c993252d85bdbe150a8b596f82299080210ae16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a7:47:f7:ff:0e:cc:2a:b0:54:50:38:4f:d7:
72:62:30:62:e0:0f:c0:79:59:80:a3:6b:28:81:4e:
26:9c:0d:e2:93:aa:6c:46:e3:58:6a:e8:96:7f:a8:
be:d1:3e:96:ce:72:3c:8d:71:e6:01:fe:cf:42:5c:
5a:b2:25:00:a0:77:67:63:8f:2d:a6:5f:fe:1a:4d:
a3:80:5b:6c:f3:b8:d5:7e:cd:8c:6e:64:48:1d:fc:
e4:21:78:fd:77:b3:12:e0:94:ec:17:38:25:3d:55:
5f:20:75:e8:15:31:95:c6:5b:f9:45:25:fa:b7:50:
c4:08:57:d7:c0:16:5f:60:81:ba:d0:3f:be:5d:92:
f7:fd:b1:d5:bc:11:65:a4:44:02:49:ac:c1:bb:2a:
a8:cf:a5:32:bc:0f:93:84:a3:be:9e:1a:bb:bc:be:
1c:85:8b:f6:30:f0:40:3a:e5:88:af:1a:97:ca:3f:
25:80:7d:32:59:0e:eb:16:14:0f:5a:5f:9e:cc:0c:
7e:74:57:16:58:11:65:b0:67:42:3c:09:46:e3:e4:
70:cf:0d:82:cd:6d:be:da:86:73:0d:18:1b:55:06:
67:b8:a6:7f:d7:d0:73:e1:3f:80:ee:1a:55:73:9f:
9e:fd:78:c1:5d:34:d9:29:d7:75:66:73:31:a5:1c:
bd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:99:32:52:D8:5B:DB:E1:50:A8:B5:96:F8:22:99:08:02:10:AE:16
X509v3 Authority Key Identifier:
keyid:FB:56:02:80:2A:87:93:A2:4F:DA:4D:0E:DC:C3:0A:19:6C:0F:77:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-1YCgCqHk6JP2k0O3MMKGWwPd-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/DJkyUthb2-FQqLWW-CKZCAIQrhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/1-1YCgCqHk6JP2k0O3MMKGWwPd-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:59:47:1c:cd:5c:43:c9:26:af:fd:41:30:cd:92:6e:e9:6e:
fb:77:a6:07:07:e2:49:ef:63:e2:77:45:60:d3:bc:c7:f4:10:
a9:3a:bf:32:df:14:da:1b:b1:3a:f3:8b:b8:91:ea:a0:47:66:
7d:61:e9:d5:fb:94:bb:03:8e:c2:5d:6c:2d:86:6d:4b:f3:f5:
ca:04:1f:e9:18:d9:8f:46:fd:12:7c:2a:8b:08:2f:85:4e:8f:
55:00:76:c0:d7:5e:cb:43:95:e6:bd:65:c4:a2:00:47:0c:3b:
a1:e2:0d:4c:7d:22:a7:2b:18:1b:83:a8:30:6f:80:05:2f:7d:
14:c3:c5:70:91:85:49:fc:7b:92:21:2a:1e:15:b5:8c:06:ec:
b6:71:99:74:83:e9:0d:41:cb:69:30:67:1b:a4:0b:ac:d8:62:
a1:16:cc:43:be:89:d4:83:16:1d:01:9a:f0:68:bb:9b:86:96:
72:42:ea:a6:a5:4c:6c:10:8f:10:71:ab:ab:25:46:fd:46:fa:
a9:c5:94:cf:14:69:8c:4b:85:43:71:22:ff:98:9e:8c:e4:9f:
7a:b5:48:8d:79:cd:29:90:7d:55:6d:1f:08:08:38:10:ce:d7:
dc:cb:0a:12:74:25:1d:fc:42:40:30:89:8a:be:48:fc:27:65:
66:b1:72:ac
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYT2QDw46w+i/1umbaJ1y770MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNTYwMjgwMmE4NzkzYTI0ZmRhNGQwZWRjYzMwYTE5NmMw
Zjc3ZTAwHhcNMjIxMjA5MDkzODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk5MzI1MmQ4NWJkYmUxNTBhOGI1OTZmODIyOTkwODAyMTBhZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjadH9/8OzCqwVFA4T9dyYjBi4A/A
eVmAo2sogU4mnA3ik6psRuNYauiWf6i+0T6WznI8jXHmAf7PQlxasiUAoHdnY48t
pl/+Gk2jgFts87jVfs2MbmRIHfzkIXj9d7MS4JTsFzglPVVfIHXoFTGVxlv5RSX6
t1DECFfXwBZfYIG60D++XZL3/bHVvBFlpEQCSazBuyqoz6UyvA+ThKO+nhq7vL4c
hYv2MPBAOuWIrxqXyj8lgH0yWQ7rFhQPWl+ezAx+dFcWWBFlsGdCPAlG4+Rwzw2C
zW2+2oZzDRgbVQZnuKZ/19Bz4T+A7hpVc5+e/XjBXTTZKdd1ZnMxpRy99wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAyZMlLYW9vhUKi1lvgimQgCEK4WMB8GA1UdIwQY
MBaAFPtWAoAqh5OiT9pNDtzDChlsD3fgMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0xWUNnQ3FIazZKUDJrME8zTU1LR1d3UGQtQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvODM4N2E3LTA2OGMtNDgzMi1hYTI2
LWRiNWIxZjg5YTUwZC8xL0RKa3lVdGhiMi1GUXFMV1ctQ0taQ0FJUXJoWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvODM4N2E3LTA2OGMtNDgzMi1hYTI2LWRiNWIxZjg5YTUw
ZC8xLzEtMVlDZ0NxSGs2SlAyazBPM01NS0dXd1BkLUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb0L8w
DQYJKoZIhvcNAQELBQADggEBAC9ZRxzNXEPJJq/9QTDNkm7pbvt3pgcH4knvY+J3
RWDTvMf0EKk6vzLfFNobsTrzi7iR6qBHZn1h6dX7lLsDjsJdbC2GbUvz9coEH+kY
2Y9G/RJ8KosIL4VOj1UAdsDXXstDlea9ZcSiAEcMO6HiDUx9IqcrGBuDqDBvgAUv
fRTDxXCRhUn8e5IhKh4VtYwG7LZxmXSD6Q1By2kwZxukC6zYYqEWzEO+idSDFh0B
mvBou5uGlnJC6qalTGwQjxBxq6slRv1G+qnFlM8UaYxLhUNxIv+Ynozkn3q1SI15
zSmQfVVtHwgIOBDO19zLChJ0JR38QkAwiYq+SPwnZWaxcqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:12 2024 by rpki-client on console-fra.rpki-client.org