Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/41tkf__fG5FhM7rnay_nCx6xtu8.roa
File: 41tkf__fG5FhM7rnay_nCx6xtu8.roa (raw, json)
Hash identifier: tdjHxHMvBzGsQMikLIKD1FEgSJ+6kfkjzaIHChhv1QQ=
Subject key identifier: E3:5B:64:7F:FF:DF:1B:91:61:33:BA:E7:6B:2F:E7:0B:1E:B1:B6:EF
Certificate issuer: /CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Certificate serial: 0184ED938BA24BC4BABCC5524CF4C89B6832
Authority key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/41tkf__fG5FhM7rnay_nCx6xtu8.roa
Signing time: Wed 07 Dec 2022 17:13:00 +0000
ROA not before: Wed 07 Dec 2022 17:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59747
IP address blocks: 91.207.230.0/24 maxlen: 24
91.207.231.0/24 maxlen: 24
2a02:38:1111::/48 maxlen: 48
2a02:38:cccc::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:93:8b:a2:4b:c4:ba:bc:c5:52:4c:f4:c8:9b:68:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Validity
Not Before: Dec 7 17:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e35b647fffdf1b916133bae76b2fe70b1eb1b6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:e8:ba:b2:f3:7c:cf:9e:37:56:43:56:8d:
67:cc:cb:00:12:f3:08:2c:3f:05:80:88:7a:79:55:
fc:4e:ec:f0:bc:aa:f6:4c:69:5b:ca:96:50:e2:23:
64:e7:0f:a1:74:e7:f4:96:06:ba:f4:45:18:5c:c8:
74:38:fb:84:c6:40:5f:75:80:12:3e:cc:b3:9b:07:
fe:e9:f3:f2:c4:f2:bb:dd:38:09:1c:99:b4:a6:a0:
6a:ff:9e:44:c5:72:cf:ab:a2:9b:34:0e:70:b2:bf:
5c:25:cd:8d:e5:c1:c0:f4:45:49:9c:58:13:df:26:
d9:d5:3d:7d:cf:48:43:57:45:61:de:a1:53:b9:03:
58:7b:df:b6:20:c7:cc:af:f0:26:70:b8:b3:d5:cb:
b5:c1:00:26:91:48:cf:3c:2b:be:2f:b2:04:d8:1f:
9a:7b:c7:e7:06:eb:e3:2b:6f:cc:5d:f3:5a:d4:6e:
80:f3:da:d7:9c:75:e1:d1:ba:b8:66:b5:40:c2:41:
24:a8:46:57:da:5b:4a:bf:2f:d2:d3:73:6f:e6:ac:
4d:42:91:42:36:2e:d4:b5:99:1d:f3:2b:f5:b1:42:
d9:90:53:7a:19:df:f9:eb:84:09:3a:fc:c5:24:41:
af:a6:c1:55:e1:4e:b9:5c:31:f9:bc:70:fc:b4:08:
a6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5B:64:7F:FF:DF:1B:91:61:33:BA:E7:6B:2F:E7:0B:1E:B1:B6:EF
X509v3 Authority Key Identifier:
keyid:29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/41tkf__fG5FhM7rnay_nCx6xtu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.230.0/23
IPv6:
2a02:38:1111::/48
2a02:38:cccc::/64
Signature Algorithm: sha256WithRSAEncryption
95:e7:ca:cc:94:a8:46:2c:0d:24:e6:ba:24:a6:5e:19:8a:82:
5f:d2:f6:66:cb:84:d2:12:d5:a4:d5:4e:ed:15:93:43:8c:bf:
c4:f7:65:33:58:1b:f2:de:17:64:07:ba:93:16:2b:b5:c0:f9:
cd:e3:78:8e:48:b7:4d:af:ff:49:10:26:e3:83:34:d9:d4:02:
1e:16:cf:32:02:c0:03:69:d4:c5:98:50:96:8c:43:e3:1c:74:
c6:fc:fe:77:86:9f:71:f2:00:08:38:31:66:5c:ea:8f:d9:f7:
ad:4b:8d:51:7d:2f:c6:af:65:4a:6a:3e:76:cd:d7:25:28:51:
8b:12:13:72:14:57:b3:5e:d3:72:3a:23:2e:3c:c6:a3:1a:85:
ae:08:d8:f7:b1:9e:bf:c1:a1:64:5c:25:2f:27:dc:b1:71:3e:
20:52:6c:b8:44:de:82:cc:33:7e:af:f7:10:37:0a:34:99:0f:
b0:4e:b7:6d:50:2f:a3:0b:be:88:88:51:f8:6d:89:d2:e0:fb:
46:27:ac:f0:51:d9:69:89:23:8c:d1:ca:b7:29:dd:97:b5:89:
2f:2d:f1:20:b9:9f:e6:4f:1a:39:4e:41:99:e8:86:e4:24:77:
c9:d4:01:02:ad:1e:ca:ff:b9:e7:1d:e8:d6:03:8d:0d:11:a9:
55:7e:6e:f9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYTtk4uiS8S6vMVSTPTIm2gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTA5ZGE2NjJmOWQzMDJmZmYyYzVjNGI0YWZiOGY5NDdm
ZWMxYzAwHhcNMjIxMjA3MTcxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzViNjQ3ZmZmZGYxYjkxNjEzM2JhZTc2YjJmZTcwYjFlYjFiNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm53ourLzfM+eN1ZDVo1nzMsAEvMI
LD8FgIh6eVX8TuzwvKr2TGlbypZQ4iNk5w+hdOf0lga69EUYXMh0OPuExkBfdYAS
Psyzmwf+6fPyxPK73TgJHJm0pqBq/55ExXLPq6KbNA5wsr9cJc2N5cHA9EVJnFgT
3ybZ1T19z0hDV0Vh3qFTuQNYe9+2IMfMr/AmcLiz1cu1wQAmkUjPPCu+L7IE2B+a
e8fnBuvjK2/MXfNa1G6A89rXnHXh0bq4ZrVAwkEkqEZX2ltKvy/S03Nv5qxNQpFC
Ni7UtZkd8yv1sULZkFN6Gd/564QJOvzFJEGvpsFV4U65XDH5vHD8tAimFwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFONbZH//3xuRYTO652sv5wsesbbvMB8GA1UdIwQY
MBaAFCkQnaZi+dMC//LFxLSvuPlH/sHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzct
ZjRmYjVjODgwNTA5LzEvNDF0a2ZfX2ZHNUZoTTdybmF5X25DeDZ4dHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzctZjRmYjVjODgwNTA5
LzEvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBW8/mMBoE
AgACMBQDBwAqAgA4EREDCQAqAgA4zMwAADANBgkqhkiG9w0BAQsFAAOCAQEAlefK
zJSoRiwNJOa6JKZeGYqCX9L2ZsuE0hLVpNVO7RWTQ4y/xPdlM1gb8t4XZAe6kxYr
tcD5zeN4jki3Ta//SRAm44M02dQCHhbPMgLAA2nUxZhQloxD4xx0xvz+d4afcfIA
CDgxZlzqj9n3rUuNUX0vxq9lSmo+ds3XJShRixITchRXs17TcjojLjzGoxqFrgjY
97Gev8GhZFwlLyfcsXE+IFJsuETegswzfq/3EDcKNJkPsE63bVAvowu+iIhR+G2J
0uD7Ries8FHZaYkjjNHKtyndl7WJLy3xILmf5k8aOU5BmeiG5CR3ydQBAq0eyv+5
5x3o1gONDRGpVX5u+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:06 2024 by rpki-client on console-ams.rpki-client.org