Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/4c7379-3649-41de-89f7-d56374e1157a/1/hkXwovfi-kqMbz9V7s8PuKgHy9Q.roa
File: hkXwovfi-kqMbz9V7s8PuKgHy9Q.roa (raw, json)
Hash identifier: +ae23y54CnMB71e6Rl3vIK7pNnYXJOlYiTh1k9d740Q=
Subject key identifier: 86:45:F0:A2:F7:E2:FA:4A:8C:6F:3F:55:EE:CF:0F:B8:A8:07:CB:D4
Certificate issuer: /CN=9c0a8c177911f64c30557368815b9e67d8fc3c0f
Certificate serial: 01820358D66B497C53914B6E8191C96965EE
Authority key identifier: 9C:0A:8C:17:79:11:F6:4C:30:55:73:68:81:5B:9E:67:D8:FC:3C:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nAqMF3kR9kwwVXNogVueZ9j8PA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/4c7379-3649-41de-89f7-d56374e1157a/1/hkXwovfi-kqMbz9V7s8PuKgHy9Q.roa
Signing time: Fri 15 Jul 2022 19:32:09 +0000
ROA not before: Fri 15 Jul 2022 19:32:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48332
IP address blocks: 91.209.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:03:58:d6:6b:49:7c:53:91:4b:6e:81:91:c9:69:65:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c0a8c177911f64c30557368815b9e67d8fc3c0f
Validity
Not Before: Jul 15 19:32:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8645f0a2f7e2fa4a8c6f3f55eecf0fb8a807cbd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9f:11:d1:7a:96:e3:69:b6:c2:44:12:40:99:
5d:30:3b:aa:d1:fa:d4:5e:52:fa:91:5d:6b:04:3a:
9d:c8:d5:eb:ce:ad:f4:9f:03:37:4b:3e:0d:cd:22:
27:48:58:fc:cb:47:43:58:51:09:ec:ca:34:33:17:
8c:9f:a5:80:a1:0e:6c:89:0d:f8:5a:e4:21:a8:ef:
af:92:30:f2:75:1e:29:a6:b7:17:52:19:70:58:4c:
ac:19:5f:1c:8a:27:2c:27:68:35:50:e4:6f:0c:46:
27:e3:76:bd:dc:33:96:df:ee:a9:b8:0f:de:28:dd:
2a:a0:e4:4f:fa:8b:95:f0:ff:e7:00:9e:67:cc:a1:
15:55:97:11:22:77:7d:ef:e8:c0:a0:b3:26:34:00:
07:ee:d6:c6:f6:f0:f3:be:ea:13:82:61:02:0b:18:
82:b1:e0:7e:63:73:94:fc:60:2a:73:20:0f:4b:2c:
c5:99:e1:d8:10:fc:48:2e:43:e9:f0:e7:9e:0a:48:
87:c1:76:3a:05:2e:72:41:a6:9a:09:38:ec:f5:31:
5d:6c:9b:bd:0b:cf:ac:ab:cb:da:4e:a2:ff:9f:07:
18:a7:c6:2b:39:3e:a6:b9:70:80:18:4b:c2:bc:3d:
6f:95:8b:ba:ef:43:e6:16:6c:40:16:18:6e:09:8b:
9e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:45:F0:A2:F7:E2:FA:4A:8C:6F:3F:55:EE:CF:0F:B8:A8:07:CB:D4
X509v3 Authority Key Identifier:
keyid:9C:0A:8C:17:79:11:F6:4C:30:55:73:68:81:5B:9E:67:D8:FC:3C:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nAqMF3kR9kwwVXNogVueZ9j8PA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/4c7379-3649-41de-89f7-d56374e1157a/1/hkXwovfi-kqMbz9V7s8PuKgHy9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/4c7379-3649-41de-89f7-d56374e1157a/1/nAqMF3kR9kwwVXNogVueZ9j8PA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.109.0/24
Signature Algorithm: sha256WithRSAEncryption
54:74:8e:a6:fe:31:4f:58:30:ea:37:12:01:43:b1:5c:d9:aa:
50:20:f2:ae:d6:7c:e0:f7:20:05:c5:e1:3a:be:65:b3:04:a7:
ac:b6:53:ec:7b:dd:25:23:96:7f:cc:4e:40:18:21:23:7a:d6:
b0:4e:a5:b2:5f:5c:8b:e1:3d:64:56:c6:8e:f5:1b:bb:2b:50:
ea:7b:5f:92:78:1e:52:b2:c4:3e:73:0c:20:c2:8e:b7:a3:a3:
1e:ec:8c:fa:99:ac:d5:b2:b2:74:88:b1:08:52:8d:1d:dc:c5:
8b:b0:39:93:bc:b2:13:26:90:dc:46:65:e7:ba:3b:90:0c:46:
cf:a2:83:c1:67:16:09:87:94:23:ae:83:96:58:c2:e1:d7:e6:
cf:1d:18:f3:7f:a3:b5:db:03:d3:e2:45:b7:64:41:af:cb:f7:
86:a3:af:5c:fb:40:80:2f:d7:09:cd:f4:27:4d:69:a1:66:fb:
f2:7a:3d:16:2f:79:d9:c2:ac:c1:31:55:39:79:ae:1e:4b:5d:
c8:e1:cc:70:7e:b8:e9:4b:c1:00:d5:2d:f9:64:d8:42:63:cd:
dc:ee:d1:c5:63:11:85:cf:ad:85:8c:48:fa:2a:dc:a6:78:20:
e5:89:cd:eb:8a:7c:09:1c:0f:4e:06:36:d9:59:a1:0d:18:af:
22:6a:57:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIDWNZrSXxTkUtugZHJaWXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMGE4YzE3NzkxMWY2NGMzMDU1NzM2ODgxNWI5ZTY3ZDhm
YzNjMGYwHhcNMjIwNzE1MTkzMjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ1ZjBhMmY3ZTJmYTRhOGM2ZjNmNTVlZWNmMGZiOGE4MDdjYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5p8R0XqW42m2wkQSQJldMDuq0frU
XlL6kV1rBDqdyNXrzq30nwM3Sz4NzSInSFj8y0dDWFEJ7Mo0MxeMn6WAoQ5siQ34
WuQhqO+vkjDydR4pprcXUhlwWEysGV8ciicsJ2g1UORvDEYn43a93DOW3+6puA/e
KN0qoORP+ouV8P/nAJ5nzKEVVZcRInd97+jAoLMmNAAH7tbG9vDzvuoTgmECCxiC
seB+Y3OU/GAqcyAPSyzFmeHYEPxILkPp8OeeCkiHwXY6BS5yQaaaCTjs9TFdbJu9
C8+sq8vaTqL/nwcYp8YrOT6muXCAGEvCvD1vlYu670PmFmxAFhhuCYuemQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZF8KL34vpKjG8/Ve7PD7ioB8vUMB8GA1UdIwQY
MBaAFJwKjBd5EfZMMFVzaIFbnmfY/DwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkFxTUYza1I5a3d3VlhOb2dWdWVaOWo4UEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy80YzczNzktMzY0OS00MWRlLTg5Zjct
ZDU2Mzc0ZTExNTdhLzEvaGtYd292Zmkta3FNYno5VjdzOFB1S2dIeTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy80YzczNzktMzY0OS00MWRlLTg5ZjctZDU2Mzc0ZTExNTdh
LzEvbkFxTUYza1I5a3d3VlhOb2dWdWVaOWo4UEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FtMA0G
CSqGSIb3DQEBCwUAA4IBAQBUdI6m/jFPWDDqNxIBQ7Fc2apQIPKu1nzg9yAFxeE6
vmWzBKestlPse90lI5Z/zE5AGCEjetawTqWyX1yL4T1kVsaO9Ru7K1Dqe1+SeB5S
ssQ+cwwgwo63o6Me7Iz6mazVsrJ0iLEIUo0d3MWLsDmTvLITJpDcRmXnujuQDEbP
ooPBZxYJh5QjroOWWMLh1+bPHRjzf6O12wPT4kW3ZEGvy/eGo69c+0CAL9cJzfQn
TWmhZvvyej0WL3nZwqzBMVU5ea4eS13I4cxwfrjpS8EA1S35ZNhCY83c7tHFYxGF
z62FjEj6KtymeCDlic3rinwJHA9OBjbZWaENGK8ialcV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:29 2024 by rpki-client on console-fra.rpki-client.org