Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/BT9zJ9P_opogMQeF0jqLdCVco5U.roa
File: BT9zJ9P_opogMQeF0jqLdCVco5U.roa (raw, json)
Hash identifier: 0k9DC+DO5B7mZSYO0L/ATakhhjvN/FXtXBFzmuDS0zE=
Subject key identifier: 05:3F:73:27:D3:FF:A2:9A:20:31:07:85:D2:3A:8B:74:25:5C:A3:95
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 0183D02172B0DD8DEEF332BAA2FB0954B9ED
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/BT9zJ9P_opogMQeF0jqLdCVco5U.roa
Signing time: Thu 13 Oct 2022 06:56:36 +0000
ROA not before: Thu 13 Oct 2022 06:56:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51733
IP address blocks: 91.209.254.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
185.156.84.0/24 maxlen: 24
185.156.84.0/23 maxlen: 23
185.156.84.0/22 maxlen: 22
91.221.58.0/24 maxlen: 24
91.221.58.0/23 maxlen: 23
91.221.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:21:72:b0:dd:8d:ee:f3:32:ba:a2:fb:09:54:b9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: Oct 13 06:56:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=053f7327d3ffa29a20310785d23a8b74255ca395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6a:8d:13:28:56:9f:21:d4:a2:96:d4:61:fa:
fb:4b:62:e6:a7:c0:f4:87:33:08:43:49:65:d2:38:
88:0b:6f:55:99:db:e5:21:ed:ca:22:aa:08:8d:7c:
b9:e4:e1:c7:f0:94:c6:ed:91:d9:90:41:9c:8c:ec:
4e:8f:f2:cd:6b:85:7b:bb:b2:f9:16:3e:37:f9:61:
34:8e:b1:13:d4:64:ad:91:46:f1:73:db:a1:5c:03:
ad:38:73:99:fd:2e:83:01:18:36:d8:8e:ba:42:e9:
90:a3:e8:bc:bb:6f:f4:b6:49:66:fc:02:23:96:5c:
73:df:60:46:df:91:58:3b:f5:75:8e:3f:54:6b:db:
82:b3:8d:59:85:4d:74:9f:ee:f7:fc:a7:37:f6:b4:
b2:f7:a5:30:f6:a4:09:66:bf:68:68:41:1c:d8:58:
5e:72:e7:df:7c:b8:58:cc:11:e1:dd:5a:a6:c1:8e:
38:3e:7d:ed:d6:34:f4:d3:8b:b6:19:43:0f:74:1a:
c8:41:c7:ed:45:d1:f3:d1:7b:17:2b:50:cd:41:13:
96:eb:45:35:46:db:37:5f:11:88:10:b0:38:80:67:
15:64:c2:1c:19:c6:6a:1a:17:ec:fb:18:7b:f4:f6:
40:83:a2:d6:85:1f:6a:f6:81:05:8b:6e:21:c1:74:
c5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:3F:73:27:D3:FF:A2:9A:20:31:07:85:D2:3A:8B:74:25:5C:A3:95
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/BT9zJ9P_opogMQeF0jqLdCVco5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0/22
Signature Algorithm: sha256WithRSAEncryption
05:aa:c7:bc:d4:5e:14:f7:72:7b:88:b6:c7:7e:43:02:d9:db:
ff:46:1f:79:87:1a:f8:15:d5:81:95:80:58:72:38:18:6d:e5:
fe:a4:8e:6c:73:fd:9b:5e:60:22:2c:bf:76:8d:74:dc:78:88:
d1:74:1f:b6:fc:13:30:08:b6:14:e2:77:f8:00:13:3e:1e:e1:
6c:f4:c2:37:73:79:47:ba:21:95:08:9a:bb:92:b4:6f:49:07:
26:20:ad:4d:c2:39:2a:4d:09:fc:ef:c7:13:3c:9b:63:60:1f:
12:b4:89:5d:cb:65:fc:d1:de:7f:f0:d6:90:8b:08:98:37:13:
77:02:77:e5:4c:3d:22:dd:b4:72:02:17:78:0d:1f:30:5a:93:
04:bb:41:09:39:f5:51:43:46:43:9f:b6:a1:2a:4a:84:24:5f:
84:03:e7:bb:ff:5a:65:fa:79:88:ed:eb:82:c2:bc:44:a0:99:
93:24:3c:ff:19:62:a9:d5:a7:8a:ef:71:6a:22:ed:d2:70:67:
e9:c9:74:6c:de:34:5e:bc:21:1d:2b:66:13:39:ee:1d:cd:ee:
58:fb:3d:7c:75:49:c3:56:17:46:de:a7:4c:fe:77:9f:53:ef:
a8:26:6e:8d:40:ba:df:54:76:21:b3:a0:55:dd:32:09:09:ff:
93:42:fb:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPQIXKw3Y3u8zK6ovsJVLntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjIxMDEzMDY1NjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTNmNzMyN2QzZmZhMjlhMjAzMTA3ODVkMjNhOGI3NDI1NWNhMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2qNEyhWnyHUopbUYfr7S2Lmp8D0
hzMIQ0ll0jiIC29VmdvlIe3KIqoIjXy55OHH8JTG7ZHZkEGcjOxOj/LNa4V7u7L5
Fj43+WE0jrET1GStkUbxc9uhXAOtOHOZ/S6DARg22I66QumQo+i8u2/0tklm/AIj
llxz32BG35FYO/V1jj9Ua9uCs41ZhU10n+73/Kc39rSy96Uw9qQJZr9oaEEc2Fhe
cufffLhYzBHh3VqmwY44Pn3t1jT004u2GUMPdBrIQcftRdHz0XsXK1DNQROW60U1
Rts3XxGIELA4gGcVZMIcGcZqGhfs+xh79PZAg6LWhR9q9oEFi24hwXTFRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAU/cyfT/6KaIDEHhdI6i3QlXKOVMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvQlQ5eko5UF9vcG9nTVFlRjBqcUxkQ1ZjbzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9H+AwQB
W906AwQCuZxUMA0GCSqGSIb3DQEBCwUAA4IBAQAFqse81F4U93J7iLbHfkMC2dv/
Rh95hxr4FdWBlYBYcjgYbeX+pI5sc/2bXmAiLL92jXTceIjRdB+2/BMwCLYU4nf4
ABM+HuFs9MI3c3lHuiGVCJq7krRvSQcmIK1NwjkqTQn878cTPJtjYB8StIldy2X8
0d5/8NaQiwiYNxN3AnflTD0i3bRyAhd4DR8wWpMEu0EJOfVRQ0ZDn7ahKkqEJF+E
A+e7/1pl+nmI7euCwrxEoJmTJDz/GWKp1aeK73FqIu3ScGfpyXRs3jRevCEdK2YT
Oe4dze5Y+z18dUnDVhdG3qdM/nefU++oJm6NQLrfVHYhs6BV3TIJCf+TQvtp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:56 2024 by rpki-client on console-ams.rpki-client.org