Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8b9bd9-3f62-4e30-8085-1ec721fa2a30/1/Ydu2LYnYl1bMcgLrDUyINSVXD0k.roa
File: Ydu2LYnYl1bMcgLrDUyINSVXD0k.roa (raw, json)
Hash identifier: 4ChdbzIZH2ot1m5oll1mbyix4lwEmPs6ShVI5LuW938=
Subject key identifier: 61:DB:B6:2D:89:D8:97:56:CC:72:02:EB:0D:4C:88:35:25:57:0F:49
Certificate issuer: /CN=bc56db796def0dbdb4c78f2445abecc1570a6fd9
Certificate serial: 086617FC
Authority key identifier: BC:56:DB:79:6D:EF:0D:BD:B4:C7:8F:24:45:AB:EC:C1:57:0A:6F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFbbeW3vDb20x48kRavswVcKb9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/8b9bd9-3f62-4e30-8085-1ec721fa2a30/1/Ydu2LYnYl1bMcgLrDUyINSVXD0k.roa
Signing time: Sat 01 Jan 2022 15:06:51 +0000
ROA not before: Sat 01 Jan 2022 15:06:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2854
IP address blocks: 91.199.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140908540 (0x86617fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc56db796def0dbdb4c78f2445abecc1570a6fd9
Validity
Not Before: Jan 1 15:06:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61dbb62d89d89756cc7202eb0d4c883525570f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:74:dd:c1:ac:6a:b3:ab:af:c8:d4:50:83:
94:fa:f5:70:49:3e:d0:bb:a6:8a:25:57:2d:32:f2:
63:ac:af:f1:48:84:fb:4f:37:10:71:f7:ff:0a:b5:
c0:8a:46:0d:60:c4:8d:b1:b6:ad:24:36:e6:be:b6:
c5:c3:59:00:ac:13:2b:1b:c7:af:99:da:78:7b:c9:
4e:07:c6:73:86:ae:87:ee:8f:0c:4f:5c:10:35:63:
a8:28:f8:81:04:c0:1e:38:5c:17:ef:33:12:f4:a8:
50:dc:e8:ac:8b:83:a6:28:91:a2:2f:aa:f0:53:2f:
60:91:05:81:ae:84:3f:78:c1:bf:9f:a6:e6:d3:97:
7f:90:af:86:79:75:a3:76:aa:f8:c6:e7:29:15:49:
81:33:1c:7d:c0:91:f9:11:77:18:51:13:6a:59:bf:
b1:f3:6b:a8:58:fe:d1:58:14:a1:f5:6b:1a:e8:fe:
38:0d:bd:1d:57:d5:cf:e2:1e:0d:62:56:1c:28:be:
b7:e4:fe:fa:ac:d7:18:a5:1b:fc:79:4d:3d:1b:58:
97:85:23:31:70:81:85:b1:50:a0:65:79:eb:5a:47:
e3:3a:c2:fc:27:e9:1c:5a:67:48:f5:0e:57:ac:66:
40:1a:47:4a:ae:79:f4:f2:2d:da:39:5c:8a:d7:ff:
af:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DB:B6:2D:89:D8:97:56:CC:72:02:EB:0D:4C:88:35:25:57:0F:49
X509v3 Authority Key Identifier:
keyid:BC:56:DB:79:6D:EF:0D:BD:B4:C7:8F:24:45:AB:EC:C1:57:0A:6F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFbbeW3vDb20x48kRavswVcKb9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8b9bd9-3f62-4e30-8085-1ec721fa2a30/1/Ydu2LYnYl1bMcgLrDUyINSVXD0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8b9bd9-3f62-4e30-8085-1ec721fa2a30/1/vFbbeW3vDb20x48kRavswVcKb9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.16.0/24
Signature Algorithm: sha256WithRSAEncryption
90:df:2d:11:5a:74:e0:82:5b:2a:df:9d:35:1e:bc:cd:08:40:
f5:c6:6b:6b:20:3e:9e:c3:db:5b:65:a2:b3:91:38:5f:a2:39:
88:2f:65:ee:30:00:68:1a:05:bb:40:30:48:2f:02:a6:41:b7:
d1:89:c6:07:17:c2:0e:be:c6:88:5d:7b:d4:f2:ee:46:72:0b:
60:7e:d1:bb:fb:2f:10:0a:40:f5:9c:1f:aa:41:59:65:a5:37:
8c:ff:8a:f7:1e:dd:97:af:64:41:03:64:fb:6a:ae:3a:85:a9:
a2:e5:3e:f4:6b:74:16:dd:37:bd:dc:e4:bc:14:af:36:7b:65:
1f:57:b5:d3:ea:11:31:dd:bc:64:4a:a4:98:3c:aa:e4:5f:64:
6d:dc:61:ee:8c:03:e0:bd:84:20:14:2e:e1:ac:2c:c4:8b:57:
9c:8c:2b:bd:b5:24:20:f4:f7:1f:d9:89:e8:87:37:44:aa:0c:
0a:91:ef:17:e9:1f:fb:28:db:46:9b:36:7e:62:98:5b:ad:9f:
06:22:6d:a6:d5:66:3f:ea:d6:9d:9d:83:64:db:14:5f:50:9e:
05:3c:96:d7:6f:3d:30:e0:ec:34:9a:20:a3:86:d3:b8:44:73:
e4:bf:4d:48:00:da:b7:2f:b8:28:b1:8e:9b:a2:e0:08:ba:d5:
af:23:c0:10
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECGYX/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzU2ZGI3OTZkZWYwZGJkYjRjNzhmMjQ0NWFiZWNjMTU3MGE2ZmQ5MB4XDTIyMDEw
MTE1MDY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFkYmI2MmQ4OWQ4
OTc1NmNjNzIwMmViMGQ0Yzg4MzUyNTU3MGY0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+odN3BrGqzq6/I1FCDlPr1cEk+0LumiiVXLTLyY6yv8UiE
+083EHH3/wq1wIpGDWDEjbG2rSQ25r62xcNZAKwTKxvHr5naeHvJTgfGc4auh+6P
DE9cEDVjqCj4gQTAHjhcF+8zEvSoUNzorIuDpiiRoi+q8FMvYJEFga6EP3jBv5+m
5tOXf5Cvhnl1o3aq+MbnKRVJgTMcfcCR+RF3GFETalm/sfNrqFj+0VgUofVrGuj+
OA29HVfVz+IeDWJWHCi+t+T++qzXGKUb/HlNPRtYl4UjMXCBhbFQoGV561pH4zrC
/CfpHFpnSPUOV6xmQBpHSq559PIt2jlcitf/rw8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRh27YtidiXVsxyAusNTIg1JVcPSTAfBgNVHSMEGDAWgBS8Vtt5be8NvbTH
jyRFq+zBVwpv2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZGYmJlVzN2RGIyMHg0OGtSYXZzd1ZjS2I5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvOGI5YmQ5LTNmNjItNGUzMC04MDg1LTFlYzcyMWZhMmEzMC8x
L1lkdTJMWW5ZbDFiTWNnTHJEVXlJTlNWWEQway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
OGI5YmQ5LTNmNjItNGUzMC04MDg1LTFlYzcyMWZhMmEzMC8xL3ZGYmJlVzN2RGIy
MHg0OGtSYXZzd1ZjS2I5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvHEDANBgkqhkiG9w0BAQsFAAOC
AQEAkN8tEVp04IJbKt+dNR68zQhA9cZrayA+nsPbW2Wis5E4X6I5iC9l7jAAaBoF
u0AwSC8CpkG30YnGBxfCDr7GiF171PLuRnILYH7Ru/svEApA9ZwfqkFZZaU3jP+K
9x7dl69kQQNk+2quOoWpouU+9Gt0Ft03vdzkvBSvNntlH1e10+oRMd28ZEqkmDyq
5F9kbdxh7owD4L2EIBQu4awsxItXnIwrvbUkIPT3H9mJ6Ic3RKoMCpHvF+kf+yjb
Rps2fmKYW62fBiJtptVmP+rWnZ2DZNsUX1CeBTyW1289MODsNJogo4bTuERz5L9N
SADaty+4KLGOm6LgCLrVryPAEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:54 2024 by rpki-client on console-fra.rpki-client.org