Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/lU_GcHzPOBIOP3e01Z8hizg2pHw.roa
File: lU_GcHzPOBIOP3e01Z8hizg2pHw.roa (raw, json)
Hash identifier: JijGnb8eYULwCsj1xawdHosOe6VdABeuremBZOhumVM=
Subject key identifier: 95:4F:C6:70:7C:CF:38:12:0E:3F:77:B4:D5:9F:21:8B:38:36:A4:7C
Certificate issuer: /CN=380ef7ff5b54f53fcf2312abe2ec3f5958ba1425
Certificate serial: 085A8A0A
Authority key identifier: 38:0E:F7:FF:5B:54:F5:3F:CF:23:12:AB:E2:EC:3F:59:58:BA:14:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OA73_1tU9T_PIxKr4uw_WVi6FCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/lU_GcHzPOBIOP3e01Z8hizg2pHw.roa
Signing time: Sat 01 Jan 2022 12:06:57 +0000
ROA not before: Sat 01 Jan 2022 12:06:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198090
IP address blocks: 91.231.165.0/24 maxlen: 24
91.231.166.0/24 maxlen: 24
91.231.164.0/24 maxlen: 24
91.231.164.0/22 maxlen: 22
91.231.167.0/24 maxlen: 24
91.199.170.0/24 maxlen: 24
185.114.82.0/24 maxlen: 24
185.114.83.0/24 maxlen: 24
185.114.80.0/24 maxlen: 24
185.114.81.0/24 maxlen: 24
185.114.80.0/22 maxlen: 22
185.30.70.0/24 maxlen: 24
185.30.71.0/24 maxlen: 24
185.30.68.0/24 maxlen: 24
185.30.69.0/24 maxlen: 24
185.30.68.0/22 maxlen: 22
91.237.16.0/23 maxlen: 23
91.237.17.0/24 maxlen: 24
91.237.16.0/24 maxlen: 24
185.246.36.0/22 maxlen: 22
185.246.37.0/24 maxlen: 24
185.246.38.0/24 maxlen: 24
185.246.36.0/24 maxlen: 24
185.246.39.0/24 maxlen: 24
2a06:6d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140151306 (0x85a8a0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380ef7ff5b54f53fcf2312abe2ec3f5958ba1425
Validity
Not Before: Jan 1 12:06:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=954fc6707ccf38120e3f77b4d59f218b3836a47c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:89:63:3c:b3:26:0e:93:61:ba:f2:0d:07:f3:
70:c7:78:5f:21:77:75:a4:7a:77:85:a8:6f:c3:b3:
ba:2e:77:01:15:1b:e2:18:d0:cf:1d:f3:94:b2:19:
8c:d0:78:34:ef:96:3a:5d:1a:76:89:7f:8c:4c:d8:
12:50:ac:2f:77:7a:b0:46:8a:d9:cd:63:56:66:90:
38:9f:83:28:38:7e:e0:e4:59:ae:ab:61:c1:86:cb:
ab:eb:9f:c9:ca:51:3b:26:54:9a:bd:77:3e:dc:0a:
ed:24:75:b2:1b:0a:92:f4:e2:d1:e8:76:e2:7d:6c:
23:de:ca:9f:a0:89:6b:ef:c2:49:a8:32:d9:aa:c9:
80:03:8e:fc:f2:8b:75:72:db:a1:87:73:53:c2:14:
03:a9:23:92:8b:c0:c9:19:39:5e:e8:c4:28:21:8d:
b4:9b:e5:4c:ac:26:8a:cb:1d:bc:99:fa:a9:74:86:
b0:2e:00:f1:f0:63:6a:f3:83:8b:1d:f6:03:d7:bb:
22:a8:88:d8:3c:bf:54:f5:19:47:ac:c8:81:06:48:
e2:a1:7e:95:0e:af:c1:fc:46:6c:86:da:4c:c9:ad:
24:f2:d3:e3:1a:b4:8b:1d:29:e1:f8:bb:53:43:92:
28:aa:e5:59:46:bf:f4:0c:28:2b:40:64:99:d8:44:
a8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4F:C6:70:7C:CF:38:12:0E:3F:77:B4:D5:9F:21:8B:38:36:A4:7C
X509v3 Authority Key Identifier:
keyid:38:0E:F7:FF:5B:54:F5:3F:CF:23:12:AB:E2:EC:3F:59:58:BA:14:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OA73_1tU9T_PIxKr4uw_WVi6FCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/lU_GcHzPOBIOP3e01Z8hizg2pHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/OA73_1tU9T_PIxKr4uw_WVi6FCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.170.0/24
91.231.164.0/22
91.237.16.0/23
185.30.68.0/22
185.114.80.0/22
185.246.36.0/22
IPv6:
2a06:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
9c:0b:ff:1c:a7:72:5d:5c:cb:c7:44:24:ce:b9:72:21:76:14:
05:ac:e8:60:89:92:36:0c:0d:e4:5e:82:a3:63:0c:9d:90:e5:
b8:dd:4b:04:f0:38:f0:8a:a4:75:03:03:f1:62:2b:57:eb:3d:
6d:9e:30:25:28:c9:64:85:48:bb:bd:bb:22:26:ed:0d:ab:97:
df:e7:73:c3:1d:fe:f7:93:3d:26:a5:36:d0:bc:9c:31:ff:c8:
3b:fe:d6:a1:d1:61:65:bc:98:34:cf:b8:74:24:0f:f3:a0:a0:
3d:f3:ae:62:5a:5d:84:8d:99:17:90:52:22:4d:90:80:09:91:
e1:bd:3b:8e:ce:fe:74:50:91:18:25:27:ef:32:7d:82:4c:5f:
ea:b4:81:4b:34:57:2c:64:7b:ce:09:e2:dc:86:8a:5e:c9:68:
1d:85:db:72:17:b1:40:6a:14:b4:12:e9:f8:76:d4:6f:f8:30:
60:58:0a:3d:3a:8c:bc:1a:1e:61:b0:25:3f:3b:aa:6d:23:55:
16:6d:c6:e0:cf:23:70:5a:e9:b1:d9:93:27:42:57:b8:e5:6d:
bb:69:b7:30:35:4f:b2:80:cc:48:86:94:70:3f:b5:55:fd:ad:
8c:70:6e:0b:a9:19:ed:39:ec:61:33:7e:55:72:28:06:3f:d4:
7a:ea:e1:2f
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECFqKCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODBlZjdmZjViNTRmNTNmY2YyMzEyYWJlMmVjM2Y1OTU4YmExNDI1MB4XDTIyMDEw
MTEyMDY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU0ZmM2NzA3Y2Nm
MzgxMjBlM2Y3N2I0ZDU5ZjIxOGIzODM2YTQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWJYzyzJg6TYbryDQfzcMd4XyF3daR6d4Wob8Ozui53ARUb
4hjQzx3zlLIZjNB4NO+WOl0adol/jEzYElCsL3d6sEaK2c1jVmaQOJ+DKDh+4ORZ
rqthwYbLq+ufycpROyZUmr13PtwK7SR1shsKkvTi0eh24n1sI97Kn6CJa+/CSagy
2arJgAOO/PKLdXLboYdzU8IUA6kjkovAyRk5XujEKCGNtJvlTKwmissdvJn6qXSG
sC4A8fBjavODix32A9e7IqiI2Dy/VPUZR6zIgQZI4qF+lQ6vwfxGbIbaTMmtJPLT
4xq0ix0p4fi7U0OSKKrlWUa/9AwoK0BkmdhEqE0CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSVT8ZwfM84Eg4/d7TVnyGLODakfDAfBgNVHSMEGDAWgBQ4Dvf/W1T1P88j
Eqvi7D9ZWLoUJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09BNzNfMXRVOVRfUEl4S3I0dXdfV1ZpNkZDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvZDkxMjU1LTMyNDMtNGE0Ny05NDZhLWYwNGNjMWMyMzBjZi8x
L2xVX0djSHpQT0JJT1AzZTAxWjhoaXpnMnBIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
ZDkxMjU1LTMyNDMtNGE0Ny05NDZhLWYwNGNjMWMyMzBjZi8xL09BNzNfMXRVOVRf
UEl4S3I0dXdfV1ZpNkZDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAFvHqgMEAlvnpAMEAVvtEAMEArke
RAMEArlyUAMEArn2JDANBAIAAjAHAwUDKgZtQDANBgkqhkiG9w0BAQsFAAOCAQEA
nAv/HKdyXVzLx0QkzrlyIXYUBazoYImSNgwN5F6Co2MMnZDluN1LBPA48IqkdQMD
8WIrV+s9bZ4wJSjJZIVIu727IibtDauX3+dzwx3+95M9JqU20LycMf/IO/7WodFh
ZbyYNM+4dCQP86CgPfOuYlpdhI2ZF5BSIk2QgAmR4b07js7+dFCRGCUn7zJ9gkxf
6rSBSzRXLGR7zgni3IaKXsloHYXbchexQGoUtBLp+HbUb/gwYFgKPTqMvBoeYbAl
PzuqbSNVFm3G4M8jcFrpsdmTJ0JXuOVtu2m3MDVPsoDMSIaUcD+1Vf2tjHBuC6kZ
7TnsYTN+VXIoBj/UeurhLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:30 2024 by rpki-client on console-ams.rpki-client.org