Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/lMDnNEDYaYf1PQBhiJiH2GeggTc.roa
File: lMDnNEDYaYf1PQBhiJiH2GeggTc.roa (raw, json)
Hash identifier: aDhsF1D4soKiE9v6mbGGWmAqML4m311tfDvx9Txamro=
Subject key identifier: 94:C0:E7:34:40:D8:69:87:F5:3D:00:61:88:98:87:D8:67:A0:81:37
Certificate issuer: /CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3
Certificate serial: 023C63
Authority key identifier: BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/lMDnNEDYaYf1PQBhiJiH2GeggTc.roa
Signing time: Fri 18 Mar 2022 15:40:10 +0000
ROA not before: Fri 18 Mar 2022 15:40:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8758
IP address blocks: 91.199.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146531 (0x23c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3
Validity
Not Before: Mar 18 15:40:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94c0e73440d86987f53d0061889887d867a08137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:01:41:aa:63:35:3e:fd:da:7f:ff:ff:21:e0:
10:3e:4d:0f:28:fa:cb:11:d1:0b:25:38:08:58:7a:
a5:38:e6:f2:28:1f:c6:ab:83:3e:87:d6:ba:64:89:
4b:95:e6:15:06:a4:86:bf:52:bb:3f:ca:9a:d9:ae:
ed:38:fa:dc:05:88:4b:27:81:5b:6f:ef:e6:3e:b2:
db:ad:60:af:04:4c:b8:13:ea:d5:1a:20:42:c5:35:
73:bf:aa:89:80:46:c7:d7:1f:bc:c3:03:6b:10:86:
e5:5d:be:d2:29:58:b3:d0:52:62:b3:c2:4d:b6:bb:
ad:e7:72:f7:04:ba:c1:a6:4f:cf:bc:c0:28:3c:6b:
15:f8:52:46:69:4e:86:8c:c9:bc:cf:ed:bd:15:1a:
fa:2a:34:4a:1a:24:f9:bd:6b:38:10:9d:8c:ae:06:
83:50:fb:4f:ab:ca:cc:0c:86:aa:71:9a:29:bd:75:
26:ee:04:ed:de:af:3a:af:43:49:8f:60:32:f9:0b:
32:a1:f8:93:80:8d:83:e7:f8:c7:db:6a:ae:89:70:
4e:44:c4:d7:2e:82:db:9a:07:67:6a:04:f1:a5:09:
cc:2d:4a:c3:6e:e8:ca:04:41:e6:28:59:8f:0a:02:
34:cf:70:1f:ab:f3:fb:5b:e8:9b:21:df:40:cb:1d:
9a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C0:E7:34:40:D8:69:87:F5:3D:00:61:88:98:87:D8:67:A0:81:37
X509v3 Authority Key Identifier:
keyid:BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/lMDnNEDYaYf1PQBhiJiH2GeggTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/v1WZwmdV9KTU9UDi_9e3SjkFPaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.76.0/24
Signature Algorithm: sha256WithRSAEncryption
60:96:67:9e:24:05:14:49:fd:c3:9a:e7:4a:d1:ba:c2:93:da:
9a:9a:66:8d:92:da:66:54:db:6f:e4:b7:6c:88:77:76:b3:64:
74:b0:88:b3:df:18:34:6f:05:78:72:9f:56:57:25:dc:bf:f0:
43:c5:3b:66:3d:02:df:98:eb:a5:77:55:0d:ed:15:cd:fd:f6:
f8:d9:c8:7b:4e:e8:bc:b0:d8:6d:c0:8a:4c:7d:a8:e9:93:89:
18:60:a4:04:e3:54:b3:68:06:b8:f1:81:7a:46:07:6d:23:33:
1f:43:5a:b9:9a:29:c8:33:d6:88:4f:e6:20:7d:63:7f:f6:7b:
16:a0:da:c2:cb:66:27:fa:9c:73:1f:5f:51:2f:a1:56:a8:92:
22:0a:7a:3d:f9:83:a6:bb:4b:72:42:f3:f5:03:83:e9:6e:0e:
57:e6:bb:30:ad:28:72:14:fe:8e:e0:2e:c0:1c:61:30:dc:ae:
f9:7c:01:31:26:4d:92:ee:65:ce:20:ff:2e:6c:ee:5c:c9:a6:
ce:19:bf:30:db:f9:62:f1:46:b5:80:04:ef:ba:d1:2b:ea:98:
8c:91:dc:34:c9:91:cd:6c:48:e5:62:20:e7:d0:06:4c:59:84:
aa:e0:91:e8:cc:25:e3:6c:08:0e:36:0b:97:b7:9c:bd:98:df:
b1:ac:23:91
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAjxjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
NTU5OWMyNjc1NWY0YTRkNGY1NDBlMmZmZDdiNzRhMzkwNTNkYTMwHhcNMjIwMzE4
MTU0MDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NGMwZTczNDQwZDg2
OTg3ZjUzZDAwNjE4ODk4ODdkODY3YTA4MTM3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmAFBqmM1Pv3af///IeAQPk0PKPrLEdELJTgIWHqlOObyKB/G
q4M+h9a6ZIlLleYVBqSGv1K7P8qa2a7tOPrcBYhLJ4Fbb+/mPrLbrWCvBEy4E+rV
GiBCxTVzv6qJgEbH1x+8wwNrEIblXb7SKViz0FJis8JNtrut53L3BLrBpk/PvMAo
PGsV+FJGaU6GjMm8z+29FRr6KjRKGiT5vWs4EJ2MrgaDUPtPq8rMDIaqcZopvXUm
7gTt3q86r0NJj2Ay+QsyofiTgI2D5/jH22quiXBORMTXLoLbmgdnagTxpQnMLUrD
bujKBEHmKFmPCgI0z3Afq/P7W+ibId9Ayx2aDwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJTA5zRA2GmH9T0AYYiYh9hnoIE3MB8GA1UdIwQYMBaAFL9VmcJnVfSk1PVA
4v/Xt0o5BT2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
djFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2MtM2UxYjg0MzJmYzcwLzEv
bE1Ebk5FRFlhWWYxUFFCaGlKaUgyR2VnZ1RjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8x
MDE2OTYtODNkZC00MzZmLWI0N2MtM2UxYjg0MzJmYzcwLzEvdjFXWndtZFY5S1RV
OVVEaV85ZTNTamtGUGFNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dMMA0GCSqGSIb3DQEBCwUAA4IB
AQBglmeeJAUUSf3DmudK0brCk9qammaNktpmVNtv5LdsiHd2s2R0sIiz3xg0bwV4
cp9WVyXcv/BDxTtmPQLfmOuld1UN7RXN/fb42ch7Tui8sNhtwIpMfajpk4kYYKQE
41SzaAa48YF6RgdtIzMfQ1q5minIM9aIT+YgfWN/9nsWoNrCy2Yn+pxzH19RL6FW
qJIiCno9+YOmu0tyQvP1A4Ppbg5X5rswrShyFP6O4C7AHGEw3K75fAExJk2S7mXO
IP8ubO5cyabOGb8w2/li8Ua1gATvutEr6piMkdw0yZHNbEjlYiDn0AZMWYSq4JHo
zCXjbAgONguXt5y9mN+xrCOR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:33 2024 by rpki-client on console-fra.rpki-client.org