Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rbKjti8bdnWU-Fo_YPNfRAuus0c.roa
File: rbKjti8bdnWU-Fo_YPNfRAuus0c.roa (raw, json)
Hash identifier: afkLUhT9DTw27gSADOGvJVUeTF1dRWzK3LXxd/cvq2Q=
Subject key identifier: AD:B2:A3:B6:2F:1B:76:75:94:F8:5A:3F:60:F3:5F:44:0B:AE:B3:47
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1C67EA21
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rbKjti8bdnWU-Fo_YPNfRAuus0c.roa
Signing time: Sat 01 Jan 2022 01:02:32 +0000
ROA not before: Sat 01 Jan 2022 01:02:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44017
IP address blocks: 91.92.233.0/24 maxlen: 24
91.92.234.0/24 maxlen: 24
91.92.235.0/24 maxlen: 24
87.120.91.0/24 maxlen: 24
94.156.147.0/24 maxlen: 24
94.156.146.0/24 maxlen: 24
2a00:1728:1c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 476572193 (0x1c67ea21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 01:02:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adb2a3b62f1b767594f85a3f60f35f440baeb347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:87:f6:0a:90:de:b2:b5:e0:3f:12:22:b9:4d:
d0:ea:31:70:c1:0b:42:97:c3:28:05:14:d8:3d:41:
e1:34:3e:b4:7d:32:f4:7c:ef:71:48:30:06:8c:d8:
3b:91:1f:14:13:61:b8:d5:d2:a5:e3:4a:86:db:b9:
df:80:8e:46:a1:f7:63:ed:eb:cc:76:a9:82:3f:04:
5c:ac:72:1b:9a:93:4c:81:07:ed:65:cd:cd:7f:8d:
1e:36:1c:21:d4:8d:2f:61:7f:67:a9:e8:b2:b4:a3:
3c:78:59:c8:55:05:c4:94:2a:1a:2f:da:bf:8a:b6:
d8:7e:dc:53:a4:3c:eb:fe:22:4e:c9:10:fe:7b:a0:
35:d2:db:8a:ff:66:e9:ed:ae:fc:7c:f2:db:ae:a4:
df:22:9b:e8:12:16:64:78:83:05:f4:f4:6f:3d:cf:
e8:26:e2:f1:a7:a6:da:c4:46:0e:22:9c:57:74:1b:
60:03:0a:75:15:45:da:1d:a1:32:c2:9f:2f:9f:27:
fc:32:1c:af:83:86:ca:12:d3:b3:13:d0:60:98:43:
74:29:f1:76:b4:35:e2:f2:d2:77:6d:c8:93:40:dd:
2e:05:e7:d7:be:44:06:2c:01:db:92:b2:5c:00:f0:
c4:36:e8:57:07:3c:9f:53:78:9c:74:c2:32:d1:88:
b3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B2:A3:B6:2F:1B:76:75:94:F8:5A:3F:60:F3:5F:44:0B:AE:B3:47
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rbKjti8bdnWU-Fo_YPNfRAuus0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.91.0/24
91.92.233.0-91.92.235.255
94.156.146.0/23
IPv6:
2a00:1728:1c::/48
Signature Algorithm: sha256WithRSAEncryption
0f:f5:c1:7d:9a:60:5a:5a:b2:ca:8a:ca:57:9e:8f:95:1e:af:
55:c3:32:a0:b1:24:6a:cd:34:e9:8b:61:d5:bc:b5:b2:b5:f3:
05:d4:46:a6:61:76:f6:50:ee:70:9d:0d:42:01:ac:42:3e:c6:
a7:49:88:c6:22:59:c6:71:b7:9c:5d:11:80:1c:2c:f5:ba:d4:
71:9e:e2:f6:63:95:08:04:53:82:e9:94:74:c9:74:77:3f:f2:
7f:dc:92:0c:1d:e7:32:4d:c2:ad:8e:65:ea:0a:b6:9e:22:6c:
fb:2d:f2:70:df:3e:6a:e0:93:a4:56:59:59:fc:57:75:07:15:
e3:45:e5:e3:fc:5b:25:57:5a:36:d8:50:1a:00:bd:3b:5b:d5:
ed:ba:65:77:14:8a:50:85:fd:9f:e1:63:1a:d1:ba:14:aa:3d:
9e:fa:35:f8:18:e1:ef:48:c2:21:38:3e:6c:bb:48:fd:49:e9:
b3:f7:f1:f5:90:50:e1:a3:f0:b7:50:1a:5f:4b:b0:79:91:dc:
79:d0:48:e5:6d:7b:c7:f4:76:2d:0d:ce:7a:ac:13:be:5a:f4:
50:02:b5:35:f5:4d:cc:af:1d:ef:d5:b5:b1:ec:81:be:de:a5:
00:ed:61:e8:9a:6a:e1:16:2b:1a:c0:ae:44:d7:66:83:ae:34:
a9:ec:7d:37
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEHGfqITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRiMmEzYjYyZjFi
NzY3NTk0Zjg1YTNmNjBmMzVmNDQwYmFlYjM0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaH9gqQ3rK14D8SIrlN0OoxcMELQpfDKAUU2D1B4TQ+tH0y
9HzvcUgwBozYO5EfFBNhuNXSpeNKhtu534CORqH3Y+3rzHapgj8EXKxyG5qTTIEH
7WXNzX+NHjYcIdSNL2F/Z6nosrSjPHhZyFUFxJQqGi/av4q22H7cU6Q86/4iTskQ
/nugNdLbiv9m6e2u/Hzy266k3yKb6BIWZHiDBfT0bz3P6Cbi8aem2sRGDiKcV3Qb
YAMKdRVF2h2hMsKfL58n/DIcr4OGyhLTsxPQYJhDdCnxdrQ14vLSd23Ik0DdLgXn
175EBiwB25KyXADwxDboVwc8n1N4nHTCMtGIs+sCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBStsqO2Lxt2dZT4Wj9g819EC66zRzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L3JiS2p0aThiZG5XVS1Gb19ZUE5mUkF1dXMwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIAQCAAEwGgMEAFd4WzAMAwQAW1zpAwQCW1zoAwQB
XpySMA8EAgACMAkDBwAqABcoABwwDQYJKoZIhvcNAQELBQADggEBAA/1wX2aYFpa
ssqKyleej5Uer1XDMqCxJGrNNOmLYdW8tbK18wXURqZhdvZQ7nCdDUIBrEI+xqdJ
iMYiWcZxt5xdEYAcLPW61HGe4vZjlQgEU4LplHTJdHc/8n/ckgwd5zJNwq2OZeoK
tp4ibPst8nDfPmrgk6RWWVn8V3UHFeNF5eP8WyVXWjbYUBoAvTtb1e26ZXcUilCF
/Z/hYxrRuhSqPZ76NfgY4e9IwiE4Pmy7SP1J6bP38fWQUOGj8LdQGl9LsHmR3HnQ
SOVte8f0di0NznqsE75a9FACtTX1TcyvHe/VtbHsgb7epQDtYeiaauEWKxrArkTX
ZoOuNKnsfTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org