Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3246dc-1a98-4fb2-9585-7b2909f4f57a/1/mcHwgVrSYHJo8-4JbPbuQd7BqcI.roa
File: mcHwgVrSYHJo8-4JbPbuQd7BqcI.roa (raw, json)
Hash identifier: J1LDP6+5bdfMB5T4ErDhHscUaIZDpX963KntzizAjUk=
Subject key identifier: 99:C1:F0:81:5A:D2:60:72:68:F3:EE:09:6C:F6:EE:41:DE:C1:A9:C2
Certificate issuer: /CN=d59f0ceca20fafe733fbaf76250ffbc0a350742a
Certificate serial: 03DD491D
Authority key identifier: D5:9F:0C:EC:A2:0F:AF:E7:33:FB:AF:76:25:0F:FB:C0:A3:50:74:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Z8M7KIPr-cz-692JQ_7wKNQdCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3246dc-1a98-4fb2-9585-7b2909f4f57a/1/mcHwgVrSYHJo8-4JbPbuQd7BqcI.roa
Signing time: Sat 01 Jan 2022 14:01:26 +0000
ROA not before: Sat 01 Jan 2022 14:01:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197978
IP address blocks: 91.198.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64833821 (0x3dd491d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d59f0ceca20fafe733fbaf76250ffbc0a350742a
Validity
Not Before: Jan 1 14:01:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99c1f0815ad2607268f3ee096cf6ee41dec1a9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:12:3a:70:ea:48:1a:fc:95:d2:c3:e6:b6:fe:
cc:f5:9a:6b:f6:cf:20:da:0d:40:8c:3a:89:00:61:
6c:6b:83:c8:86:6a:fb:44:5a:81:03:eb:80:e0:d6:
88:86:a7:ea:fa:f7:c5:76:f4:4c:6a:97:9b:7f:1b:
7e:3f:3a:aa:b6:9c:68:62:27:ab:a1:d6:ab:03:06:
69:c8:b9:ac:84:f4:b5:7e:69:5a:38:d7:bf:5e:41:
47:89:ef:84:9f:c2:4b:8a:01:3b:fc:af:cd:53:ae:
1f:07:05:08:b1:02:d8:dd:7b:28:a4:0e:4c:4d:08:
cf:f2:b1:83:83:98:e7:71:58:4f:fb:2c:7e:6e:78:
46:dc:67:20:42:41:dd:97:22:8a:29:bc:e7:97:40:
a8:5b:66:fc:55:13:04:67:eb:21:7f:c8:19:4b:62:
11:b7:1b:ed:ac:92:30:b3:3a:f4:ea:b0:cc:06:e0:
bf:7e:f5:ec:54:0d:78:87:7a:89:c2:3c:dd:49:f7:
0b:5b:f4:cd:d8:d1:51:af:d1:7e:25:d6:86:65:82:
3f:33:39:01:f7:83:f8:5f:ca:d8:e9:f2:69:a6:11:
aa:f9:cc:24:e0:08:42:6e:59:8e:65:4a:a9:04:5e:
0a:6c:44:08:26:81:56:e9:00:90:80:c2:28:18:4d:
56:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C1:F0:81:5A:D2:60:72:68:F3:EE:09:6C:F6:EE:41:DE:C1:A9:C2
X509v3 Authority Key Identifier:
keyid:D5:9F:0C:EC:A2:0F:AF:E7:33:FB:AF:76:25:0F:FB:C0:A3:50:74:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Z8M7KIPr-cz-692JQ_7wKNQdCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3246dc-1a98-4fb2-9585-7b2909f4f57a/1/mcHwgVrSYHJo8-4JbPbuQd7BqcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3246dc-1a98-4fb2-9585-7b2909f4f57a/1/1Z8M7KIPr-cz-692JQ_7wKNQdCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.247.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:3c:26:bd:9d:50:79:17:2a:11:65:e7:16:09:ca:99:9b:64:
c8:2e:2c:8e:83:54:6f:ac:43:86:5c:d8:01:57:ee:1b:05:20:
e7:21:22:c6:ce:91:ca:4e:3f:20:44:4e:96:53:65:49:3e:f8:
1e:ee:84:4d:9f:a5:44:a4:77:0c:30:92:6c:10:28:d0:0b:71:
35:a3:c9:4e:5d:98:8a:ea:99:75:db:0b:a5:e9:2d:4e:16:4b:
81:66:52:3f:fc:b5:7b:1f:05:5b:ee:c0:8a:83:6d:fd:9b:12:
bc:43:6b:36:53:b2:f5:87:b5:f8:70:48:ca:0c:f8:91:93:09:
2a:c3:2e:d5:5c:b1:dd:ef:8d:c6:65:23:14:58:6e:3e:65:16:
ef:b3:b3:23:63:9a:27:c8:c2:80:80:60:70:99:31:66:b8:cc:
9e:8f:30:34:03:0f:91:9a:af:0a:2c:90:9a:af:24:11:c8:63:
b9:59:96:38:69:5d:01:7a:9e:7f:1f:50:40:48:72:d7:e1:fe:
4a:21:1e:e5:1a:75:1d:2f:9e:2e:63:35:5a:84:63:74:b0:c8:
ef:14:57:54:f9:23:c3:3d:04:1a:4d:e7:81:db:4f:6f:34:f1:
3a:4e:24:eb:53:73:86:df:43:d6:98:ad:e4:6d:1a:3e:f7:9f:
f7:6c:74:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA91JHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTlmMGNlY2EyMGZhZmU3MzNmYmFmNzYyNTBmZmJjMGEzNTA3NDJhMB4XDTIyMDEw
MTE0MDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTljMWYwODE1YWQy
NjA3MjY4ZjNlZTA5NmNmNmVlNDFkZWMxYTljMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0SOnDqSBr8ldLD5rb+zPWaa/bPINoNQIw6iQBhbGuDyIZq
+0RagQPrgODWiIan6vr3xXb0TGqXm38bfj86qracaGInq6HWqwMGaci5rIT0tX5p
WjjXv15BR4nvhJ/CS4oBO/yvzVOuHwcFCLEC2N17KKQOTE0Iz/Kxg4OY53FYT/ss
fm54RtxnIEJB3Zciiim855dAqFtm/FUTBGfrIX/IGUtiEbcb7aySMLM69OqwzAbg
v3717FQNeId6icI83Un3C1v0zdjRUa/RfiXWhmWCPzM5AfeD+F/K2OnyaaYRqvnM
JOAIQm5ZjmVKqQReCmxECCaBVukAkIDCKBhNVlcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZwfCBWtJgcmjz7gls9u5B3sGpwjAfBgNVHSMEGDAWgBTVnwzsog+v5zP7
r3YlD/vAo1B0KjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFaOE03S0lQci1jei02OTJKUV83d0tOUWRDby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMzI0NmRjLTFhOTgtNGZiMi05NTg1LTdiMjkwOWY0ZjU3YS8x
L21jSHdnVnJTWUhKbzgtNEpiUGJ1UWQ3QnFjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MzI0NmRjLTFhOTgtNGZiMi05NTg1LTdiMjkwOWY0ZjU3YS8xLzFaOE03S0lQci1j
ei02OTJKUV83d0tOUWRDby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvG9zANBgkqhkiG9w0BAQsFAAOC
AQEAsDwmvZ1QeRcqEWXnFgnKmZtkyC4sjoNUb6xDhlzYAVfuGwUg5yEixs6Ryk4/
IEROllNlST74Hu6ETZ+lRKR3DDCSbBAo0AtxNaPJTl2YiuqZddsLpektThZLgWZS
P/y1ex8FW+7AioNt/ZsSvENrNlOy9Ye1+HBIygz4kZMJKsMu1Vyx3e+NxmUjFFhu
PmUW77OzI2OaJ8jCgIBgcJkxZrjMno8wNAMPkZqvCiyQmq8kEchjuVmWOGldAXqe
fx9QQEhy1+H+SiEe5Rp1HS+eLmM1WoRjdLDI7xRXVPkjwz0EGk3ngdtPbzTxOk4k
61Nzht9D1pit5G0aPvef92x0mA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:41 2023 by rpki-client on console-fra.rpki-client.org