Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/ypI8VNkEeAjTHRpoPGhrDks2YDk.roa
File: ypI8VNkEeAjTHRpoPGhrDks2YDk.roa (raw, json)
Hash identifier: FWB3MhXShZRGYDO7rN0zTV8FuzEj67yAKx80ZYuWbJI=
Subject key identifier: CA:92:3C:54:D9:04:78:08:D3:1D:1A:68:3C:68:6B:0E:4B:36:60:39
Certificate issuer: /CN=923603c981868916b0b1701dcf3720caa2484fdc
Certificate serial: 024172CD
Authority key identifier: 92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/ypI8VNkEeAjTHRpoPGhrDks2YDk.roa
Signing time: Sat 01 Jan 2022 06:59:27 +0000
ROA not before: Sat 01 Jan 2022 06:59:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16044
IP address blocks: 91.226.252.0/24 maxlen: 24
91.226.252.0/22 maxlen: 22
91.226.253.0/24 maxlen: 24
91.226.254.0/24 maxlen: 24
91.226.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37843661 (0x24172cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923603c981868916b0b1701dcf3720caa2484fdc
Validity
Not Before: Jan 1 06:59:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca923c54d9047808d31d1a683c686b0e4b366039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:87:e0:c4:d1:01:b8:f7:c0:03:4d:a6:c0:69:
63:8e:0e:54:3c:c6:db:83:bb:98:09:18:91:00:36:
61:ea:cf:ac:d3:a4:0f:d2:77:85:3b:27:0c:9d:dd:
77:4c:4b:1e:dc:a3:6e:6a:81:06:d1:36:97:7e:ab:
3c:f4:1e:85:65:54:85:5b:ef:10:63:c9:fb:60:2c:
ac:12:22:a6:a0:21:44:4d:20:de:46:9b:d2:a2:93:
31:68:15:58:cd:68:d8:9e:ff:23:3c:db:11:4e:d8:
e9:1d:65:e8:d1:c6:b1:88:46:4b:a2:5e:62:b7:68:
be:8e:d7:0b:3e:2c:a7:d8:ea:93:be:3d:dd:d0:61:
aa:b6:f2:df:e6:5e:f3:9e:eb:0c:04:f8:25:a9:6b:
9b:7d:b9:f2:76:81:ee:73:f1:e4:86:b1:a4:5a:c5:
d9:2e:67:ff:3b:d4:bc:b1:a2:8b:f6:a6:af:9e:0f:
0f:e4:f4:13:16:4f:0d:dc:53:6a:23:2f:b2:4d:20:
55:35:50:90:59:1e:6f:d4:b3:4f:5e:64:5d:3f:a7:
f7:7f:39:e2:a1:96:fe:c3:57:7b:32:56:ce:15:48:
3e:8f:69:65:de:7b:e0:49:8e:e2:01:8f:7c:56:d2:
21:e0:91:34:6e:c7:df:4c:2f:29:08:48:3b:97:5e:
aa:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:92:3C:54:D9:04:78:08:D3:1D:1A:68:3C:68:6B:0E:4B:36:60:39
X509v3 Authority Key Identifier:
keyid:92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/ypI8VNkEeAjTHRpoPGhrDks2YDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/kjYDyYGGiRawsXAdzzcgyqJIT9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.252.0/22
Signature Algorithm: sha256WithRSAEncryption
18:0b:10:f6:d3:81:a8:b3:06:b6:23:a6:87:8c:59:02:2c:db:
ab:34:0f:84:c8:e5:54:90:32:c6:51:75:3c:62:4b:b3:29:30:
ad:73:67:14:38:ff:78:f9:7f:a5:f7:70:a3:42:18:80:e6:01:
fb:9f:5e:d2:2f:dc:b5:14:ef:76:02:49:d2:e3:ba:6c:03:fb:
49:21:60:e7:ab:c6:07:da:16:14:58:63:b3:c2:03:bb:06:41:
2c:63:a7:ab:0e:ac:ae:2a:5e:e3:c6:77:8b:66:2a:02:d5:8f:
54:0c:4a:fa:0e:49:87:d1:3e:01:c9:f2:ae:8d:39:49:d9:4d:
db:9a:e9:4d:68:52:53:83:65:34:e9:5a:17:2e:65:57:8f:fa:
c3:24:af:1e:22:26:7a:f4:b3:dd:30:c6:35:dd:c9:72:65:38:
91:6b:87:59:3b:6f:64:b1:e4:05:a7:21:56:7b:ab:bd:80:c1:
09:67:59:11:7f:af:e3:d8:4e:39:2d:d5:30:ed:ca:a4:b4:6f:
c2:0b:f2:94:34:73:0f:26:da:76:90:45:b8:2e:5f:09:b3:e8:
92:4d:cc:05:6a:b9:7e:47:4e:e4:54:9b:f4:ab:18:3d:db:77:
78:e1:73:ee:57:42:44:d3:10:11:a8:46:fe:85:36:29:2c:9b:
e4:81:b1:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkFyzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjM2MDNjOTgxODY4OTE2YjBiMTcwMWRjZjM3MjBjYWEyNDg0ZmRjMB4XDTIyMDEw
MTA2NTkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E5MjNjNTRkOTA0
NzgwOGQzMWQxYTY4M2M2ODZiMGU0YjM2NjAzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWH4MTRAbj3wANNpsBpY44OVDzG24O7mAkYkQA2YerPrNOk
D9J3hTsnDJ3dd0xLHtyjbmqBBtE2l36rPPQehWVUhVvvEGPJ+2AsrBIipqAhRE0g
3kab0qKTMWgVWM1o2J7/IzzbEU7Y6R1l6NHGsYhGS6JeYrdovo7XCz4sp9jqk749
3dBhqrby3+Ze857rDAT4Jalrm3258naB7nPx5IaxpFrF2S5n/zvUvLGii/amr54P
D+T0ExZPDdxTaiMvsk0gVTVQkFkeb9SzT15kXT+n93854qGW/sNXezJWzhVIPo9p
Zd574EmO4gGPfFbSIeCRNG7H30wvKQhIO5deqgUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTKkjxU2QR4CNMdGmg8aGsOSzZgOTAfBgNVHSMEGDAWgBSSNgPJgYaJFrCx
cB3PNyDKokhP3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tqWUR5WUdHaVJhd3NYQWR6emNneXFKSVQ5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYWYyNjcxLTA1MTgtNDE5Zi05OWUwLWEzMTk5ZWE4ZDEzZS8x
L3lwSThWTmtFZUFqVEhScG9QR2hyRGtzMllEay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
YWYyNjcxLTA1MTgtNDE5Zi05OWUwLWEzMTk5ZWE4ZDEzZS8xL2tqWUR5WUdHaVJh
d3NYQWR6emNneXFKSVQ5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvi/DANBgkqhkiG9w0BAQsFAAOC
AQEAGAsQ9tOBqLMGtiOmh4xZAizbqzQPhMjlVJAyxlF1PGJLsykwrXNnFDj/ePl/
pfdwo0IYgOYB+59e0i/ctRTvdgJJ0uO6bAP7SSFg56vGB9oWFFhjs8IDuwZBLGOn
qw6sripe48Z3i2YqAtWPVAxK+g5Jh9E+Acnyro05SdlN25rpTWhSU4NlNOlaFy5l
V4/6wySvHiImevSz3TDGNd3JcmU4kWuHWTtvZLHkBachVnurvYDBCWdZEX+v49hO
OS3VMO3KpLRvwgvylDRzDybadpBFuC5fCbPokk3MBWq5fkdO5FSb9KsYPdt3eOFz
7ldCRNMQEahG/oU2KSyb5IGx+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org