Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/e2n74q-mTqKKp-7_Ec_I3ZwPLr0.roa
File: e2n74q-mTqKKp-7_Ec_I3ZwPLr0.roa (raw, json)
Hash identifier: mEvfgFyNX1Hs6nCEG8xhextlf9zn7CdgKQxu4tJuhUs=
Subject key identifier: 7B:69:FB:E2:AF:A6:4E:A2:8A:A7:EE:FF:11:CF:C8:DD:9C:0F:2E:BD
Certificate issuer: /CN=408c96b92b6c698fd34fac7d581d4c0908dcce99
Certificate serial: 02B11FE9
Authority key identifier: 40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/e2n74q-mTqKKp-7_Ec_I3ZwPLr0.roa
Signing time: Sat 01 Jan 2022 07:53:31 +0000
ROA not before: Sat 01 Jan 2022 07:53:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211892
IP address blocks: 91.196.232.0/23 maxlen: 23
91.196.232.0/22 maxlen: 22
91.196.234.0/23 maxlen: 23
185.116.61.0/24 maxlen: 24
2a04:6d00::/29 maxlen: 29
2a0c:8040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45162473 (0x2b11fe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408c96b92b6c698fd34fac7d581d4c0908dcce99
Validity
Not Before: Jan 1 07:53:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b69fbe2afa64ea28aa7eeff11cfc8dd9c0f2ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b3:ff:ff:4d:05:17:f6:8e:9b:e8:9a:d2:30:
4d:22:47:3d:6b:b9:92:8e:6d:7c:3c:91:3c:41:6c:
41:e6:bb:a8:59:5c:98:47:3d:82:5e:43:83:62:6b:
c8:1f:2f:99:c4:af:d9:d9:63:66:cc:ea:6f:d8:e7:
52:0e:51:67:13:09:74:0a:4a:7c:85:87:22:2a:52:
10:62:3f:56:61:9f:de:bb:80:e6:4b:fc:cb:81:24:
66:88:24:47:2e:78:93:7c:ab:72:b2:c5:22:b0:c3:
f4:30:35:f0:8a:b3:4f:08:c2:04:1a:3d:15:1b:b3:
a1:3b:8b:e7:87:42:72:33:23:6e:17:27:92:e8:a8:
c6:18:f0:8c:c3:8f:4e:1b:64:32:fa:a0:15:bf:eb:
0b:11:9a:5c:fd:a8:4d:60:01:2f:72:27:2c:09:e1:
14:5f:25:b7:3e:39:56:84:1c:39:89:5e:9b:4b:96:
b4:70:ef:13:4d:24:3e:70:e2:89:e1:72:af:09:5a:
6b:62:29:04:7a:f2:d1:f3:84:e6:cf:52:b1:45:b2:
83:02:a4:2b:4b:d7:5c:69:6d:5f:91:be:eb:76:41:
c2:b1:85:6a:6c:d2:3d:23:20:a5:37:f8:ed:37:fe:
9a:b1:94:88:0e:2b:d1:ea:22:af:3e:bd:94:a5:dd:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:69:FB:E2:AF:A6:4E:A2:8A:A7:EE:FF:11:CF:C8:DD:9C:0F:2E:BD
X509v3 Authority Key Identifier:
keyid:40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/e2n74q-mTqKKp-7_Ec_I3ZwPLr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.232.0/22
185.116.61.0/24
IPv6:
2a04:6d00::/29
2a0c:8040::/29
Signature Algorithm: sha256WithRSAEncryption
9b:ff:fe:da:67:4d:5a:39:a2:50:86:47:8e:fc:a9:8d:d3:67:
f4:3c:20:d7:5f:22:e3:4d:86:73:d7:84:12:5f:c6:56:d4:08:
e6:26:35:ea:dd:39:30:fe:08:cc:66:4d:3d:69:72:93:a9:92:
e8:d9:3b:51:bb:e1:93:3f:1d:7b:de:ef:4f:7b:51:41:1e:3b:
76:8c:f4:fd:61:47:1f:b4:0e:84:f0:33:cb:2a:e4:41:14:b9:
98:90:df:86:5b:0b:14:2f:88:15:fe:5b:e5:ee:14:29:6c:17:
bf:58:b5:ac:d0:a0:47:3b:14:d8:24:da:a4:52:a7:db:ed:3f:
b7:71:63:e8:08:51:5e:c6:14:56:60:d8:5b:39:5d:0b:49:ce:
00:df:00:6f:93:b1:75:fa:87:a5:30:8b:2d:c8:4f:ce:0e:da:
97:ca:6b:0d:15:b0:b2:13:b8:5c:08:9b:07:65:c8:46:9f:2d:
0f:1a:91:62:97:73:bb:3a:90:32:31:21:56:fa:02:9c:42:8b:
4d:d1:f5:d9:21:45:0d:f0:44:d7:eb:c5:bb:90:52:4d:40:6b:
6f:47:0f:e1:6a:84:cd:57:df:9a:59:3f:e6:57:0b:f0:d1:e0:
b4:df:94:d9:84:29:95:53:8b:7c:de:f7:2f:0a:34:c1:18:6f:
db:88:30:08
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEArEf6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDhjOTZiOTJiNmM2OThmZDM0ZmFjN2Q1ODFkNGMwOTA4ZGNjZTk5MB4XDTIyMDEw
MTA3NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I2OWZiZTJhZmE2
NGVhMjhhYTdlZWZmMTFjZmM4ZGQ5YzBmMmViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmz//9NBRf2jpvomtIwTSJHPWu5ko5tfDyRPEFsQea7qFlc
mEc9gl5Dg2JryB8vmcSv2dljZszqb9jnUg5RZxMJdApKfIWHIipSEGI/VmGf3ruA
5kv8y4EkZogkRy54k3yrcrLFIrDD9DA18IqzTwjCBBo9FRuzoTuL54dCcjMjbhcn
kuioxhjwjMOPThtkMvqgFb/rCxGaXP2oTWABL3InLAnhFF8ltz45VoQcOYlem0uW
tHDvE00kPnDiieFyrwlaa2IpBHry0fOE5s9SsUWygwKkK0vXXGltX5G+63ZBwrGF
amzSPSMgpTf47Tf+mrGUiA4r0eoirz69lKXd5/0CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBR7afvir6ZOooqn7v8Rz8jdnA8uvTAfBgNVHSMEGDAWgBRAjJa5K2xpj9NP
rH1YHUwJCNzOmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJeVd1U3RzYVlfVFQ2eDlXQjFNQ1FqY3pway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvMjI5ZmEyLTMyY2MtNGI1OS05Mzc3LTU2YmJmMGJlYWY0Ny8x
L2Uybjc0cS1tVHFLS3AtN19FY19JM1p3UExyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
MjI5ZmEyLTMyY2MtNGI1OS05Mzc3LTU2YmJmMGJlYWY0Ny8xL1FJeVd1U3RzYVlf
VFQ2eDlXQjFNQ1FqY3pway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEAlvE6AMEALl0PTAUBAIAAjAOAwUD
KgRtAAMFAyoMgEAwDQYJKoZIhvcNAQELBQADggEBAJv//tpnTVo5olCGR478qY3T
Z/Q8INdfIuNNhnPXhBJfxlbUCOYmNerdOTD+CMxmTT1pcpOpkujZO1G74ZM/HXve
7097UUEeO3aM9P1hRx+0DoTwM8sq5EEUuZiQ34ZbCxQviBX+W+XuFClsF79YtazQ
oEc7FNgk2qRSp9vtP7dxY+gIUV7GFFZg2Fs5XQtJzgDfAG+TsXX6h6Uwiy3IT84O
2pfKaw0VsLITuFwImwdlyEafLQ8akWKXc7s6kDIxIVb6ApxCi03R9dkhRQ3wRNfr
xbuQUk1Aa29HD+FqhM1X35pZP+ZXC/DR4LTflNmEKZVTi3ze9y8KNMEYb9uIMAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:22 2024 by rpki-client on console-ams.rpki-client.org