Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/Ig5XnmP5s7aNlVIL-teFnNhTin4.roa
File: Ig5XnmP5s7aNlVIL-teFnNhTin4.roa (raw, json)
Hash identifier: ss0i2gsT/tkTnM1gOABGtlQc12JY71S2qIjqPoDiY/o=
Subject key identifier: 22:0E:57:9E:63:F9:B3:B6:8D:95:52:0B:FA:D7:85:9C:D8:53:8A:7E
Certificate issuer: /CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Certificate serial: 0181ED931B64D255C01C8E402303F178C724
Authority key identifier: 7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/Ig5XnmP5s7aNlVIL-teFnNhTin4.roa
Signing time: Mon 11 Jul 2022 14:04:09 +0000
ROA not before: Mon 11 Jul 2022 14:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.209.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:93:1b:64:d2:55:c0:1c:8e:40:23:03:f1:78:c7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Validity
Not Before: Jul 11 14:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=220e579e63f9b3b68d95520bfad7859cd8538a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:51:80:24:14:ce:30:1c:00:30:27:82:75:a0:
6f:8d:6c:4d:cb:d4:5a:b9:53:66:b3:27:62:5d:64:
35:a9:7c:71:da:65:f8:1d:0c:a9:b8:12:a8:09:8e:
65:01:df:10:12:21:d8:66:ed:d7:98:ac:85:3d:89:
69:7b:4f:a2:4e:4e:8e:a6:de:9f:5b:d4:e3:49:ed:
9d:80:4e:d8:41:3a:1a:15:03:9f:4e:95:f2:3b:a8:
42:1c:98:7f:c2:9b:2d:e6:10:c1:ed:05:38:c7:79:
87:c9:2a:e0:cc:9e:3d:55:d0:94:a3:60:a4:74:6d:
d0:0c:5f:b2:ed:de:11:86:fd:06:cd:e5:46:0c:dd:
31:0e:b8:22:17:39:cf:a0:62:f9:b3:36:b5:96:c6:
e3:e1:c7:ce:2a:b1:1c:a3:28:98:c9:ee:59:e7:27:
c7:b9:5d:85:d9:7e:c4:f5:08:65:56:f2:8f:26:02:
25:3f:1f:ed:3d:f2:b1:5d:52:2a:fe:b7:67:9c:2e:
f4:90:02:07:3a:fb:db:4b:e0:4d:ad:9d:79:89:bd:
12:32:b7:6f:6f:c3:08:ad:5b:c2:70:fb:4e:0d:15:
6d:57:6f:e6:ff:61:e5:11:25:c7:5d:c0:c5:76:ff:
b8:06:59:28:cc:96:b2:99:c6:8e:ce:71:e7:bd:e4:
cc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0E:57:9E:63:F9:B3:B6:8D:95:52:0B:FA:D7:85:9C:D8:53:8A:7E
X509v3 Authority Key Identifier:
keyid:7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/Ig5XnmP5s7aNlVIL-teFnNhTin4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
81:02:c1:91:79:2d:e2:6a:7f:27:f0:91:0e:2c:ef:93:63:8f:
0d:15:89:78:eb:cf:20:8a:9a:7d:7b:59:48:1a:81:c4:69:0b:
9b:1a:f6:5b:ff:bf:02:28:2c:11:f3:25:ea:dd:33:70:0f:d7:
2c:4e:39:6d:88:cb:5d:42:65:29:6f:4a:47:4b:48:07:03:9d:
5b:8c:f4:59:d4:f8:b8:0e:20:50:6c:0a:66:95:e0:d8:5f:d4:
7d:d0:8b:5e:1f:44:dc:56:91:34:ce:04:f3:44:ab:d2:c4:e2:
4e:65:89:e9:bb:9e:7e:5c:92:3e:bd:7c:6a:3e:fd:d0:67:19:
f5:1d:29:ab:44:01:e2:fe:e6:10:5b:de:d1:a9:7e:28:6a:4c:
e5:19:68:94:dc:76:5b:4c:fa:aa:e4:e0:f3:7a:1a:35:23:b2:
93:d9:97:92:9c:99:e9:ec:ce:00:9d:7b:f5:3e:3e:2a:5d:32:
e6:17:cf:3e:38:39:8a:95:0d:de:7c:19:02:4e:c0:b2:d1:3b:
25:dd:62:b5:e2:a3:64:8a:f1:2f:fd:f5:49:ec:7d:12:f2:19:
91:c8:82:ac:2f:ad:aa:a5:b3:82:a4:79:23:c3:62:2a:0e:ed:
ed:fc:b0:da:e2:eb:82:d3:6c:1d:73:29:2a:69:17:3b:d6:03:
81:08:b9:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHtkxtk0lXAHI5AIwPxeMckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYTNmOTlkYmE5NGEzMDdiNmNkMmUxZDkwZjY3OGRhYzA1
NjgxZjgwHhcNMjIwNzExMTQwNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBlNTc5ZTYzZjliM2I2OGQ5NTUyMGJmYWQ3ODU5Y2Q4NTM4YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFGAJBTOMBwAMCeCdaBvjWxNy9Ra
uVNmsydiXWQ1qXxx2mX4HQypuBKoCY5lAd8QEiHYZu3XmKyFPYlpe0+iTk6Opt6f
W9TjSe2dgE7YQToaFQOfTpXyO6hCHJh/wpst5hDB7QU4x3mHySrgzJ49VdCUo2Ck
dG3QDF+y7d4Rhv0GzeVGDN0xDrgiFznPoGL5sza1lsbj4cfOKrEcoyiYye5Z5yfH
uV2F2X7E9QhlVvKPJgIlPx/tPfKxXVIq/rdnnC70kAIHOvvbS+BNrZ15ib0SMrdv
b8MIrVvCcPtODRVtV2/m/2HlESXHXcDFdv+4BlkozJaymcaOznHnveTM0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIOV55j+bO2jZVSC/rXhZzYU4p+MB8GA1UdIwQY
MBaAFH+j+Z26lKMHts0uHZD2eNrAVoH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUt
NGVhNDdjY2UwYzYzLzEvSWc1WG5tUDVzN2FObFZJTC10ZUZuTmhUaW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUtNGVhNDdjY2UwYzYz
LzEvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HkMA0G
CSqGSIb3DQEBCwUAA4IBAQCBAsGReS3ian8n8JEOLO+TY48NFYl4688gipp9e1lI
GoHEaQubGvZb/78CKCwR8yXq3TNwD9csTjltiMtdQmUpb0pHS0gHA51bjPRZ1Pi4
DiBQbApmleDYX9R90IteH0TcVpE0zgTzRKvSxOJOZYnpu55+XJI+vXxqPv3QZxn1
HSmrRAHi/uYQW97RqX4oakzlGWiU3HZbTPqq5ODzeho1I7KT2ZeSnJnp7M4AnXv1
Pj4qXTLmF88+ODmKlQ3efBkCTsCy0Tsl3WK14qNkivEv/fVJ7H0S8hmRyIKsL62q
pbOCpHkjw2IqDu3t/LDa4uuC02wdcykqaRc71gOBCLnE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org