Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/PxTb6QbLW53rsu_y0zBkxDdvaks.roa
File: PxTb6QbLW53rsu_y0zBkxDdvaks.roa (raw, json)
Hash identifier: tsygHayoguQj4X7PAz2WW3IlDE2KpGDJbCszCNxvfk8=
Subject key identifier: 3F:14:DB:E9:06:CB:5B:9D:EB:B2:EF:F2:D3:30:64:C4:37:6F:6A:4B
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 03AD3DA8
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/PxTb6QbLW53rsu_y0zBkxDdvaks.roa
Signing time: Sat 01 Jan 2022 12:55:34 +0000
ROA not before: Sat 01 Jan 2022 12:55:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 85.91.107.0/24 maxlen: 24
85.91.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61685160 (0x3ad3da8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Jan 1 12:55:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f14dbe906cb5b9debb2eff2d33064c4376f6a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:97:13:a2:7c:b8:5f:af:34:8c:98:1f:a9:1c:
a2:da:74:44:2d:8a:e1:94:e7:e7:69:cf:e8:c6:2d:
de:7d:33:d9:50:43:58:86:29:38:05:49:50:84:17:
fa:f4:44:2c:dc:65:7d:90:f8:67:0b:1b:a5:31:f1:
bc:87:12:f6:c4:62:bd:25:dc:35:c7:60:49:88:d0:
68:21:57:3b:4f:30:07:55:f8:07:38:64:a0:a0:65:
06:07:2a:4c:0f:6d:50:c8:18:21:c9:89:ca:47:62:
0a:c1:a5:e8:0c:16:83:5d:f7:f1:47:4b:33:6a:94:
ec:ea:31:86:07:03:bd:cf:9a:c4:03:b9:32:2b:50:
f4:d8:58:16:ce:fa:a2:4e:90:6c:39:60:9a:d8:2e:
1a:2a:e4:3c:e1:6c:6c:37:d8:be:e6:8b:b1:d3:35:
64:00:8d:e2:42:ec:15:07:01:02:97:67:43:b9:26:
7a:6e:42:7d:70:43:ca:8c:67:ff:3d:3f:86:ce:5a:
e8:9b:c5:85:17:9d:42:05:2b:a8:d4:3d:6c:1e:91:
56:7d:02:59:5f:e5:9f:d0:aa:ee:85:36:68:69:cf:
23:d9:37:9f:a5:76:83:0c:9c:9e:a4:4d:0e:ea:28:
e6:ef:36:7a:ad:82:91:55:1d:3e:59:af:e9:c8:3c:
87:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:14:DB:E9:06:CB:5B:9D:EB:B2:EF:F2:D3:30:64:C4:37:6F:6A:4B
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/PxTb6QbLW53rsu_y0zBkxDdvaks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.107.0/24
85.91.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:39:61:c9:77:3b:d0:e1:34:ee:9a:e4:14:c4:ea:af:05:e2:
0c:da:0c:12:90:13:7b:91:31:96:73:88:25:7d:ee:05:c3:64:
12:f2:24:dd:75:87:cb:a7:32:e5:16:6e:2c:8c:b4:57:e9:52:
ec:89:ce:fd:46:b1:bb:c0:77:3d:45:e2:d8:16:d3:ad:d4:8a:
da:03:a5:13:62:1a:26:6b:f7:35:c6:3c:3f:c5:2d:55:94:8d:
f3:9b:fc:df:f2:41:a2:91:df:fa:a8:93:20:8b:d4:90:ff:71:
e6:b3:14:69:62:2e:06:be:7e:11:f7:f0:09:13:04:51:d8:b9:
a2:ca:7b:5b:8e:71:cc:05:8f:06:7a:03:28:69:ac:2c:14:1f:
b7:bd:25:0c:29:60:cb:ed:c2:66:38:b1:26:2b:4c:4e:19:5e:
8a:2e:83:e8:bb:24:ae:4a:28:de:29:99:dd:62:7a:74:4d:06:
c5:a4:7d:59:a3:eb:87:5f:b3:4d:ba:43:b4:23:ce:2c:4d:0f:
bc:ea:5b:14:98:33:32:fd:bb:51:80:9e:20:c8:3c:ab:b0:5e:
a5:a9:71:d4:84:9d:7b:dd:2d:ca:5d:ca:0b:c8:aa:be:9a:a1:
cc:d0:42:e2:de:c3:b9:c3:3d:4c:ae:7f:0a:7f:d7:87:36:5a:
64:f7:0a:fd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA609qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OWRkNTQyNzgxODUxYzBiY2U1YTNlYTVjYzM4NzY1MGZmYzgyNzdlMB4XDTIyMDEw
MTEyNTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2YxNGRiZTkwNmNi
NWI5ZGViYjJlZmYyZDMzMDY0YzQzNzZmNmE0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+XE6J8uF+vNIyYH6kcotp0RC2K4ZTn52nP6MYt3n0z2VBD
WIYpOAVJUIQX+vRELNxlfZD4ZwsbpTHxvIcS9sRivSXcNcdgSYjQaCFXO08wB1X4
BzhkoKBlBgcqTA9tUMgYIcmJykdiCsGl6AwWg1338UdLM2qU7OoxhgcDvc+axAO5
MitQ9NhYFs76ok6QbDlgmtguGirkPOFsbDfYvuaLsdM1ZACN4kLsFQcBApdnQ7km
em5CfXBDyoxn/z0/hs5a6JvFhRedQgUrqNQ9bB6RVn0CWV/ln9Cq7oU2aGnPI9k3
n6V2gwycnqRNDuoo5u82eq2CkVUdPlmv6cg8h6sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ/FNvpBstbneuy7/LTMGTEN29qSzAfBgNVHSMEGDAWgBRZ3VQngYUcC85a
PqXMOHZQ/8gnfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dkMVVKNEdGSEF2T1dqNmx6RGgyVVBfSUozNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNzljNGJhLTM4ZTItNGY1YS05NTlmLTQ3ZTA5Mzc5ODlhOC8x
L1B4VGI2UWJMVzUzcnN1X3kwekJreERkdmFrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NzljNGJhLTM4ZTItNGY1YS05NTlmLTQ3ZTA5Mzc5ODlhOC8xL1dkMVVKNEdGSEF2
T1dqNmx6RGgyVVBfSUozNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFVbawMEAFVbezANBgkqhkiG9w0B
AQsFAAOCAQEAojlhyXc70OE07prkFMTqrwXiDNoMEpATe5ExlnOIJX3uBcNkEvIk
3XWHy6cy5RZuLIy0V+lS7InO/Uaxu8B3PUXi2BbTrdSK2gOlE2IaJmv3NcY8P8Ut
VZSN85v83/JBopHf+qiTIIvUkP9x5rMUaWIuBr5+EffwCRMEUdi5osp7W45xzAWP
BnoDKGmsLBQft70lDClgy+3CZjixJitMThleii6D6Lskrkoo3imZ3WJ6dE0GxaR9
WaPrh1+zTbpDtCPOLE0PvOpbFJgzMv27UYCeIMg8q7Bepalx1ISde90tyl3KC8iq
vpqhzNBC4t7DucM9TK5/Cn/XhzZaZPcK/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org