Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/_R9fMU4h46-YTzr3y-8ibHwfyJc.roa
File: _R9fMU4h46-YTzr3y-8ibHwfyJc.roa (raw, json)
Hash identifier: gTcIN1i0j62kcx9uG+9JoBb7svsvSBApA2IiJHPo5IM=
Subject key identifier: FD:1F:5F:31:4E:21:E3:AF:98:4F:3A:F7:CB:EF:22:6C:7C:1F:C8:97
Certificate issuer: /CN=377bd10f7d906c131c8c9e2fc7316416df4ae224
Certificate serial: 80A2DE
Authority key identifier: 37:7B:D1:0F:7D:90:6C:13:1C:8C:9E:2F:C7:31:64:16:DF:4A:E2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/_R9fMU4h46-YTzr3y-8ibHwfyJc.roa
Signing time: Sat 30 Apr 2022 15:38:44 +0000
ROA not before: Sat 30 Apr 2022 15:38:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47271
IP address blocks: 91.198.11.0/24 maxlen: 24
91.209.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8430302 (0x80a2de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=377bd10f7d906c131c8c9e2fc7316416df4ae224
Validity
Not Before: Apr 30 15:38:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd1f5f314e21e3af984f3af7cbef226c7c1fc897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f9:86:78:df:f7:61:f1:19:49:52:e1:4d:ed:
f3:ca:47:de:c7:6c:a3:0f:91:ac:09:bd:5b:f4:10:
41:21:8b:05:0f:a9:e5:67:76:83:1b:db:55:69:23:
bb:b7:37:b5:92:7d:7c:a0:59:f2:9a:e8:e5:5a:81:
94:c5:49:5d:01:fe:a8:cc:ed:6e:1d:47:3c:2f:4c:
97:0b:d3:d7:61:37:ca:b0:78:1b:90:40:36:ff:48:
8c:b4:83:1a:9c:36:0a:0a:1c:3b:d5:aa:79:bc:5a:
58:b7:48:31:1f:ff:eb:4e:5a:00:1a:67:95:14:cd:
69:60:d3:06:b3:d4:76:dd:50:cb:a9:70:86:59:03:
35:ba:ce:d9:39:11:79:60:ca:8b:e5:87:81:92:a0:
91:3c:ae:2a:d4:d6:25:3a:16:b7:ab:f4:bf:5e:32:
5e:6f:7f:3e:5b:2d:30:93:03:d0:66:a6:41:5b:94:
4b:fd:a2:da:a8:50:4e:f7:80:2f:f7:5b:a2:72:03:
2f:8d:4b:81:04:e6:11:30:45:4c:12:1a:f7:06:fc:
d0:03:4b:3c:bd:47:1c:1b:e6:16:3a:92:9e:2b:0b:
d8:fc:5f:85:1a:ea:2d:2c:ee:c2:d6:02:30:57:18:
31:8c:a6:0f:f5:86:fe:8c:5e:5b:d3:b4:1f:b0:26:
fd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1F:5F:31:4E:21:E3:AF:98:4F:3A:F7:CB:EF:22:6C:7C:1F:C8:97
X509v3 Authority Key Identifier:
keyid:37:7B:D1:0F:7D:90:6C:13:1C:8C:9E:2F:C7:31:64:16:DF:4A:E2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/_R9fMU4h46-YTzr3y-8ibHwfyJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.11.0/24
91.209.3.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c8:6a:d8:61:77:66:99:d6:6e:41:d1:18:c8:19:10:79:36:
d6:4d:aa:83:63:5d:55:ab:82:fe:4b:89:00:ce:35:de:56:49:
16:0d:d8:f2:ae:f5:8e:a9:1b:5c:3a:92:1e:63:5f:27:82:ca:
3f:36:7e:37:08:b9:9b:5e:b1:11:92:ec:b4:43:bc:cf:a2:b4:
e1:2e:76:f4:f6:11:b6:b4:2a:1b:57:0b:66:5c:67:22:61:72:
b1:03:62:24:1b:cc:54:ae:24:f5:54:9f:5d:90:1b:bf:10:f9:
f1:66:f8:ec:e8:11:33:d2:cc:2a:25:26:73:9d:e3:38:27:1c:
d2:7c:20:e4:91:03:61:90:3a:74:4b:64:46:e0:f4:00:5b:e9:
23:6e:7f:df:5a:e2:b9:0c:d8:36:65:8c:05:03:5e:39:c4:2d:
e3:3a:c3:9c:31:a5:e8:68:c7:96:be:c7:50:0f:66:25:27:88:
0a:69:7c:7f:c4:22:bb:79:af:20:b2:9c:be:dc:c6:05:43:ba:
14:04:c4:0d:e7:d5:ba:e2:9b:a0:87:e8:cb:31:d7:ee:cc:26:
53:f1:89:bc:d0:f9:e2:ec:2a:c5:d9:ec:43:30:4b:05:55:7d:
5a:61:0a:9c:4e:cb:10:a9:2b:fe:88:7c:30:bb:6e:c0:4f:75:
60:79:21:46
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAICi3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzdiZDEwZjdkOTA2YzEzMWM4YzllMmZjNzMxNjQxNmRmNGFlMjI0MB4XDTIyMDQz
MDE1Mzg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQxZjVmMzE0ZTIx
ZTNhZjk4NGYzYWY3Y2JlZjIyNmM3YzFmYzg5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANT5hnjf92HxGUlS4U3t88pH3sdsow+RrAm9W/QQQSGLBQ+p
5Wd2gxvbVWkju7c3tZJ9fKBZ8pro5VqBlMVJXQH+qMztbh1HPC9MlwvT12E3yrB4
G5BANv9IjLSDGpw2CgocO9WqebxaWLdIMR//605aABpnlRTNaWDTBrPUdt1Qy6lw
hlkDNbrO2TkReWDKi+WHgZKgkTyuKtTWJToWt6v0v14yXm9/PlstMJMD0GamQVuU
S/2i2qhQTveAL/dbonIDL41LgQTmETBFTBIa9wb80ANLPL1HHBvmFjqSnisL2Pxf
hRrqLSzuwtYCMFcYMYymD/WG/oxeW9O0H7Am/ZUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT9H18xTiHjr5hPOvfL7yJsfB/IlzAfBgNVHSMEGDAWgBQ3e9EPfZBsExyM
ni/HMWQW30riJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04zdlJEMzJRYkJNY2pKNHZ4ekZrRnQ5SzRpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvMjA4MTI5LWQwODYtNDlkNC05ZGM3LTVhOWFjN2YzOTAyMy8x
L19SOWZNVTRoNDYtWVR6cjN5LThpYkh3ZnlKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
MjA4MTI5LWQwODYtNDlkNC05ZGM3LTVhOWFjN2YzOTAyMy8xL04zdlJEMzJRYkJN
Y2pKNHZ4ekZrRnQ5SzRpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvGCwMEAFvRAzANBgkqhkiG9w0B
AQsFAAOCAQEALchq2GF3ZpnWbkHRGMgZEHk21k2qg2NdVauC/kuJAM413lZJFg3Y
8q71jqkbXDqSHmNfJ4LKPzZ+Nwi5m16xEZLstEO8z6K04S529PYRtrQqG1cLZlxn
ImFysQNiJBvMVK4k9VSfXZAbvxD58Wb47OgRM9LMKiUmc53jOCcc0nwg5JEDYZA6
dEtkRuD0AFvpI25/31riuQzYNmWMBQNeOcQt4zrDnDGl6GjHlr7HUA9mJSeICml8
f8Qiu3mvILKcvtzGBUO6FATEDefVuuKboIfoyzHX7swmU/GJvND54uwqxdnsQzBL
BVV9WmEKnE7LEKkr/oh8MLtuwE91YHkhRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:30 2024 by rpki-client on console-ams.rpki-client.org