Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/86ba02-f970-4869-be27-e8ede5a2f875/1/LQF6I2JclkHDnr-09Y99FRssk_w.roa
File: LQF6I2JclkHDnr-09Y99FRssk_w.roa (raw, json)
Hash identifier: /nsvoTJ5zyy1u81OI511SmKBMiFoiKcGqV6HtLDCTuE=
Subject key identifier: 2D:01:7A:23:62:5C:96:41:C3:9E:BF:B4:F5:8F:7D:15:1B:2C:93:FC
Certificate issuer: /CN=b4c0439c795551102d6f1e4ceb6d1c52fbc5ea3f
Certificate serial: 18B50DAF
Authority key identifier: B4:C0:43:9C:79:55:51:10:2D:6F:1E:4C:EB:6D:1C:52:FB:C5:EA:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMBDnHlVURAtbx5M620cUvvF6j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/86ba02-f970-4869-be27-e8ede5a2f875/1/LQF6I2JclkHDnr-09Y99FRssk_w.roa
Signing time: Sat 01 Jan 2022 02:56:20 +0000
ROA not before: Sat 01 Jan 2022 02:56:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198732
IP address blocks: 91.238.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 414518703 (0x18b50daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4c0439c795551102d6f1e4ceb6d1c52fbc5ea3f
Validity
Not Before: Jan 1 02:56:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d017a23625c9641c39ebfb4f58f7d151b2c93fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3c:7f:6a:e6:a2:43:e5:17:74:0f:5d:94:fa:
4a:8d:55:a5:9c:29:4d:bb:63:eb:3b:36:57:ee:ae:
ea:8b:d4:4e:bb:2d:6e:2f:e5:e6:78:a3:6b:b9:5d:
e7:1b:a5:86:07:9e:c3:07:df:44:9d:5b:21:85:4a:
25:a8:b9:10:de:3a:2b:94:73:5e:78:94:f8:3d:b1:
c2:21:b7:65:2a:9a:d2:3b:bb:76:20:d8:93:73:ac:
42:7f:c9:49:f1:a6:e9:2b:d4:bf:d2:f5:2d:a9:af:
38:af:da:c7:c0:75:36:b7:97:08:a4:c1:f7:41:be:
a4:30:e3:65:40:1f:29:44:73:70:e0:b6:04:6e:e9:
d3:5a:3b:85:75:bf:88:15:38:e6:b9:ed:37:f8:01:
00:84:b8:93:c4:ce:75:1d:b6:ad:e9:8b:1c:7d:1a:
02:c8:95:d6:13:2a:6d:7f:ae:b1:20:d2:22:8e:66:
07:3d:c2:1b:5f:9b:2d:8f:ad:2f:f6:e7:7f:bb:d0:
9d:15:b8:f4:12:cd:54:8e:cb:23:85:62:1a:be:79:
03:de:6a:6a:6d:9a:4c:b8:b8:86:86:eb:5a:6b:bb:
6b:c1:60:c7:b0:17:9d:c4:22:2a:54:44:90:f8:83:
cf:92:77:f2:29:c9:db:43:ca:96:46:a0:7f:3d:b8:
32:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:01:7A:23:62:5C:96:41:C3:9E:BF:B4:F5:8F:7D:15:1B:2C:93:FC
X509v3 Authority Key Identifier:
keyid:B4:C0:43:9C:79:55:51:10:2D:6F:1E:4C:EB:6D:1C:52:FB:C5:EA:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMBDnHlVURAtbx5M620cUvvF6j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/86ba02-f970-4869-be27-e8ede5a2f875/1/LQF6I2JclkHDnr-09Y99FRssk_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/86ba02-f970-4869-be27-e8ede5a2f875/1/tMBDnHlVURAtbx5M620cUvvF6j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.220.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:37:fd:5a:dc:39:28:69:73:1c:bc:e2:e8:70:71:26:15:57:
76:10:74:f7:e3:43:e4:9a:ea:02:b2:a2:6e:5a:df:db:d3:9f:
3f:96:58:bb:97:02:07:b5:d9:70:9a:3e:88:be:22:3c:a4:de:
c3:85:14:33:d3:7c:61:6c:ec:a6:f2:ca:c9:6a:70:b1:59:33:
27:46:f6:e2:47:e5:1b:88:55:30:1d:3b:e2:08:f3:c2:9a:7e:
37:46:d6:ef:50:93:3b:83:24:88:f5:01:8f:19:73:13:8c:43:
0f:a8:cf:92:b2:de:2b:5b:6a:8c:66:65:28:7b:c5:54:2d:00:
9d:7f:13:5a:77:98:42:5d:ff:ff:7e:85:93:35:cc:01:2e:14:
a4:8d:a5:e5:0a:85:e1:65:ea:47:1f:94:8a:cb:2a:7c:18:e6:
c7:33:03:67:fc:ec:2b:c5:e6:c0:d3:e6:38:7f:13:2c:66:bd:
10:90:ca:89:0d:27:ed:c0:43:ba:f5:1a:71:be:89:2a:c9:17:
30:af:5b:e4:57:15:b7:cf:9a:99:2e:7a:d7:a6:d2:64:53:f1:
1e:65:e1:d0:d4:1d:3d:c5:9b:43:fb:21:a8:4c:f1:12:22:67:
e5:60:dc:c2:8a:b4:8a:db:03:bf:8b:ad:7c:06:dc:04:c4:21:
25:97:5d:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGLUNrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGMwNDM5Yzc5NTU1MTEwMmQ2ZjFlNGNlYjZkMWM1MmZiYzVlYTNmMB4XDTIyMDEw
MTAyNTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQwMTdhMjM2MjVj
OTY0MWMzOWViZmI0ZjU4ZjdkMTUxYjJjOTNmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKw8f2rmokPlF3QPXZT6So1VpZwpTbtj6zs2V+6u6ovUTrst
bi/l5nija7ld5xulhgeewwffRJ1bIYVKJai5EN46K5RzXniU+D2xwiG3ZSqa0ju7
diDYk3OsQn/JSfGm6SvUv9L1LamvOK/ax8B1NreXCKTB90G+pDDjZUAfKURzcOC2
BG7p01o7hXW/iBU45rntN/gBAIS4k8TOdR22remLHH0aAsiV1hMqbX+usSDSIo5m
Bz3CG1+bLY+tL/bnf7vQnRW49BLNVI7LI4ViGr55A95qam2aTLi4hobrWmu7a8Fg
x7AXncQiKlREkPiDz5J38inJ20PKlkagfz24MkUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtAXojYlyWQcOev7T1j30VGyyT/DAfBgNVHSMEGDAWgBS0wEOceVVREC1v
HkzrbRxS+8XqPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RNQkRuSGxWVVJBdGJ4NU02MjBjVXZ2RjZqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvODZiYTAyLWY5NzAtNDg2OS1iZTI3LWU4ZWRlNWEyZjg3NS8x
L0xRRjZJMkpjbGtIRG5yLTA5WTk5RlJzc2tfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ODZiYTAyLWY5NzAtNDg2OS1iZTI3LWU4ZWRlNWEyZjg3NS8xL3RNQkRuSGxWVVJB
dGJ4NU02MjBjVXZ2RjZqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvu3DANBgkqhkiG9w0BAQsFAAOC
AQEAGzf9Wtw5KGlzHLzi6HBxJhVXdhB09+ND5JrqArKiblrf29OfP5ZYu5cCB7XZ
cJo+iL4iPKTew4UUM9N8YWzspvLKyWpwsVkzJ0b24kflG4hVMB074gjzwpp+N0bW
71CTO4MkiPUBjxlzE4xDD6jPkrLeK1tqjGZlKHvFVC0AnX8TWneYQl3//36FkzXM
AS4UpI2l5QqF4WXqRx+UissqfBjmxzMDZ/zsK8XmwNPmOH8TLGa9EJDKiQ0n7cBD
uvUacb6JKskXMK9b5FcVt8+amS5616bSZFPxHmXh0NQdPcWbQ/shqEzxEiJn5WDc
woq0itsDv4utfAbcBMQhJZddcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:34 2024 by rpki-client on console-ams.rpki-client.org