Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/rBLRqwv_zKj069S6EG0w1d0UgaY.roa
File: rBLRqwv_zKj069S6EG0w1d0UgaY.roa (raw, json)
Hash identifier: 1ism+9ZqQViM8wr4Uxr3kvxLxSaJumDBfFn5qMPd24U=
Subject key identifier: AC:12:D1:AB:0B:FF:CC:A8:F4:EB:D4:BA:10:6D:30:D5:DD:14:81:A6
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0184FD32A401A734C930684D3B8156C7AD52
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/rBLRqwv_zKj069S6EG0w1d0UgaY.roa
Signing time: Sat 10 Dec 2022 18:01:05 +0000
ROA not before: Sat 10 Dec 2022 18:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.221.116.0/23 maxlen: 24
91.221.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fd:32:a4:01:a7:34:c9:30:68:4d:3b:81:56:c7:ad:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Dec 10 18:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac12d1ab0bffcca8f4ebd4ba106d30d5dd1481a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d1:7c:d5:8b:52:cd:25:e3:66:6a:59:f3:09:
19:2b:17:98:13:36:8f:f9:6f:f2:7a:84:a1:65:58:
ec:5c:b6:47:13:99:14:c8:2d:d9:ce:0e:d0:0e:7d:
e0:ba:7e:e3:7b:0b:a7:22:ca:42:77:8f:fa:92:b9:
57:f8:c9:28:e5:21:6d:67:3e:a7:94:39:f1:7a:fc:
17:47:73:3b:c5:00:10:75:ec:a5:9e:6b:d9:09:c2:
18:b8:f8:96:6c:8d:eb:ac:81:eb:f6:46:e7:31:9f:
c1:21:e4:4f:2c:96:85:36:1e:7b:56:cd:d2:84:2d:
d7:75:c0:10:45:78:28:ca:50:52:b9:45:1f:e7:cf:
58:ae:07:d2:ec:d1:66:5a:26:2d:c9:a2:8f:cf:d9:
7f:79:7e:5d:1f:00:18:e3:45:84:06:1c:79:f6:b3:
21:d6:12:b1:2c:18:69:81:d9:7e:0a:e5:de:f1:97:
b5:7d:92:98:de:55:c2:0c:d1:8b:84:f3:53:97:b1:
db:a1:5d:39:2f:a0:5b:44:0d:9d:fa:a4:d2:a9:18:
28:c8:0a:f8:57:33:47:ea:5a:d8:61:a7:43:7b:c4:
25:c5:2c:b7:68:f8:28:db:bb:71:09:47:52:75:7f:
88:60:b8:bd:1f:fc:05:92:de:d0:d2:39:92:0f:d1:
01:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:12:D1:AB:0B:FF:CC:A8:F4:EB:D4:BA:10:6D:30:D5:DD:14:81:A6
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/rBLRqwv_zKj069S6EG0w1d0UgaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/23
91.221.232.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7a:05:b1:cb:6f:89:81:04:54:36:0c:a9:a3:69:96:38:96:
22:dd:1e:7b:6e:7b:bd:f6:57:8a:ec:6c:5b:7b:cd:02:e8:b7:
61:1c:f1:8f:51:a7:fd:2a:c3:78:8a:d1:51:ed:0d:be:f4:eb:
df:39:be:df:61:f4:49:2f:ea:7b:a9:b2:04:09:53:bc:f7:a1:
f4:55:82:f5:98:28:7f:4c:29:a5:1a:31:eb:35:c7:30:8c:65:
74:f3:f5:5b:2c:02:38:04:a2:43:f0:83:67:97:6c:6a:84:33:
5b:31:b4:f4:dd:53:fe:88:69:c2:c9:da:79:20:e7:44:f9:91:
23:da:d9:25:68:27:32:fb:17:72:08:7b:4f:ca:b7:89:56:22:
4e:d4:5b:1a:7a:ab:cd:32:71:6a:40:0f:03:73:e0:4f:ac:8a:
38:83:1a:68:02:c4:7e:d9:e4:6a:4e:46:bc:2c:91:01:ee:43:
25:a0:6c:9e:4a:76:c9:82:cf:f4:c3:d0:e4:60:4e:8f:a9:bd:
e9:ee:46:9b:3c:45:db:ab:c0:cc:2a:aa:5c:23:d4:9b:c7:e9:
5f:ae:2e:f0:c0:9f:1b:b5:6b:72:46:84:9d:ee:48:2c:96:1d:
0d:1a:cd:4c:ab:83:0e:38:62:78:45:c0:0e:8f:69:b5:88:dc:
57:39:73:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYT9MqQBpzTJMGhNO4FWx61SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjIxMjEwMTgwMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzEyZDFhYjBiZmZjY2E4ZjRlYmQ0YmExMDZkMzBkNWRkMTQ4MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztF81YtSzSXjZmpZ8wkZKxeYEzaP
+W/yeoShZVjsXLZHE5kUyC3Zzg7QDn3gun7jewunIspCd4/6krlX+Mko5SFtZz6n
lDnxevwXR3M7xQAQdeylnmvZCcIYuPiWbI3rrIHr9kbnMZ/BIeRPLJaFNh57Vs3S
hC3XdcAQRXgoylBSuUUf589YrgfS7NFmWiYtyaKPz9l/eX5dHwAY40WEBhx59rMh
1hKxLBhpgdl+CuXe8Ze1fZKY3lXCDNGLhPNTl7HboV05L6BbRA2d+qTSqRgoyAr4
VzNH6lrYYadDe8QlxSy3aPgo27txCUdSdX+IYLi9H/wFkt7Q0jmSD9EBMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKwS0asL/8yo9OvUuhBtMNXdFIGmMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvckJMUnF3dl96S2owNjlTNkVHMHcxZDBVZ2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW910AwQA
W93oMA0GCSqGSIb3DQEBCwUAA4IBAQBNegWxy2+JgQRUNgypo2mWOJYi3R57bnu9
9leK7Gxbe80C6LdhHPGPUaf9KsN4itFR7Q2+9OvfOb7fYfRJL+p7qbIECVO896H0
VYL1mCh/TCmlGjHrNccwjGV08/VbLAI4BKJD8INnl2xqhDNbMbT03VP+iGnCydp5
IOdE+ZEj2tklaCcy+xdyCHtPyreJViJO1FsaeqvNMnFqQA8Dc+BPrIo4gxpoAsR+
2eRqTka8LJEB7kMloGyeSnbJgs/0w9DkYE6Pqb3p7kabPEXbq8DMKqpcI9Sbx+lf
ri7wwJ8btWtyRoSd7kgslh0NGs1Mq4MOOGJ4RcAOj2m1iNxXOXMe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org