Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/YuOcWzCiv7B5UtDtcdxIVel2bJo.roa
File: YuOcWzCiv7B5UtDtcdxIVel2bJo.roa (raw, json)
Hash identifier: 4tNumqqfvaevysb+1tU9kD0qnd6sWAFDXDmCNL6kvfA=
Subject key identifier: 62:E3:9C:5B:30:A2:BF:B0:79:52:D0:ED:71:DC:48:55:E9:76:6C:9A
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 49B9CA23
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/YuOcWzCiv7B5UtDtcdxIVel2bJo.roa
Signing time: Wed 04 May 2022 16:39:51 +0000
ROA not before: Wed 04 May 2022 16:39:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5433
IP address blocks: 91.151.176.0/20 maxlen: 20
91.151.186.0/24 maxlen: 24
91.151.190.0/24 maxlen: 24
91.151.189.0/24 maxlen: 24
2a01:8380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1236912675 (0x49b9ca23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 4 16:39:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62e39c5b30a2bfb07952d0ed71dc4855e9766c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:78:8b:59:42:11:04:ca:a6:97:c6:51:84:e0:
35:78:da:ca:a6:3c:f0:f1:bf:43:20:2b:1e:3d:7c:
96:7d:56:33:0d:04:56:27:28:5f:7b:22:5b:6e:fa:
2d:7a:84:37:58:5d:89:f7:15:0c:6c:2d:9d:30:99:
83:ab:bc:71:38:9b:49:b8:4a:39:72:ac:95:79:e3:
fa:9e:5d:c7:51:3c:e8:5e:18:55:60:e7:03:92:d2:
af:c7:43:35:e7:15:54:d7:2d:c8:c4:ac:07:65:f7:
13:45:2c:a8:b7:1e:7b:57:eb:06:4a:d5:b6:b0:92:
72:ee:c7:78:f1:29:c1:d0:7b:12:b9:80:d6:8b:03:
1d:6d:47:d0:59:9c:ed:cf:04:e2:01:43:0d:b2:59:
48:94:33:4b:12:e7:db:81:d1:76:9c:38:1a:4f:a5:
7e:7e:a3:3e:8e:d5:e7:78:b3:cd:83:eb:58:e4:d5:
1d:39:28:b5:f9:21:67:e8:35:d8:da:16:4c:61:b7:
7d:49:4e:0b:48:16:34:7b:30:bd:52:49:1f:66:1e:
eb:ae:9f:06:4f:14:b9:9d:c1:42:21:0e:c4:ae:c7:
4c:13:61:29:51:b0:2c:79:7b:a4:cd:8a:d5:e7:f0:
0a:01:44:5c:15:20:b2:46:6c:d6:6e:ec:24:77:f1:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E3:9C:5B:30:A2:BF:B0:79:52:D0:ED:71:DC:48:55:E9:76:6C:9A
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/YuOcWzCiv7B5UtDtcdxIVel2bJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.176.0/20
IPv6:
2a01:8380::/32
Signature Algorithm: sha256WithRSAEncryption
00:05:54:1b:b7:59:ab:0a:18:fa:e6:25:b1:c7:22:4a:dc:d2:
da:07:e3:bd:56:12:ca:58:1d:2c:e6:74:e3:11:73:18:49:89:
ff:80:ec:b9:66:21:e8:a4:32:cf:c7:19:eb:ee:d8:d5:38:b7:
32:4a:df:ae:e3:65:f1:b3:3d:61:a3:cb:58:17:a9:bb:58:4b:
ba:e0:a0:f0:6e:d5:e4:75:eb:c8:c3:8c:8b:fd:55:07:63:ae:
a5:ac:1e:35:40:fc:85:04:57:d5:a4:a1:13:65:17:29:12:2c:
7f:6b:30:d0:e0:02:ad:4e:50:bc:cf:6b:67:ca:5c:e0:ff:49:
f5:f1:6f:78:c5:02:a6:eb:14:30:a5:da:4b:29:49:94:72:20:
b0:ca:3a:0b:c4:2f:84:49:bb:45:6a:80:86:1c:b1:10:23:e4:
ca:b8:95:24:07:2b:0c:6e:6e:11:51:dd:31:74:cf:d4:8b:a0:
9d:ba:76:63:89:e6:33:29:dd:b6:e5:40:cd:c5:e2:b8:00:61:
0e:a9:40:26:47:8e:54:14:b6:47:ee:ca:9f:aa:1b:6c:91:93:
2e:16:0f:31:01:b4:b2:ac:e9:5b:be:e6:4b:b5:79:0c:83:25:
d8:d4:03:81:bc:d1:9e:6e:e9:a4:aa:56:02:98:64:77:3d:43:
3e:81:13:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIESbnKIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDUw
NDE2Mzk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJlMzljNWIzMGEy
YmZiMDc5NTJkMGVkNzFkYzQ4NTVlOTc2NmM5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJV4i1lCEQTKppfGUYTgNXjayqY88PG/QyArHj18ln1WMw0E
VicoX3siW276LXqEN1hdifcVDGwtnTCZg6u8cTibSbhKOXKslXnj+p5dx1E86F4Y
VWDnA5LSr8dDNecVVNctyMSsB2X3E0UsqLcee1frBkrVtrCScu7HePEpwdB7ErmA
1osDHW1H0Fmc7c8E4gFDDbJZSJQzSxLn24HRdpw4Gk+lfn6jPo7V53izzYPrWOTV
HTkotfkhZ+g12NoWTGG3fUlOC0gWNHswvVJJH2Ye666fBk8UuZ3BQiEOxK7HTBNh
KVGwLHl7pM2K1efwCgFEXBUgskZs1m7sJHfxorUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRi45xbMKK/sHlS0O1x3EhV6XZsmjAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L1l1T2NXekNpdjdCNVV0RHRjZHhJVmVsMmJKby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBFuXsDANBAIAAjAHAwUAKgGDgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAAVUG7dZqwoY+uYlscciStzS2gfjvVYSylgdLOZ0
4xFzGEmJ/4DsuWYh6KQyz8cZ6+7Y1Ti3MkrfruNl8bM9YaPLWBepu1hLuuCg8G7V
5HXryMOMi/1VB2OupaweNUD8hQRX1aShE2UXKRIsf2sw0OACrU5QvM9rZ8pc4P9J
9fFveMUCpusUMKXaSylJlHIgsMo6C8QvhEm7RWqAhhyxECPkyriVJAcrDG5uEVHd
MXTP1Iugnbp2Y4nmMyndtuVAzcXiuABhDqlAJkeOVBS2R+7Kn6obbJGTLhYPMQG0
sqzpW77mS7V5DIMl2NQDgbzRnm7ppKpWAphkdz1DPoETwA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org