Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/IKWrAT4mvOF4Wx7ptn15i-whsfE.roa
File: IKWrAT4mvOF4Wx7ptn15i-whsfE.roa (raw, json)
Hash identifier: O0vYcCCUseW6scXJsh0SoA/4tdV2OZA78ej/MZfwooA=
Subject key identifier: 20:A5:AB:01:3E:26:BC:E1:78:5B:1E:E9:B6:7D:79:8B:EC:21:B1:F1
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0184F5CA82D6555FDA38CF8B10AC3EF99EC9
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/IKWrAT4mvOF4Wx7ptn15i-whsfE.roa
Signing time: Fri 09 Dec 2022 07:30:00 +0000
ROA not before: Fri 09 Dec 2022 07:30:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34686
IP address blocks: 91.216.32.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:ca:82:d6:55:5f:da:38:cf:8b:10:ac:3e:f9:9e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Dec 9 07:30:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20a5ab013e26bce1785b1ee9b67d798bec21b1f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fc:6d:e9:38:26:76:c2:38:f0:47:2c:9c:9f:
d3:de:41:88:c5:98:0c:68:d8:ed:06:6a:74:30:8a:
69:d3:8d:45:e5:d0:a8:5d:5e:61:c0:b4:e0:5b:e1:
ea:19:1c:3c:6f:12:da:bf:aa:f1:4d:74:ae:a0:8b:
b4:44:0d:53:4c:43:83:d9:4b:a2:52:d0:91:b0:07:
21:ff:b9:42:78:6f:1b:8b:5b:71:75:18:b4:1f:32:
83:d6:94:b0:fa:1b:e7:58:2b:5a:85:82:a9:1c:d5:
c8:74:07:92:6c:94:12:6d:b6:89:09:20:9f:36:8a:
a3:ed:74:c1:f0:bb:9a:dd:40:35:4b:e3:7c:38:0c:
25:15:64:7d:25:44:01:58:9f:6e:c4:60:74:8b:cf:
47:2b:ea:33:9c:95:48:64:a3:4d:4d:c3:f8:a6:0f:
07:28:dc:aa:1b:aa:71:64:7d:09:40:03:67:93:53:
7b:d8:c2:20:7c:f6:e7:b4:7a:88:6b:46:6e:1a:63:
5f:90:43:5e:e7:79:d4:2f:42:6e:f4:6d:42:77:9f:
f2:89:98:22:fd:6e:c1:d3:58:3e:ef:3c:a3:40:db:
51:6a:41:e0:17:67:e4:13:0d:06:1b:1c:5a:ea:3f:
76:7e:d5:0d:28:50:5e:5f:01:3c:bd:48:d5:cc:79:
9c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A5:AB:01:3E:26:BC:E1:78:5B:1E:E9:B6:7D:79:8B:EC:21:B1:F1
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/IKWrAT4mvOF4Wx7ptn15i-whsfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.32.0/24
IPv6:
2001:67c:1084::/48
Signature Algorithm: sha256WithRSAEncryption
13:62:8c:64:23:b6:37:09:50:70:4b:b9:5c:ab:75:6c:44:6e:
ff:dd:e3:83:9d:cc:e1:25:a1:31:81:ba:6a:1e:ff:e3:fc:a3:
a6:91:a3:cc:e5:10:91:9d:9b:fd:9e:04:a9:9a:fe:de:12:f1:
d8:68:1f:44:12:0d:99:5a:7d:98:36:38:bf:e9:3d:8f:d1:b1:
2a:16:f7:55:35:a2:ad:84:90:9d:6a:c7:d3:73:e5:ff:5f:00:
b7:f1:02:8a:a0:20:30:05:a9:f6:d7:c8:28:e5:27:c4:be:ca:
e0:84:52:f1:6e:17:7e:a2:56:3d:a5:cd:b6:f7:7f:e3:50:bb:
b0:ee:19:fe:f0:ef:3d:ef:6d:91:87:54:2a:82:a3:c6:39:15:
0e:5f:7f:5c:13:b9:e3:23:fe:29:7b:01:8b:5d:69:38:3e:bf:
52:fb:8c:f4:10:9f:dc:ae:55:f3:69:84:41:db:1b:a0:4d:a6:
7a:ec:68:ae:f4:d0:f5:f2:d7:04:6e:c5:b3:8b:2e:9d:cd:e0:
14:28:7a:10:96:d5:f4:57:07:e7:5f:44:51:f6:fa:17:62:d0:
24:4a:d8:80:15:3d:ba:a3:1d:3a:cf:bd:3c:10:04:e0:a5:a6:
59:75:25:4b:76:0c:2c:df:9c:36:ab:68:0e:8a:b9:19:0e:47:
f1:2b:7a:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYT1yoLWVV/aOM+LEKw++Z7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjIxMjA5MDczMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE1YWIwMTNlMjZiY2UxNzg1YjFlZTliNjdkNzk4YmVjMjFiMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfxt6TgmdsI48EcsnJ/T3kGIxZgM
aNjtBmp0MIpp041F5dCoXV5hwLTgW+HqGRw8bxLav6rxTXSuoIu0RA1TTEOD2Uui
UtCRsAch/7lCeG8bi1txdRi0HzKD1pSw+hvnWCtahYKpHNXIdAeSbJQSbbaJCSCf
Noqj7XTB8Lua3UA1S+N8OAwlFWR9JUQBWJ9uxGB0i89HK+oznJVIZKNNTcP4pg8H
KNyqG6pxZH0JQANnk1N72MIgfPbntHqIa0ZuGmNfkENe53nUL0Ju9G1Cd5/yiZgi
/W7B01g+7zyjQNtRakHgF2fkEw0GGxxa6j92ftUNKFBeXwE8vUjVzHmcoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCClqwE+JrzheFse6bZ9eYvsIbHxMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvSUtXckFUNG12T0Y0V3g3cHRuMTVpLXdoc2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9ggMA8E
AgACMAkDBwAgAQZ8EIQwDQYJKoZIhvcNAQELBQADggEBABNijGQjtjcJUHBLuVyr
dWxEbv/d44OdzOEloTGBumoe/+P8o6aRo8zlEJGdm/2eBKma/t4S8dhoH0QSDZla
fZg2OL/pPY/RsSoW91U1oq2EkJ1qx9Nz5f9fALfxAoqgIDAFqfbXyCjlJ8S+yuCE
UvFuF36iVj2lzbb3f+NQu7DuGf7w7z3vbZGHVCqCo8Y5FQ5ff1wTueMj/il7AYtd
aTg+v1L7jPQQn9yuVfNphEHbG6BNpnrsaK700PXy1wRuxbOLLp3N4BQoehCW1fRX
B+dfRFH2+hdi0CRK2IAVPbqjHTrPvTwQBOClpll1JUt2DCzfnDaraA6KuRkOR/Er
eqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:34 2024 by rpki-client on console-fra.rpki-client.org