Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/pRw2oTZmO4baNIkOmBhKZFljQmA.roa
File: pRw2oTZmO4baNIkOmBhKZFljQmA.roa (raw, json)
Hash identifier: a2tubkZpN/sU9Po4un8WrTPHZVAN08SS9WtqM0E5QYs=
Subject key identifier: A5:1C:36:A1:36:66:3B:86:DA:34:89:0E:98:18:4A:64:59:63:42:60
Certificate issuer: /CN=0e3c9ee1be3308fd6bd4a7c7ac2b9d910089b779
Certificate serial: 06B7CA2A
Authority key identifier: 0E:3C:9E:E1:BE:33:08:FD:6B:D4:A7:C7:AC:2B:9D:91:00:89:B7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/pRw2oTZmO4baNIkOmBhKZFljQmA.roa
Signing time: Sat 01 Jan 2022 09:02:20 +0000
ROA not before: Sat 01 Jan 2022 09:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61311
IP address blocks: 91.202.176.0/24 maxlen: 24
91.202.176.0/22 maxlen: 24
91.202.179.0/24 maxlen: 24
91.202.178.0/24 maxlen: 24
91.202.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112708138 (0x6b7ca2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e3c9ee1be3308fd6bd4a7c7ac2b9d910089b779
Validity
Not Before: Jan 1 09:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a51c36a136663b86da34890e98184a6459634260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:52:84:83:d1:28:f6:b2:5b:57:bc:86:f8:51:
82:7b:57:17:a4:d2:77:4e:33:37:fb:3d:8f:bd:e4:
69:01:ac:79:33:f6:c5:3e:37:24:12:9f:34:a6:5e:
64:4a:25:be:67:4a:12:fa:9b:19:1e:46:a5:c4:cc:
f4:02:41:d1:cd:be:fd:3e:a4:a5:d6:74:81:bc:28:
13:38:73:d9:8c:96:bf:04:b5:2b:11:6a:8f:3d:07:
34:79:02:d2:47:9a:82:c4:0f:60:0f:ea:14:2d:0e:
ff:95:d4:f1:89:e7:6c:21:ab:3c:1d:30:5d:88:02:
35:d2:c0:e2:52:ac:d4:72:2d:d4:99:08:44:ab:20:
77:17:02:12:6c:97:b8:d5:0d:60:2a:cf:6e:df:84:
e9:15:dc:24:5e:cd:96:49:d5:c2:e7:54:a6:e8:ef:
89:ff:66:8f:24:ad:ed:db:bf:ce:29:0a:3e:39:24:
c6:56:f9:91:5d:bc:23:7c:0c:3e:a0:ed:fe:b4:30:
fa:0e:90:15:c3:fc:60:95:e9:1a:07:1e:4b:85:bb:
41:2d:b4:1f:5e:1d:fc:06:ab:6a:bb:e7:18:76:68:
11:0f:88:33:6b:f3:b6:65:b2:80:02:8e:8a:f9:63:
9d:bc:e7:be:59:14:69:0f:a3:82:85:c1:23:e8:a6:
24:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1C:36:A1:36:66:3B:86:DA:34:89:0E:98:18:4A:64:59:63:42:60
X509v3 Authority Key Identifier:
keyid:0E:3C:9E:E1:BE:33:08:FD:6B:D4:A7:C7:AC:2B:9D:91:00:89:B7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/pRw2oTZmO4baNIkOmBhKZFljQmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/Djye4b4zCP1r1KfHrCudkQCJt3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.176.0/22
Signature Algorithm: sha256WithRSAEncryption
77:4f:b6:b9:76:60:0e:28:76:63:5a:80:ea:fc:8e:91:0c:e2:
ed:a5:7e:df:3c:b5:8f:c9:27:a7:f8:81:93:cb:06:1c:b5:a6:
9c:de:8f:79:fd:62:a4:76:37:e5:e4:e6:43:77:7b:17:6b:50:
1c:c7:20:98:20:16:66:25:2e:71:7d:a2:67:8a:37:dc:fb:a4:
e0:d1:8e:b8:ae:ee:ca:a9:42:7d:ce:a4:b4:39:3b:bf:33:66:
54:60:8d:63:a5:33:6a:67:d9:11:d1:c1:07:9c:c7:d6:5a:07:
ba:5e:46:f4:81:4b:34:c1:c0:02:a3:a5:5f:12:82:ef:af:75:
90:9a:ba:18:5b:38:82:df:ac:56:30:94:da:9a:9d:3e:cd:a1:
f5:9c:3e:71:6c:7b:9e:91:cc:0c:4b:28:c6:b2:e5:bc:de:ac:
78:3b:57:a2:44:5c:3a:3b:db:84:25:3d:90:c5:72:a4:24:a1:
90:b7:db:71:e2:bc:74:7a:f0:32:32:c4:db:6d:0d:18:51:00:
0e:a1:f3:43:44:b1:cf:a8:1d:e5:6a:a5:46:59:15:82:3c:54:
49:a6:55:98:2e:d0:c8:b3:ef:35:e0:61:86:46:c2:a5:53:93:
cf:d7:56:b6:18:fb:f7:ae:21:ca:d4:5d:37:47:e4:39:1f:07:
7a:a5:f3:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBrfKKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTNjOWVlMWJlMzMwOGZkNmJkNGE3YzdhYzJiOWQ5MTAwODliNzc5MB4XDTIyMDEw
MTA5MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUxYzM2YTEzNjY2
M2I4NmRhMzQ4OTBlOTgxODRhNjQ1OTYzNDI2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZShIPRKPayW1e8hvhRgntXF6TSd04zN/s9j73kaQGseTP2
xT43JBKfNKZeZEolvmdKEvqbGR5GpcTM9AJB0c2+/T6kpdZ0gbwoEzhz2YyWvwS1
KxFqjz0HNHkC0keagsQPYA/qFC0O/5XU8YnnbCGrPB0wXYgCNdLA4lKs1HIt1JkI
RKsgdxcCEmyXuNUNYCrPbt+E6RXcJF7NlknVwudUpujvif9mjySt7du/zikKPjkk
xlb5kV28I3wMPqDt/rQw+g6QFcP8YJXpGgceS4W7QS20H14d/AararvnGHZoEQ+I
M2vztmWygAKOivljnbznvlkUaQ+jgoXBI+imJD0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSlHDahNmY7hto0iQ6YGEpkWWNCYDAfBgNVHSMEGDAWgBQOPJ7hvjMI/WvU
p8esK52RAIm3eTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RqeWU0YjR6Q1AxcjFLZkhyQ3Vka1FDSnQzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvY2FhMmRhLTVlYmMtNDVjYi1iOGZlLTA4ZjNlODkwN2M0Mi8x
L3BSdzJvVFptTzRiYU5Ja09tQmhLWkZsalFtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
Y2FhMmRhLTVlYmMtNDVjYi1iOGZlLTA4ZjNlODkwN2M0Mi8xL0RqeWU0YjR6Q1Ax
cjFLZkhyQ3Vka1FDSnQzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvKsDANBgkqhkiG9w0BAQsFAAOC
AQEAd0+2uXZgDih2Y1qA6vyOkQzi7aV+3zy1j8knp/iBk8sGHLWmnN6Pef1ipHY3
5eTmQ3d7F2tQHMcgmCAWZiUucX2iZ4o33Puk4NGOuK7uyqlCfc6ktDk7vzNmVGCN
Y6UzamfZEdHBB5zH1loHul5G9IFLNMHAAqOlXxKC7691kJq6GFs4gt+sVjCU2pqd
Ps2h9Zw+cWx7npHMDEsoxrLlvN6seDtXokRcOjvbhCU9kMVypCShkLfbceK8dHrw
MjLE220NGFEADqHzQ0Sxz6gd5WqlRlkVgjxUSaZVmC7QyLPvNeBhhkbCpVOTz9dW
thj7964hytRdN0fkOR8HeqXz9w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:58 2023 by rpki-client on console-fra.rpki-client.org