Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aNqJixGc8EjtR9D5c_DFJ8G9-Ao.roa
File: aNqJixGc8EjtR9D5c_DFJ8G9-Ao.roa (raw, json)
Hash identifier: t1P/zitqz7NLUJrO9NgJx2EsYlB+yA4VzTE2ZkC0ZUw=
Subject key identifier: 68:DA:89:8B:11:9C:F0:48:ED:47:D0:F9:73:F0:C5:27:C1:BD:F8:0A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018526CAAE9CFC45890532C17EB98E0CA74E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aNqJixGc8EjtR9D5c_DFJ8G9-Ao.roa
Signing time: Sun 18 Dec 2022 19:51:35 +0000
ROA not before: Sun 18 Dec 2022 19:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 109.122.44.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:26:ca:ae:9c:fc:45:89:05:32:c1:7e:b9:8e:0c:a7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 18 19:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68da898b119cf048ed47d0f973f0c527c1bdf80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6b:0d:2b:98:ec:ad:9f:d3:c3:ac:87:24:4b:
07:d8:7a:d1:fd:94:29:27:69:5a:dd:be:6f:4c:e9:
19:20:b2:ec:23:80:b1:89:0f:d9:19:3b:35:fb:81:
e6:38:2e:a1:1b:a2:a3:4b:8a:89:d4:91:88:0c:ce:
14:49:80:76:7e:c4:68:c1:20:6e:7f:87:80:3e:40:
a8:02:0c:92:4c:93:83:b5:7c:2c:ca:a5:eb:a7:4e:
f5:9d:1f:fd:64:34:3d:49:e0:c9:30:c7:10:9a:36:
23:30:63:93:e6:58:a7:5f:8c:f5:59:71:a1:7e:c7:
c4:cc:eb:ac:a5:7c:32:64:52:f8:95:a4:22:f8:ba:
fe:06:23:9a:01:f0:78:a5:a6:b2:39:35:d1:73:2e:
9d:fe:c7:50:26:be:8d:5f:77:bb:d6:2a:82:aa:8a:
3b:37:e4:87:9f:cf:52:19:91:f1:88:b9:05:03:90:
e2:c4:0d:1b:dd:b0:32:58:2a:45:36:d8:ee:dd:d0:
bf:ab:2b:2d:a9:21:9b:28:a2:41:e5:e8:ed:65:33:
c7:2e:b1:be:56:9e:55:0d:1d:36:3b:85:87:7e:f1:
3c:3f:16:9a:cb:03:c7:64:18:d3:55:7f:09:df:77:
1e:1d:55:a3:f6:9b:ce:3d:7e:a5:e5:42:77:0a:fb:
f4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DA:89:8B:11:9C:F0:48:ED:47:D0:F9:73:F0:C5:27:C1:BD:F8:0A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aNqJixGc8EjtR9D5c_DFJ8G9-Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.57.0/24
91.226.59.0/24
109.122.44.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
09:79:82:51:4b:62:e7:34:24:15:f7:a5:36:22:e2:9b:cd:3d:
69:99:a0:2a:8d:f4:c8:7c:c6:ee:ab:7a:96:bb:59:6b:0e:93:
61:4b:70:d3:f6:1e:24:c6:6f:b8:23:cc:fa:3e:5e:ac:b8:77:
be:a8:dd:fd:c9:cb:f9:e2:e7:63:17:66:f5:5b:14:d8:1f:2a:
f7:a1:51:5f:87:ea:86:b3:67:3d:c7:35:1e:a8:c9:23:fb:4e:
3e:44:e0:12:02:ef:b0:20:2d:33:e9:1b:9a:56:f4:87:ea:0e:
41:fb:b0:2c:fb:3f:68:55:21:2f:bd:bb:6c:6c:4d:05:45:74:
aa:6f:9b:66:17:05:69:94:aa:a6:91:cd:ab:79:c9:d7:fa:0c:
67:10:fa:3d:86:a3:93:0b:4c:39:f2:1f:35:09:fe:95:5d:6d:
43:29:6b:2c:c8:8c:89:31:0f:7f:de:c4:80:a7:b1:68:13:a4:
1b:03:58:6f:94:ae:f4:5c:de:86:b2:24:10:d5:fd:aa:2e:8f:
95:61:68:96:7c:c3:a1:ca:78:d4:01:0e:59:2e:65:30:8f:92:
a9:0f:57:7e:7b:a5:87:cb:e4:29:63:0b:9c:28:71:3e:e6:7f:
49:76:7b:96:55:89:ff:27:0a:0f:5b:40:cd:94:b9:0b:5f:84:
a0:19:5b:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUmyq6c/EWJBTLBfrmODKdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIxMjE4MTk1MTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRhODk4YjExOWNmMDQ4ZWQ0N2QwZjk3M2YwYzUyN2MxYmRmODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGsNK5jsrZ/Tw6yHJEsH2HrR/ZQp
J2la3b5vTOkZILLsI4CxiQ/ZGTs1+4HmOC6hG6KjS4qJ1JGIDM4USYB2fsRowSBu
f4eAPkCoAgySTJODtXwsyqXrp071nR/9ZDQ9SeDJMMcQmjYjMGOT5linX4z1WXGh
fsfEzOuspXwyZFL4laQi+Lr+BiOaAfB4paayOTXRcy6d/sdQJr6NX3e71iqCqoo7
N+SHn89SGZHxiLkFA5DixA0b3bAyWCpFNtju3dC/qystqSGbKKJB5ejtZTPHLrG+
Vp5VDR02O4WHfvE8PxaaywPHZBjTVX8J33ceHVWj9pvOPX6l5UJ3Cvv05wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGjaiYsRnPBI7UfQ+XPwxSfBvfgKMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYU5xSml4R2M4RWp0UjlENWNfREZKOEc5LUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+I5AwQA
W+I7AwQAbXosAwQAwV00MA0GCSqGSIb3DQEBCwUAA4IBAQAJeYJRS2LnNCQV96U2
IuKbzT1pmaAqjfTIfMbuq3qWu1lrDpNhS3DT9h4kxm+4I8z6Pl6suHe+qN39ycv5
4udjF2b1WxTYHyr3oVFfh+qGs2c9xzUeqMkj+04+ROASAu+wIC0z6RuaVvSH6g5B
+7As+z9oVSEvvbtsbE0FRXSqb5tmFwVplKqmkc2recnX+gxnEPo9hqOTC0w58h81
Cf6VXW1DKWssyIyJMQ9/3sSAp7FoE6QbA1hvlK70XN6GsiQQ1f2qLo+VYWiWfMOh
ynjUAQ5ZLmUwj5KpD1d+e6WHy+QpYwucKHE+5n9JdnuWVYn/JwoPW0DNlLkLX4Sg
GVvA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org