Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa
File: 1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa (raw, json)
Hash identifier: UCiwaSRl4Fh/4u+rPsmtpWeNFNyu9R/gqnqEyuPVxaU=
Subject key identifier: FA:CF:2E:F8:68:2F:86:07:E5:AF:12:A6:C2:96:EF:C3:95:01:2A:BF
Certificate issuer: /CN=b811f8ce6dd0cc480f097540563920aea3d66396
Certificate serial: 01412499
Authority key identifier: B8:11:F8:CE:6D:D0:CC:48:0F:09:75:40:56:39:20:AE:A3:D6:63:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBH4zm3QzEgPCXVAVjkgrqPWY5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa
Signing time: Sat 01 Jan 2022 05:03:51 +0000
ROA not before: Sat 01 Jan 2022 05:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.205.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21046425 (0x1412499)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b811f8ce6dd0cc480f097540563920aea3d66396
Validity
Not Before: Jan 1 05:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=facf2ef8682f8607e5af12a6c296efc395012abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f6:d1:d5:9a:c2:78:ae:0d:a2:6d:5e:58:70:
84:37:6b:10:de:43:8c:de:99:da:b2:67:38:3b:17:
37:2e:1b:27:64:24:6a:26:5f:5a:df:75:32:10:6d:
6c:3a:18:7b:b1:51:e8:cc:7e:5d:77:69:09:15:6a:
6d:1c:fe:54:d0:9e:d1:f2:e9:99:2e:3f:f4:94:1a:
4b:2e:37:e7:6c:f2:0b:f1:33:61:5d:d3:ac:f9:96:
58:68:89:86:92:19:6a:47:01:34:62:f2:e7:51:ab:
3a:59:c6:41:00:88:46:30:51:83:e3:28:9c:1e:e3:
d9:7d:7f:10:29:fe:73:53:01:ad:f7:24:ee:a6:31:
95:9a:d3:02:d0:db:1c:87:3d:4f:4a:f9:88:1b:ee:
20:4f:19:ed:68:78:55:9f:a5:9a:a1:0e:a3:03:22:
37:2a:46:94:53:cf:d3:e7:df:da:f0:cc:f2:b7:ad:
9f:7a:15:60:17:e8:75:cc:ff:d8:ec:cc:82:8a:ac:
45:d4:fc:39:67:a0:24:e1:a2:9e:6e:b4:66:dc:2b:
e7:db:12:f8:87:bb:24:2a:a9:05:8e:06:65:4f:c1:
eb:16:58:5c:3b:6b:1b:a5:18:0c:a3:16:ca:09:5c:
d2:1e:14:a1:23:73:90:b7:2e:87:e5:6a:59:9a:61:
ec:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CF:2E:F8:68:2F:86:07:E5:AF:12:A6:C2:96:EF:C3:95:01:2A:BF
X509v3 Authority Key Identifier:
keyid:B8:11:F8:CE:6D:D0:CC:48:0F:09:75:40:56:39:20:AE:A3:D6:63:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBH4zm3QzEgPCXVAVjkgrqPWY5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/uBH4zm3QzEgPCXVAVjkgrqPWY5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.223.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a4:05:aa:1c:fa:0e:60:df:ec:a5:ff:66:dc:cd:f3:a1:85:
c7:ce:8f:1a:75:f8:36:17:0c:d5:f3:d2:7e:72:fd:d0:0d:88:
ba:d6:37:5e:03:9b:8b:f4:0f:4e:0a:a0:8e:3c:98:e3:a8:f2:
0a:41:6d:1a:a9:58:76:bd:b2:86:ac:08:db:ed:dc:b9:f5:ac:
a9:c0:f6:5c:5c:e0:cc:42:a9:2b:7f:e0:fb:24:c0:71:7f:bd:
53:85:84:bd:fc:77:30:bd:99:e6:92:28:5a:79:14:22:ce:8e:
8b:b3:35:0f:e2:1c:72:48:a4:fb:90:fe:e4:64:70:d1:56:4b:
0e:7e:47:03:73:c5:1c:94:a6:96:bd:ef:31:bf:31:93:0f:87:
b8:09:fd:03:c3:8a:df:b1:8d:3c:f3:28:da:44:8c:dd:83:8f:
4c:56:8a:bb:70:0c:4e:e5:21:ac:04:0d:9b:ac:e6:5e:63:58:
e6:82:8c:99:bf:69:df:66:09:19:7d:33:8a:f8:ba:1f:81:b2:
6e:44:c9:77:f0:de:8f:64:d6:7e:3d:d8:2a:75:f1:c1:f7:9f:
5c:4f:13:d1:25:4e:87:8a:89:2f:e4:0d:fa:2d:de:08:09:9f:
20:7a:3e:c7:a4:f9:60:3b:3c:da:0c:50:8a:b5:d4:8c:be:a0:
77:71:d4:60
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAUEkmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODExZjhjZTZkZDBjYzQ4MGYwOTc1NDA1NjM5MjBhZWEzZDY2Mzk2MB4XDTIyMDEw
MTA1MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFjZjJlZjg2ODJm
ODYwN2U1YWYxMmE2YzI5NmVmYzM5NTAxMmFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKn20dWawniuDaJtXlhwhDdrEN5DjN6Z2rJnODsXNy4bJ2Qk
aiZfWt91MhBtbDoYe7FR6Mx+XXdpCRVqbRz+VNCe0fLpmS4/9JQaSy4352zyC/Ez
YV3TrPmWWGiJhpIZakcBNGLy51GrOlnGQQCIRjBRg+MonB7j2X1/ECn+c1MBrfck
7qYxlZrTAtDbHIc9T0r5iBvuIE8Z7Wh4VZ+lmqEOowMiNypGlFPP0+ff2vDM8ret
n3oVYBfodcz/2OzMgoqsRdT8OWegJOGinm60Ztwr59sS+Ie7JCqpBY4GZU/B6xZY
XDtrG6UYDKMWyglc0h4UoSNzkLcuh+VqWZph7L8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6zy74aC+GB+WvEqbClu/DlQEqvzAfBgNVHSMEGDAWgBS4EfjObdDMSA8J
dUBWOSCuo9ZjljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VCSDR6bTNRekVnUENYVkFWamtncnFQV1k1WS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYTM3ZGEyLTc1NzUtNGNiOC04NGE1LWY5Y2MyNzgzMmY1YS8x
LzEtczh1LUdndmhnZmxyeEttd3Bidnc1VUJLcjgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFk
L2EzN2RhMi03NTc1LTRjYjgtODRhNS1mOWNjMjc4MzJmNWEvMS91Qkg0em0zUXpF
Z1BDWFZBVmprZ3JxUFdZNVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbzd8wDQYJKoZIhvcNAQELBQAD
ggEBAACkBaoc+g5g3+yl/2bczfOhhcfOjxp1+DYXDNXz0n5y/dANiLrWN14Dm4v0
D04KoI48mOOo8gpBbRqpWHa9soasCNvt3Ln1rKnA9lxc4MxCqSt/4PskwHF/vVOF
hL38dzC9meaSKFp5FCLOjouzNQ/iHHJIpPuQ/uRkcNFWSw5+RwNzxRyUppa97zG/
MZMPh7gJ/QPDit+xjTzzKNpEjN2Dj0xWirtwDE7lIawEDZus5l5jWOaCjJm/ad9m
CRl9M4r4uh+Bsm5EyXfw3o9k1n492Cp18cH3n1xPE9ElToeKiS/kDfot3ggJnyB6
Psek+WA7PNoMUIq11Iy+oHdx1GA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:01 2023 by rpki-client on console-fra.rpki-client.org