Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9dac0b-0577-45e9-93da-65bbbd1f276b/1/rHzVQXliVlz3k45lS-msAtuQbwg.roa
File: rHzVQXliVlz3k45lS-msAtuQbwg.roa (raw, json)
Hash identifier: kv5HpV8PlZvGEV8u6JF0OKDFaboVSRzG9ttkzQsn5Ok=
Subject key identifier: AC:7C:D5:41:79:62:56:5C:F7:93:8E:65:4B:E9:AC:02:DB:90:6F:08
Certificate issuer: /CN=4db2ccfdd4a8ae8dda86105e4135179fe37aa50e
Certificate serial: 0185541D8318295126ED3A71370AD82F9B6C
Authority key identifier: 4D:B2:CC:FD:D4:A8:AE:8D:DA:86:10:5E:41:35:17:9F:E3:7A:A5:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TbLM_dSoro3ahhBeQTUXn-N6pQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9dac0b-0577-45e9-93da-65bbbd1f276b/1/rHzVQXliVlz3k45lS-msAtuQbwg.roa
Signing time: Tue 27 Dec 2022 15:04:58 +0000
ROA not before: Tue 27 Dec 2022 15:04:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44621
IP address blocks: 91.224.62.0/23 maxlen: 23
91.202.97.0/24 maxlen: 24
91.202.96.0/24 maxlen: 24
91.202.98.0/24 maxlen: 24
91.202.99.0/24 maxlen: 24
91.206.130.0/24 maxlen: 24
91.206.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:54:1d:83:18:29:51:26:ed:3a:71:37:0a:d8:2f:9b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4db2ccfdd4a8ae8dda86105e4135179fe37aa50e
Validity
Not Before: Dec 27 15:04:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac7cd5417962565cf7938e654be9ac02db906f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:79:a3:1f:f0:bb:27:85:4b:b9:87:eb:66:
79:15:35:c2:6d:91:8d:65:87:2d:d3:33:91:1f:ef:
dd:87:49:c2:03:af:b9:05:d9:41:3b:a8:1a:82:96:
d5:77:f0:d4:7d:cd:95:2e:8f:04:a3:7f:28:0f:4c:
d4:47:a3:f5:10:96:e3:60:68:5d:e3:d0:39:2d:de:
e4:e1:68:95:75:5b:c9:e8:90:f6:40:05:3d:e5:5a:
75:b9:d2:fb:1f:25:7c:6d:9d:1c:2b:02:4a:a0:1c:
73:a0:95:e5:b1:df:39:95:d9:d8:a1:8a:22:ab:58:
03:d9:37:fc:e8:53:5c:97:19:8a:3f:f1:d0:2a:b6:
b4:cc:0f:8a:eb:e6:39:22:b1:6a:5b:40:be:6f:4f:
d4:71:78:ec:ac:48:c2:be:ae:ce:44:09:74:c1:d4:
d6:ad:72:ff:54:4e:c3:d0:d5:d9:11:8f:79:2f:0a:
39:be:b5:51:0b:d3:da:aa:82:ea:df:e5:00:0c:16:
03:6e:76:32:81:d1:ec:47:50:05:d1:ce:9a:f3:3e:
86:9b:71:4f:f0:3b:e4:0e:bf:82:23:b5:ca:82:34:
89:5f:bc:62:23:2e:f1:a4:b1:16:a6:b2:61:e0:88:
1f:0d:c6:20:1a:95:0e:59:d0:5f:3d:f6:3b:b1:a2:
59:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7C:D5:41:79:62:56:5C:F7:93:8E:65:4B:E9:AC:02:DB:90:6F:08
X509v3 Authority Key Identifier:
keyid:4D:B2:CC:FD:D4:A8:AE:8D:DA:86:10:5E:41:35:17:9F:E3:7A:A5:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TbLM_dSoro3ahhBeQTUXn-N6pQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9dac0b-0577-45e9-93da-65bbbd1f276b/1/rHzVQXliVlz3k45lS-msAtuQbwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9dac0b-0577-45e9-93da-65bbbd1f276b/1/TbLM_dSoro3ahhBeQTUXn-N6pQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.96.0/22
91.206.130.0/23
91.224.62.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:0d:11:94:30:5d:a8:5f:bd:97:7d:c2:c0:92:7f:7e:c2:e1:
89:de:57:36:d6:fd:0e:e6:cc:d5:9b:66:58:f4:bf:a4:b9:14:
ad:23:ba:e3:fa:38:fe:d8:d3:da:c4:e9:6b:98:83:a0:b3:a6:
2c:d4:74:20:5b:a3:9f:c7:1d:04:42:8e:f8:7d:9c:8e:4f:fb:
d1:d7:e3:df:d5:a6:ec:61:b1:6e:8a:f9:a0:50:d4:66:89:fb:
ec:4e:7e:13:cb:0d:bd:f3:ab:fd:88:ff:4e:b2:9b:a7:af:e7:
5e:bc:97:12:e5:de:42:3b:2a:e2:a2:f8:d0:1b:a9:5e:0d:87:
6d:89:a9:b7:7b:62:51:52:e5:71:39:59:ce:1a:11:d1:f9:53:
81:6a:aa:bb:c9:79:ab:a9:35:ee:ad:35:47:a9:53:70:79:10:
72:4d:fc:3d:c0:9f:bc:88:00:e2:ce:0b:ef:a6:3b:4c:75:a1:
39:f5:3a:1b:80:32:8b:f9:50:7e:9f:85:7b:8b:6a:4b:18:97:
76:5a:79:21:b1:2b:69:e1:45:cf:fa:82:70:ff:b4:42:cd:fd:
74:b4:16:f4:53:db:a7:13:65:cd:a9:9d:7a:d5:88:6f:16:22:
ea:2b:72:86:21:7c:d8:70:89:03:36:5d:b8:7e:22:57:23:7c:
31:24:e1:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVUHYMYKVEm7TpxNwrYL5tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYjJjY2ZkZDRhOGFlOGRkYTg2MTA1ZTQxMzUxNzlmZTM3
YWE1MGUwHhcNMjIxMjI3MTUwNDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdjZDU0MTc5NjI1NjVjZjc5MzhlNjU0YmU5YWMwMmRiOTA2ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst15ox/wuyeFS7mH62Z5FTXCbZGN
ZYct0zORH+/dh0nCA6+5BdlBO6gagpbVd/DUfc2VLo8Eo38oD0zUR6P1EJbjYGhd
49A5Ld7k4WiVdVvJ6JD2QAU95Vp1udL7HyV8bZ0cKwJKoBxzoJXlsd85ldnYoYoi
q1gD2Tf86FNclxmKP/HQKra0zA+K6+Y5IrFqW0C+b0/UcXjsrEjCvq7ORAl0wdTW
rXL/VE7D0NXZEY95Lwo5vrVRC9PaqoLq3+UADBYDbnYygdHsR1AF0c6a8z6Gm3FP
8DvkDr+CI7XKgjSJX7xiIy7xpLEWprJh4IgfDcYgGpUOWdBfPfY7saJZ8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKx81UF5YlZc95OOZUvprALbkG8IMB8GA1UdIwQY
MBaAFE2yzP3UqK6N2oYQXkE1F5/jeqUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGJMTV9kU29ybzNhaGhCZVFUVVhuLU42cFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85ZGFjMGItMDU3Ny00NWU5LTkzZGEt
NjViYmJkMWYyNzZiLzEvckh6VlFYbGlWbHozazQ1bFMtbXNBdHVRYndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85ZGFjMGItMDU3Ny00NWU5LTkzZGEtNjViYmJkMWYyNzZi
LzEvVGJMTV9kU29ybzNhaGhCZVFUVVhuLU42cFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8pgAwQB
W86CAwQBW+A+MA0GCSqGSIb3DQEBCwUAA4IBAQAaDRGUMF2oX72XfcLAkn9+wuGJ
3lc21v0O5szVm2ZY9L+kuRStI7rj+jj+2NPaxOlrmIOgs6Ys1HQgW6Ofxx0EQo74
fZyOT/vR1+Pf1absYbFuivmgUNRmifvsTn4Tyw2986v9iP9Ospunr+devJcS5d5C
OyriovjQG6leDYdtiam3e2JRUuVxOVnOGhHR+VOBaqq7yXmrqTXurTVHqVNweRBy
Tfw9wJ+8iADizgvvpjtMdaE59TobgDKL+VB+n4V7i2pLGJd2WnkhsStp4UXP+oJw
/7RCzf10tBb0U9unE2XNqZ161YhvFiLqK3KGIXzYcIkDNl24fiJXI3wxJOHA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:44 2024 by rpki-client on console-ams.rpki-client.org