Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/dYY398VJHw8CSCexEyfHaQh_GhE.roa
File: dYY398VJHw8CSCexEyfHaQh_GhE.roa (raw, json)
Hash identifier: QiUkA8/6TrXcK7PgMfF9agVAGgthcqQBDn9/aI4BVro=
Subject key identifier: 75:86:37:F7:C5:49:1F:0F:02:48:27:B1:13:27:C7:69:08:7F:1A:11
Certificate issuer: /CN=a90200a0000df5d845b9db284d0a2dbee676c5a8
Certificate serial: 9F8D14
Authority key identifier: A9:02:00:A0:00:0D:F5:D8:45:B9:DB:28:4D:0A:2D:BE:E6:76:C5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/dYY398VJHw8CSCexEyfHaQh_GhE.roa
Signing time: Sat 01 Jan 2022 03:00:46 +0000
ROA not before: Sat 01 Jan 2022 03:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8870
IP address blocks: 91.222.67.0/24 maxlen: 24
91.222.66.0/24 maxlen: 24
91.197.130.0/24 maxlen: 24
91.197.128.0/23 maxlen: 23
91.197.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10456340 (0x9f8d14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a90200a0000df5d845b9db284d0a2dbee676c5a8
Validity
Not Before: Jan 1 03:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=758637f7c5491f0f024827b11327c769087f1a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:23:e6:6f:85:da:31:92:79:35:18:35:1c:f0:
77:91:70:2d:1b:02:1a:9f:42:5a:07:41:b2:9e:e8:
b2:79:e4:08:4d:e5:a9:2d:83:d3:6a:af:08:d1:29:
2f:69:f3:7a:87:c0:63:1a:11:fd:c6:1d:b3:79:00:
80:d7:8a:ba:87:83:2b:e6:70:0d:fd:af:c9:d1:8d:
82:f0:87:98:bb:6c:d7:0c:7d:9a:0d:69:a9:32:9c:
0c:fb:74:7c:fd:e3:1b:9f:5b:0f:fb:cd:1a:d7:dc:
b4:9a:2b:55:37:70:e8:35:af:ee:77:05:83:e2:68:
33:df:ba:4f:b5:59:23:e8:13:c1:9d:52:5c:13:cd:
7c:4e:11:a7:36:61:a5:d4:d5:61:43:5d:d7:5d:e9:
18:0e:0c:b4:40:04:59:66:4c:3a:b6:68:a6:58:df:
50:cc:8e:51:0a:a6:2e:81:da:50:80:3a:19:5e:97:
ba:aa:a4:f5:78:ac:04:cf:a6:08:d5:4f:19:8c:57:
26:9d:9c:63:fe:9d:08:6d:87:db:71:c6:ca:a5:da:
3a:03:c6:45:7f:32:a1:7a:e5:7b:97:ee:1a:0b:bc:
06:40:68:fb:ab:5d:6a:44:32:88:7b:bb:bc:ae:70:
2e:2d:3c:c9:7a:2b:3d:63:de:2c:c7:14:b0:66:95:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:86:37:F7:C5:49:1F:0F:02:48:27:B1:13:27:C7:69:08:7F:1A:11
X509v3 Authority Key Identifier:
keyid:A9:02:00:A0:00:0D:F5:D8:45:B9:DB:28:4D:0A:2D:BE:E6:76:C5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/dYY398VJHw8CSCexEyfHaQh_GhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/qQIAoAAN9dhFudsoTQotvuZ2xag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.128.0/22
91.222.66.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:f3:0e:2f:3b:a4:92:fb:91:fd:a7:f8:7e:52:76:6c:1b:c8:
6c:37:b6:ba:b4:35:4b:3b:05:15:43:c3:7f:ff:3c:6d:2d:f6:
04:d7:f4:b8:5a:67:e0:33:a7:35:fe:39:f5:65:81:41:96:aa:
a3:1f:b2:50:55:52:75:b7:e4:18:72:e7:4d:5c:54:73:93:c0:
70:e9:93:35:5b:10:24:e8:fc:55:44:c1:06:7d:88:0a:fb:cf:
da:ab:4f:f3:56:d7:7e:7d:8f:fa:21:c7:0c:26:4c:9c:72:bf:
80:98:a1:24:7f:d1:ae:12:08:51:20:0a:5e:9a:7b:18:29:0b:
f0:37:52:d1:15:46:28:97:42:a6:00:9f:c0:1a:51:c5:75:c0:
91:30:42:54:8c:c1:76:2d:91:36:25:78:c6:c2:c9:18:b9:f9:
6e:0a:83:96:d6:71:a7:27:bc:49:c6:80:05:09:6f:1d:9a:28:
35:55:4a:4c:bf:d1:b7:21:cb:3e:1c:df:41:61:f5:e1:eb:f5:
5d:f1:ee:bc:13:1a:5d:77:d3:dd:b7:97:2a:a0:dd:60:d6:28:
3c:8b:d6:95:45:e2:06:fb:62:a8:6f:27:9b:34:54:d7:93:0f:
0f:a7:80:e1:99:d6:07:c9:02:77:ee:b9:99:cd:fa:e2:6d:d9:
ba:9b:ed:cb
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAJ+NFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OTAyMDBhMDAwMGRmNWQ4NDViOWRiMjg0ZDBhMmRiZWU2NzZjNWE4MB4XDTIyMDEw
MTAzMDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU4NjM3ZjdjNTQ5
MWYwZjAyNDgyN2IxMTMyN2M3NjkwODdmMWExMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkj5m+F2jGSeTUYNRzwd5FwLRsCGp9CWgdBsp7osnnkCE3l
qS2D02qvCNEpL2nzeofAYxoR/cYds3kAgNeKuoeDK+ZwDf2vydGNgvCHmLts1wx9
mg1pqTKcDPt0fP3jG59bD/vNGtfctJorVTdw6DWv7ncFg+JoM9+6T7VZI+gTwZ1S
XBPNfE4RpzZhpdTVYUNd113pGA4MtEAEWWZMOrZopljfUMyOUQqmLoHaUIA6GV6X
uqqk9XisBM+mCNVPGYxXJp2cY/6dCG2H23HGyqXaOgPGRX8yoXrle5fuGgu8BkBo
+6tdakQyiHu7vK5wLi08yXorPWPeLMcUsGaV/OUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR1hjf3xUkfDwJIJ7ETJ8dpCH8aETAfBgNVHSMEGDAWgBSpAgCgAA312EW5
2yhNCi2+5nbFqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FRSUFvQUFOOWRoRnVkc29UUW90dnVaMnhhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvYjFlM2UxLThiN2QtNGUyMi04NzBjLTU4ZjU3NDQ5NWJiOC8x
L2RZWTM5OFZKSHc4Q1NDZXhFeWZIYVFoX0doRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
YjFlM2UxLThiN2QtNGUyMi04NzBjLTU4ZjU3NDQ5NWJiOC8xL3FRSUFvQUFOOWRo
RnVkc29UUW90dnVaMnhhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvFgAMEAVveQjANBgkqhkiG9w0B
AQsFAAOCAQEAuPMOLzukkvuR/af4flJ2bBvIbDe2urQ1SzsFFUPDf/88bS32BNf0
uFpn4DOnNf459WWBQZaqox+yUFVSdbfkGHLnTVxUc5PAcOmTNVsQJOj8VUTBBn2I
CvvP2qtP81bXfn2P+iHHDCZMnHK/gJihJH/RrhIIUSAKXpp7GCkL8DdS0RVGKJdC
pgCfwBpRxXXAkTBCVIzBdi2RNiV4xsLJGLn5bgqDltZxpye8ScaABQlvHZooNVVK
TL/RtyHLPhzfQWH14ev1XfHuvBMaXXfT3beXKqDdYNYoPIvWlUXiBvtiqG8nmzRU
15MPD6eA4ZnWB8kCd+65mc364m3Zupvtyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:20 2024 by rpki-client on console-fra.rpki-client.org