Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/_y7Kz4t7AC38CjtZ2MBUckgc3-w.roa
File: _y7Kz4t7AC38CjtZ2MBUckgc3-w.roa (raw, json)
Hash identifier: psQJu6tEhqqR30R56G1HbPGTiw+onkOfoj/LncHkDoE=
Subject key identifier: FF:2E:CA:CF:8B:7B:00:2D:FC:0A:3B:59:D8:C0:54:72:48:1C:DF:EC
Certificate issuer: /CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0
Certificate serial: 033E4777
Authority key identifier: 90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/_y7Kz4t7AC38CjtZ2MBUckgc3-w.roa
Signing time: Sat 01 Jan 2022 00:53:40 +0000
ROA not before: Sat 01 Jan 2022 00:53:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212073
IP address blocks: 91.209.16.0/24 maxlen: 24
2a0f:c444::/32 maxlen: 48
2a0f:c440::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54413175 (0x33e4777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0
Validity
Not Before: Jan 1 00:53:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff2ecacf8b7b002dfc0a3b59d8c05472481cdfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9c:89:0e:d5:98:6c:32:89:6d:3e:1f:82:cd:
f7:0d:a1:ae:7e:23:f7:2d:ab:65:0a:8e:1c:b5:be:
2c:b7:f5:9d:07:be:d3:c8:69:30:e4:ce:a7:2a:2f:
ec:c4:af:66:d5:f8:b7:be:5d:ce:75:92:40:89:a0:
08:8b:9e:67:a0:32:b2:b1:14:6c:99:41:8d:35:2b:
b9:c6:a1:b8:6c:c4:f5:c1:c2:68:7e:1f:4e:7a:9d:
50:2b:a2:fd:3c:b5:b1:62:57:69:fe:4e:31:a5:82:
e8:2b:7c:2d:6a:bf:67:58:60:7b:3b:0b:d5:f1:ba:
dd:0e:18:17:e8:70:af:e6:9d:f9:14:65:d2:40:a8:
7b:b6:b1:44:ec:a4:78:ae:67:ca:4e:b3:e3:49:3c:
a0:66:2f:1f:d9:c5:67:45:f7:42:63:de:13:fc:7b:
4f:a8:4d:51:1d:cd:75:9d:6b:4f:5b:2d:d1:92:27:
a6:52:1d:5b:77:c0:61:e2:14:4e:e8:13:93:50:c6:
7d:44:db:18:8b:ea:00:b9:86:e1:50:0d:16:75:eb:
22:cc:c8:92:e7:8f:0c:1a:00:ee:cd:a5:4b:73:e8:
30:9c:7a:bb:82:39:e9:f9:3b:24:d4:f9:45:11:2e:
9d:ed:92:4a:27:e9:c6:d2:62:1a:80:e7:c8:ee:21:
42:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2E:CA:CF:8B:7B:00:2D:FC:0A:3B:59:D8:C0:54:72:48:1C:DF:EC
X509v3 Authority Key Identifier:
keyid:90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/_y7Kz4t7AC38CjtZ2MBUckgc3-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.16.0/24
IPv6:
2a0f:c440::/48
2a0f:c444::/32
Signature Algorithm: sha256WithRSAEncryption
b1:21:52:93:0a:bc:0d:b2:13:9b:70:7a:e2:e0:ad:29:52:12:
28:5b:d7:d8:9c:cf:94:1d:b0:3a:43:a2:51:38:7f:01:bd:83:
81:f2:e4:ce:28:fe:7e:ff:d7:ab:63:ab:f2:3a:e4:51:de:2d:
77:b7:86:8a:c1:3d:e7:e1:8b:87:f9:32:4e:6f:b9:1d:34:35:
4a:3a:4d:6d:b8:f8:27:2e:88:19:2d:18:d5:b8:73:a2:82:b4:
cb:c5:34:8c:72:e1:28:90:79:9b:2a:fe:47:c5:37:2d:ca:0b:
64:7f:d0:7e:d0:53:a7:34:fb:23:25:1a:88:18:f4:78:a1:64:
67:53:b4:cd:56:86:e4:e2:2a:5e:3b:9f:e2:b9:d0:25:21:97:
ef:cb:74:bd:5f:08:f6:be:b8:15:e6:d1:13:6c:57:ec:83:f9:
6a:f6:a6:d6:8c:a7:5e:08:44:38:1a:fd:b0:6a:82:92:cd:11:
f2:a2:83:5b:bb:d5:8b:df:e8:99:7a:ea:29:8b:39:1c:c0:fc:
63:84:d8:d5:b6:83:c2:b3:21:14:e3:f1:5f:30:71:a4:b4:dc:
c6:50:9a:64:b4:20:25:41:b7:77:64:1c:6b:e0:d4:a3:7a:8f:
ea:e7:07:f7:6b:02:65:9f:31:7e:d6:08:7b:51:a0:2c:1c:c9:
9a:4a:fd:af
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAz5HdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGZkOGFhZTFiNmUxNTlhMmZhOGYwM2Q3YTMxODhhMWUxODA3MmEwMB4XDTIyMDEw
MTAwNTM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYyZWNhY2Y4Yjdi
MDAyZGZjMGEzYjU5ZDhjMDU0NzI0ODFjZGZlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOciQ7VmGwyiW0+H4LN9w2hrn4j9y2rZQqOHLW+LLf1nQe+
08hpMOTOpyov7MSvZtX4t75dznWSQImgCIueZ6AysrEUbJlBjTUrucahuGzE9cHC
aH4fTnqdUCui/Ty1sWJXaf5OMaWC6Ct8LWq/Z1hgezsL1fG63Q4YF+hwr+ad+RRl
0kCoe7axROykeK5nyk6z40k8oGYvH9nFZ0X3QmPeE/x7T6hNUR3NdZ1rT1st0ZIn
plIdW3fAYeIUTugTk1DGfUTbGIvqALmG4VANFnXrIszIkuePDBoA7s2lS3PoMJx6
u4I56fk7JNT5RREune2SSifpxtJiGoDnyO4hQhsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBT/LsrPi3sALfwKO1nYwFRySBzf7DAfBgNVHSMEGDAWgBSQ/YquG24Vmi+o
8D16MYih4YByoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQMktyaHR1RlpvdnFQQTllakdJb2VHQWNxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvNWRmYzc2LWU3ZWItNGQzNS04YWQ3LTc5OTM1OTExMTNlNC8x
L195N0t6NHQ3QUMzOENqdFoyTUJVY2tnYzMtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
NWRmYzc2LWU3ZWItNGQzNS04YWQ3LTc5OTM1OTExMTNlNC8xL2tQMktyaHR1Rlpv
dnFQQTllakdJb2VHQWNxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEAFvREDAWBAIAAjAQAwcAKg/EQAAA
AwUAKg/ERDANBgkqhkiG9w0BAQsFAAOCAQEAsSFSkwq8DbITm3B64uCtKVISKFvX
2JzPlB2wOkOiUTh/Ab2DgfLkzij+fv/Xq2Or8jrkUd4td7eGisE95+GLh/kyTm+5
HTQ1SjpNbbj4Jy6IGS0Y1bhzooK0y8U0jHLhKJB5myr+R8U3LcoLZH/QftBTpzT7
IyUaiBj0eKFkZ1O0zVaG5OIqXjuf4rnQJSGX78t0vV8I9r64FebRE2xX7IP5avam
1oynXghEOBr9sGqCks0R8qKDW7vVi9/omXrqKYs5HMD8Y4TY1baDwrMhFOPxXzBx
pLTcxlCaZLQgJUG3d2Qca+DUo3qP6ucH92sCZZ8xftYIe1GgLBzJmkr9rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org