Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/SESZTOIOQUvws-J9aiQ19LKvdDI.roa
File: SESZTOIOQUvws-J9aiQ19LKvdDI.roa (raw, json)
Hash identifier: WJetlfGO0sXg35+fb8+wbsAM6AcY0QZgKBAgBqcz4n4=
Subject key identifier: 48:44:99:4C:E2:0E:41:4B:F0:B3:E2:7D:6A:24:35:F4:B2:AF:74:32
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 0438DBB7
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/SESZTOIOQUvws-J9aiQ19LKvdDI.roa
Signing time: Wed 11 May 2022 14:04:02 +0000
ROA not before: Wed 11 May 2022 14:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 91.217.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70835127 (0x438dbb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: May 11 14:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4844994ce20e414bf0b3e27d6a2435f4b2af7432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1c:bd:58:8e:23:21:04:31:f0:b2:5e:ab:83:
6f:96:b4:ac:b2:c9:15:d2:7d:fe:6d:2c:53:65:c8:
a6:6e:f3:9e:bc:29:60:e1:02:1d:f5:d2:ac:de:5e:
e8:90:40:7b:04:6a:1e:b1:d9:fe:fd:6e:a6:41:c3:
c1:6c:a5:f8:3c:16:8a:cc:8b:2e:ff:03:95:97:21:
db:2a:8a:b2:97:29:d5:a5:e0:43:ca:ce:e7:0d:a5:
26:26:80:7a:74:36:34:13:5b:85:0c:64:7a:cc:5f:
7b:64:ac:88:65:61:95:de:d6:e5:e0:ae:c2:b7:28:
1e:e4:77:0c:1a:28:bb:b6:9c:01:30:aa:d7:e7:82:
64:21:24:ae:a8:7d:4c:a0:68:c8:ce:e6:3c:6d:f1:
91:47:32:5a:7e:3d:f0:20:cd:55:5c:16:e5:bf:71:
45:a9:83:f2:be:24:7f:ff:4e:dc:23:0f:91:fe:c9:
15:fc:f8:87:93:93:b1:f3:c0:86:15:a9:63:ea:a9:
67:e8:d3:89:1d:3b:33:db:05:fc:2b:51:7e:dc:04:
22:fa:a4:e3:f2:fc:43:99:24:0a:3a:11:b3:cf:8b:
44:c9:95:36:78:53:16:4d:ca:ed:ea:de:f6:25:c6:
10:87:23:64:60:01:a6:b6:6d:2b:cb:c5:35:e4:0d:
fb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:44:99:4C:E2:0E:41:4B:F0:B3:E2:7D:6A:24:35:F4:B2:AF:74:32
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/SESZTOIOQUvws-J9aiQ19LKvdDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.162.0/24
Signature Algorithm: sha256WithRSAEncryption
48:76:e9:47:54:09:be:df:9b:aa:bf:6b:b3:60:a5:1a:b0:71:
68:05:d7:b2:4c:d0:1c:53:6d:93:c9:f0:9d:08:ad:a1:da:ca:
dc:47:84:02:bf:22:a6:d6:7c:27:f5:27:c7:2e:76:59:26:e4:
da:da:bd:76:93:70:88:4c:b5:bb:3c:45:b6:7d:d8:17:2c:77:
85:da:5f:f0:ff:d2:c8:c9:61:68:52:d6:15:f0:5d:a0:a6:bf:
b3:90:0e:2e:6e:fc:c4:54:62:a4:61:6c:3e:7a:2d:83:20:be:
a3:13:86:eb:aa:fb:b4:4a:4d:cc:18:78:aa:dd:60:94:f9:43:
64:ec:9c:d3:4d:42:d6:7a:5e:24:c9:96:2d:3a:ce:e6:a6:85:
2a:ac:ad:7f:4c:4e:5f:86:da:16:9a:a9:fb:65:87:96:29:ad:
2a:e6:8d:52:6c:cf:3a:69:07:6c:f2:59:ed:35:e8:54:d7:bb:
1f:a3:22:8d:86:e0:9b:25:d5:49:64:3c:9b:17:19:4c:8e:05:
91:34:60:ed:e9:97:56:68:1b:69:17:67:1d:e3:a1:dd:33:8e:
96:4f:b6:32:dd:98:ad:11:2d:b6:cb:c4:ed:9c:c6:20:9e:31:
5c:6b:0f:42:a7:e5:a5:ed:e6:87:0f:6a:d2:38:12:c1:97:fe:
8b:ec:85:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDjbtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMB4XDTIyMDUx
MTE0MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg0NDk5NGNlMjBl
NDE0YmYwYjNlMjdkNmEyNDM1ZjRiMmFmNzQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAcvViOIyEEMfCyXquDb5a0rLLJFdJ9/m0sU2XIpm7znrwp
YOECHfXSrN5e6JBAewRqHrHZ/v1upkHDwWyl+DwWisyLLv8DlZch2yqKspcp1aXg
Q8rO5w2lJiaAenQ2NBNbhQxkesxfe2SsiGVhld7W5eCuwrcoHuR3DBoou7acATCq
1+eCZCEkrqh9TKBoyM7mPG3xkUcyWn498CDNVVwW5b9xRamD8r4kf/9O3CMPkf7J
Ffz4h5OTsfPAhhWpY+qpZ+jTiR07M9sF/CtRftwEIvqk4/L8Q5kkCjoRs8+LRMmV
NnhTFk3K7ere9iXGEIcjZGABprZtK8vFNeQN+zsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIRJlM4g5BS/Cz4n1qJDX0sq90MjAfBgNVHSMEGDAWgBQ0e0h4SP/2NTPY
fDJOzFHCw+oq2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IdEllRWpfOWpVejJId3lUc3hSd3NQcUt0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8x
L1NFU1pUT0lPUVV2d3MtSjlhaVExOUxLdmRESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpV
ejJId3lUc3hSd3NQcUt0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvZojANBgkqhkiG9w0BAQsFAAOC
AQEASHbpR1QJvt+bqr9rs2ClGrBxaAXXskzQHFNtk8nwnQitodrK3EeEAr8iptZ8
J/Unxy52WSbk2tq9dpNwiEy1uzxFtn3YFyx3hdpf8P/SyMlhaFLWFfBdoKa/s5AO
Lm78xFRipGFsPnotgyC+oxOG66r7tEpNzBh4qt1glPlDZOyc001C1npeJMmWLTrO
5qaFKqytf0xOX4baFpqp+2WHlimtKuaNUmzPOmkHbPJZ7TXoVNe7H6MijYbgmyXV
SWQ8mxcZTI4FkTRg7emXVmgbaRdnHeOh3TOOlk+2Mt2YrREttsvE7ZzGIJ4xXGsP
Qqflpe3mhw9q0jgSwZf+i+yFiQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:20 2023 by rpki-client on console-ams.rpki-client.org