Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/4R98j-BV6VOirbbmh4agPxgX4Is.roa
File: 4R98j-BV6VOirbbmh4agPxgX4Is.roa (raw, json)
Hash identifier: 0LsGu+jnbsKMC/RoLAKptJNdgTjqctUoY1Est7fEkIc=
Subject key identifier: E1:1F:7C:8F:E0:55:E9:53:A2:AD:B6:E6:87:86:A0:3F:18:17:E0:8B
Certificate issuer: /CN=4927124d9803a7de54883164a376ea72e3c63eaf
Certificate serial: 1AB0A64E
Authority key identifier: 49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/4R98j-BV6VOirbbmh4agPxgX4Is.roa
Signing time: Sat 01 Jan 2022 15:59:07 +0000
ROA not before: Sat 01 Jan 2022 15:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8522
IP address blocks: 139.91.0.0/16 maxlen: 16
139.91.252.0/24 maxlen: 24
192.67.249.0/24 maxlen: 24
139.91.253.0/24 maxlen: 24
139.91.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447784526 (0x1ab0a64e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4927124d9803a7de54883164a376ea72e3c63eaf
Validity
Not Before: Jan 1 15:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e11f7c8fe055e953a2adb6e68786a03f1817e08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d8:3a:ae:b2:f6:00:c0:0a:7a:f6:2e:04:fe:
7b:bb:f7:46:e5:e4:e0:98:d5:ad:ea:c2:22:b1:6f:
64:65:f1:70:7e:2c:fb:08:a9:4f:ca:48:79:55:87:
77:1e:46:ff:b7:c4:6c:37:ad:86:7d:1e:9a:ff:5f:
33:37:c6:d9:0f:f4:86:68:02:6c:35:4c:19:7b:4a:
55:4d:86:4a:6d:19:3a:ee:2a:c8:3f:92:ff:e1:8c:
d2:a1:f9:6c:ab:ba:18:6b:e4:3c:25:c8:a5:91:b5:
f7:77:59:bc:7d:f4:4e:42:e2:e4:7d:ef:bd:91:85:
4b:56:bf:8b:66:03:ae:c8:57:45:d2:b3:e9:98:b6:
91:e4:05:a8:8a:0a:ae:df:55:25:4d:77:97:df:cc:
cb:2a:43:3b:44:ad:c3:7f:bb:98:c2:a6:c7:c2:04:
d5:8f:45:bc:b7:94:41:57:e3:01:09:26:48:a8:57:
a6:d0:a6:dc:f0:29:03:a4:a7:2b:30:5c:0b:1f:b0:
ea:35:d3:1d:f8:2d:b2:a5:3f:9c:23:cb:fa:3b:e8:
21:35:11:19:ec:0f:19:c3:81:09:2e:26:7d:e5:dd:
52:de:be:1d:ff:53:5b:5d:84:97:66:25:29:75:11:
22:4c:63:09:d7:05:d3:4f:e9:c4:91:17:68:93:cb:
05:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1F:7C:8F:E0:55:E9:53:A2:AD:B6:E6:87:86:A0:3F:18:17:E0:8B
X509v3 Authority Key Identifier:
keyid:49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/4R98j-BV6VOirbbmh4agPxgX4Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.91.0.0/16
192.67.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:45:31:88:12:39:50:1c:e3:a3:62:6b:51:a5:2f:66:92:e9:
25:48:e9:7c:c8:75:21:58:24:e7:03:ed:17:5e:f0:0f:74:83:
2a:6f:af:4f:9a:ae:ad:20:07:1e:44:fa:6c:68:58:68:78:65:
89:7e:a2:19:d7:18:2e:90:e2:36:2c:c4:e9:28:f6:c2:f8:3c:
a5:06:bc:9d:62:56:44:c0:44:36:e2:98:7f:8d:01:9a:c0:18:
4b:8d:2f:04:2f:42:c5:26:a6:59:28:82:a6:54:01:7c:fd:b2:
35:de:c5:e9:98:45:30:b1:39:81:7b:cb:af:a3:6b:b8:aa:8f:
a6:1f:47:c8:ea:dc:f7:4e:13:6a:96:5b:38:e2:b0:77:9e:4a:
02:a8:8e:55:b7:36:02:60:70:68:54:72:20:54:44:ef:dc:a5:
96:ab:2a:5b:01:27:df:9e:83:60:65:ac:41:85:d5:3d:47:35:
68:9c:bc:1f:1f:b5:d3:65:1b:e0:40:c2:b1:9e:9a:71:a1:d5:
cc:95:8a:36:7f:c8:73:e9:94:04:2d:22:b2:45:51:db:24:73:
5e:3f:c3:bf:57:e7:a7:9f:b2:20:8d:cb:29:7f:5f:1e:d8:56:
98:94:ba:0b:c1:97:5f:0d:ed:76:f7:09:5a:28:2b:55:9f:4f:
95:11:ca:c3
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEGrCmTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTI3MTI0ZDk4MDNhN2RlNTQ4ODMxNjRhMzc2ZWE3MmUzYzYzZWFmMB4XDTIyMDEw
MTE1NTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTExZjdjOGZlMDU1
ZTk1M2EyYWRiNmU2ODc4NmEwM2YxODE3ZTA4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHYOq6y9gDACnr2LgT+e7v3RuXk4JjVrerCIrFvZGXxcH4s
+wipT8pIeVWHdx5G/7fEbDethn0emv9fMzfG2Q/0hmgCbDVMGXtKVU2GSm0ZOu4q
yD+S/+GM0qH5bKu6GGvkPCXIpZG193dZvH30TkLi5H3vvZGFS1a/i2YDrshXRdKz
6Zi2keQFqIoKrt9VJU13l9/MyypDO0Stw3+7mMKmx8IE1Y9FvLeUQVfjAQkmSKhX
ptCm3PApA6SnKzBcCx+w6jXTHfgtsqU/nCPL+jvoITURGewPGcOBCS4mfeXdUt6+
Hf9TW12El2YlKXURIkxjCdcF00/pxJEXaJPLBS8CAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBThH3yP4FXpU6KttuaHhqA/GBfgizAfBgNVHSMEGDAWgBRJJxJNmAOn3lSI
MWSjdupy48Y+rzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NTY1NUWmdEcDk1VWlERmtvM2JxY3VQR1BxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvM2UyYzM4LWY5NmYtNDBkZi1hZWFjLWYwMTUwYzgxYWNmNS8x
LzRSOThqLUJWNlZPaXJiYm1oNGFnUHhnWDRJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
M2UyYzM4LWY5NmYtNDBkZi1hZWFjLWYwMTUwYzgxYWNmNS8xL1NTY1NUWmdEcDk1
VWlERmtvM2JxY3VQR1BxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMDAItbAwQAwEP5MA0GCSqGSIb3DQEB
CwUAA4IBAQAfRTGIEjlQHOOjYmtRpS9mkuklSOl8yHUhWCTnA+0XXvAPdIMqb69P
mq6tIAceRPpsaFhoeGWJfqIZ1xgukOI2LMTpKPbC+DylBrydYlZEwEQ24ph/jQGa
wBhLjS8EL0LFJqZZKIKmVAF8/bI13sXpmEUwsTmBe8uvo2u4qo+mH0fI6tz3ThNq
lls44rB3nkoCqI5VtzYCYHBoVHIgVETv3KWWqypbASffnoNgZaxBhdU9RzVonLwf
H7XTZRvgQMKxnppxodXMlYo2f8hz6ZQELSKyRVHbJHNeP8O/V+enn7Igjcspf18e
2FaYlLoLwZdfDe129wlaKCtVn0+VEcrD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org