Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/27c7a3-943c-4b29-bd82-e7abcf223715/1/h3AQqYlvoRKvQQy21e7k4tDmoFw.roa
File: h3AQqYlvoRKvQQy21e7k4tDmoFw.roa (raw, json)
Hash identifier: smLJAS2ncwMbXe3uu8Y52wf8jgdgImptRjfBl+rRS30=
Subject key identifier: 87:70:10:A9:89:6F:A1:12:AF:41:0C:B6:D5:EE:E4:E2:D0:E6:A0:5C
Certificate issuer: /CN=2b4ab4c1517f732df8b2ec83de4ad2368d45cfdf
Certificate serial: 0521A15A
Authority key identifier: 2B:4A:B4:C1:51:7F:73:2D:F8:B2:EC:83:DE:4A:D2:36:8D:45:CF:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K0q0wVF_cy34suyD3krSNo1Fz98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/27c7a3-943c-4b29-bd82-e7abcf223715/1/h3AQqYlvoRKvQQy21e7k4tDmoFw.roa
Signing time: Sat 01 Jan 2022 02:58:38 +0000
ROA not before: Sat 01 Jan 2022 02:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209331
IP address blocks: 91.132.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86090074 (0x521a15a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4ab4c1517f732df8b2ec83de4ad2368d45cfdf
Validity
Not Before: Jan 1 02:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=877010a9896fa112af410cb6d5eee4e2d0e6a05c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:40:e3:96:a0:52:d2:49:c6:0a:ce:84:20:46:
8f:5a:bd:f7:d9:a4:49:6e:76:74:0e:fb:7d:ac:1c:
08:f2:65:cf:79:a5:55:22:de:97:2a:f2:88:b7:34:
a2:59:78:61:be:0b:92:4b:f4:fb:f7:ca:99:da:7c:
13:72:46:a3:22:52:df:1a:97:a0:b5:6a:e3:0c:26:
7a:2f:dc:5f:37:e7:d9:42:94:84:4d:69:a5:47:ed:
05:b3:14:e3:4c:94:50:39:ec:9e:36:76:67:4a:48:
f8:f2:9e:db:40:c5:42:6e:17:71:dc:96:fb:91:bf:
bf:35:84:ca:93:e7:b5:c9:ac:24:33:9f:34:d7:fb:
d0:fe:7d:c8:07:65:39:41:13:6d:d5:6e:da:64:e2:
f1:ce:7f:66:a7:74:23:7f:ff:c3:7f:e3:ba:e1:91:
a3:06:1c:c1:6e:dc:54:37:0a:5f:7e:42:fa:ff:64:
8b:5a:7f:8c:1a:95:23:9f:4e:27:00:48:fa:99:57:
f8:2f:b7:4e:1d:71:e9:75:32:5d:7d:18:63:cf:5a:
fe:35:d2:fe:f2:d2:fe:5d:13:1b:be:4c:15:4b:a2:
c9:63:c1:9a:62:ba:b2:88:1a:f4:58:a5:f8:2f:3f:
68:a8:70:9b:f2:26:56:85:cf:e1:01:74:0b:89:77:
e7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:70:10:A9:89:6F:A1:12:AF:41:0C:B6:D5:EE:E4:E2:D0:E6:A0:5C
X509v3 Authority Key Identifier:
keyid:2B:4A:B4:C1:51:7F:73:2D:F8:B2:EC:83:DE:4A:D2:36:8D:45:CF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K0q0wVF_cy34suyD3krSNo1Fz98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/27c7a3-943c-4b29-bd82-e7abcf223715/1/h3AQqYlvoRKvQQy21e7k4tDmoFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/27c7a3-943c-4b29-bd82-e7abcf223715/1/K0q0wVF_cy34suyD3krSNo1Fz98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.212.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ca:81:82:2e:88:a7:af:40:dd:df:14:60:76:ee:e2:a0:f6:
de:67:88:0c:6d:1e:55:20:9c:98:00:a6:bf:5f:7c:79:a0:7c:
42:3f:b2:47:ae:40:de:ce:79:16:16:c5:b6:bf:52:a5:66:2e:
4e:8d:3b:1b:80:88:6e:80:e9:73:c6:c8:f1:b4:0c:53:00:db:
ea:8b:bd:33:aa:75:9c:16:77:81:bd:70:65:7c:e0:8f:d3:f5:
9a:80:fc:05:2d:db:7b:59:0b:b2:f7:a1:0b:e2:9f:ea:e4:74:
4f:3e:2c:e5:6c:c2:63:47:7e:e9:bc:43:9f:bd:50:26:f4:10:
87:25:ae:1f:e3:c2:f1:fa:42:4b:f7:eb:12:70:dc:7d:ce:86:
96:c5:fe:98:7a:31:aa:c8:eb:b6:9d:20:6f:3e:b6:bd:d7:20:
01:31:f0:fb:3c:2e:c5:9c:d0:c1:0c:b3:8b:f2:db:f2:8d:cf:
c7:74:01:46:81:a5:66:25:12:a8:0a:8f:9c:06:89:85:3b:f0:
4f:3c:fd:31:43:08:00:c5:35:b1:53:a5:b9:ac:23:96:7b:61:
8c:33:44:26:d5:32:a0:bc:36:ca:63:a3:e0:2f:74:99:a3:f5:
e2:08:74:c9:8f:43:44:e9:55:b1:9f:9f:33:20:e4:71:00:fb:
4e:e1:a2:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSGhWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjRhYjRjMTUxN2Y3MzJkZjhiMmVjODNkZTRhZDIzNjhkNDVjZmRmMB4XDTIyMDEw
MTAyNTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc3MDEwYTk4OTZm
YTExMmFmNDEwY2I2ZDVlZWU0ZTJkMGU2YTA1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPBA45agUtJJxgrOhCBGj1q999mkSW52dA77fawcCPJlz3ml
VSLelyryiLc0oll4Yb4Lkkv0+/fKmdp8E3JGoyJS3xqXoLVq4wwmei/cXzfn2UKU
hE1ppUftBbMU40yUUDnsnjZ2Z0pI+PKe20DFQm4XcdyW+5G/vzWEypPntcmsJDOf
NNf70P59yAdlOUETbdVu2mTi8c5/Zqd0I3//w3/juuGRowYcwW7cVDcKX35C+v9k
i1p/jBqVI59OJwBI+plX+C+3Th1x6XUyXX0YY89a/jXS/vLS/l0TG75MFUuiyWPB
mmK6soga9Fil+C8/aKhwm/ImVoXP4QF0C4l35+cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHcBCpiW+hEq9BDLbV7uTi0OagXDAfBgNVHSMEGDAWgBQrSrTBUX9zLfiy
7IPeStI2jUXP3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0swcTB3VkZfY3kzNHN1eUQza3JTTm8xRno5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvMjdjN2EzLTk0M2MtNGIyOS1iZDgyLWU3YWJjZjIyMzcxNS8x
L2gzQVFxWWx2b1JLdlFReTIxZTdrNHREbW9Gdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
MjdjN2EzLTk0M2MtNGIyOS1iZDgyLWU3YWJjZjIyMzcxNS8xL0swcTB3VkZfY3kz
NHN1eUQza3JTTm8xRno5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuE1DANBgkqhkiG9w0BAQsFAAOC
AQEANcqBgi6Ip69A3d8UYHbu4qD23meIDG0eVSCcmACmv198eaB8Qj+yR65A3s55
FhbFtr9SpWYuTo07G4CIboDpc8bI8bQMUwDb6ou9M6p1nBZ3gb1wZXzgj9P1moD8
BS3be1kLsvehC+Kf6uR0Tz4s5WzCY0d+6bxDn71QJvQQhyWuH+PC8fpCS/frEnDc
fc6GlsX+mHoxqsjrtp0gbz62vdcgATHw+zwuxZzQwQyzi/Lb8o3Px3QBRoGlZiUS
qAqPnAaJhTvwTzz9MUMIAMU1sVOluawjlnthjDNEJtUyoLw2ymOj4C90maP14gh0
yY9DROlVsZ+fMyDkcQD7TuGiSw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:35 2023 by rpki-client on console-ams.rpki-client.org