Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/rH_xhDVSU7Wj8iBKFkFXF9oznMU.roa
File: rH_xhDVSU7Wj8iBKFkFXF9oznMU.roa (raw, json)
Hash identifier: Tw8xOHGUPEUvrgERgCnt+boKO/jVg6Cp7GZI3/N+J38=
Subject key identifier: AC:7F:F1:84:35:52:53:B5:A3:F2:20:4A:16:41:57:17:DA:33:9C:C5
Certificate issuer: /CN=37c651736e243d5ea6cecca63afdb4a0312d7730
Certificate serial: 09BC46CF
Authority key identifier: 37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/rH_xhDVSU7Wj8iBKFkFXF9oznMU.roa
Signing time: Sat 01 Jan 2022 12:05:58 +0000
ROA not before: Sat 01 Jan 2022 12:05:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198049
IP address blocks: 91.230.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163333839 (0x9bc46cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37c651736e243d5ea6cecca63afdb4a0312d7730
Validity
Not Before: Jan 1 12:05:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac7ff184355253b5a3f2204a16415717da339cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:dc:ed:2e:5f:10:35:8c:eb:75:e7:96:6c:
79:09:ed:fa:8e:7d:1a:da:42:80:ef:aa:14:d1:cb:
7c:61:a1:74:90:3d:b3:34:2c:53:87:74:38:13:32:
79:e6:ab:82:a3:3b:6a:ef:5a:8f:f5:ae:68:af:70:
53:5a:a4:51:8a:0a:61:30:a8:0e:ad:68:0f:7b:aa:
0b:9e:25:3d:72:e5:9b:a4:8c:93:01:ba:12:c6:b7:
52:e3:7c:21:fc:ad:39:fa:7e:0c:d6:96:fa:53:00:
25:2a:4d:6b:05:fe:1d:00:71:ba:b1:44:1a:af:25:
3e:85:30:c1:87:d1:1a:3b:a1:3b:19:c9:e6:af:99:
d4:9e:82:3b:d5:37:e2:d5:9f:0b:f9:c3:22:70:c1:
97:ff:b4:28:3c:1d:68:75:16:ae:66:b3:c9:61:0c:
5b:36:0f:d9:c1:28:86:32:7e:94:70:d0:40:77:f9:
90:a1:36:e1:44:ff:ef:ac:69:5e:80:6c:ba:c0:47:
b3:78:19:92:c1:52:10:b4:24:c8:f2:76:97:1d:e8:
c2:e7:3c:ab:30:0f:14:96:9f:18:b6:3b:28:c7:97:
71:c5:12:3d:49:21:2a:86:7b:c4:d4:4b:ed:19:73:
a8:17:ef:43:40:5a:30:eb:77:45:44:e9:27:f1:c6:
ef:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7F:F1:84:35:52:53:B5:A3:F2:20:4A:16:41:57:17:DA:33:9C:C5
X509v3 Authority Key Identifier:
keyid:37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/rH_xhDVSU7Wj8iBKFkFXF9oznMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.145.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:44:bf:a1:b2:f2:32:30:0a:43:81:3e:24:f5:0a:7f:2c:14:
ab:e0:24:42:56:ca:bc:05:e0:1e:52:92:d6:c2:19:d4:61:cb:
ea:15:34:4c:b9:45:0a:e1:2a:46:17:8f:44:93:a2:a3:3a:f5:
39:5a:ab:6d:62:be:9c:39:75:97:65:e3:c3:1a:4d:b9:78:25:
0e:00:cb:ad:e7:69:0d:2e:0c:47:42:f8:53:7c:65:2e:92:1e:
b7:b3:33:b7:90:42:cb:ae:c8:c6:03:40:58:c1:cb:9a:b8:90:
7c:91:20:c3:1d:56:ac:8b:27:28:ad:1c:2f:7c:f4:10:56:17:
fc:1c:a0:2f:0a:b8:a4:1b:3d:29:7e:b5:80:5a:a2:f7:03:7e:
04:53:f2:31:cd:2a:b2:fb:e5:e6:e6:c4:81:ff:e8:98:2f:77:
a1:f9:f3:b6:c8:ea:a8:31:e0:e1:e2:ce:ce:f4:9a:cd:f0:6d:
24:3b:85:73:29:3d:09:1c:8b:d0:94:92:77:cc:05:c5:6f:69:
4f:33:94:09:63:14:6d:61:f9:55:a9:22:16:73:3a:11:b9:b1:
1d:8c:b8:fd:61:32:ba:37:ce:a0:88:d3:84:dd:c2:6b:fe:51:
19:78:d6:08:ae:b3:89:cf:57:e6:ab:b7:8f:a6:c2:82:e3:12:
7c:f8:c5:65
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECbxGzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
N2M2NTE3MzZlMjQzZDVlYTZjZWNjYTYzYWZkYjRhMDMxMmQ3NzMwMB4XDTIyMDEw
MTEyMDU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM3ZmYxODQzNTUy
NTNiNWEzZjIyMDRhMTY0MTU3MTdkYTMzOWNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG13O0uXxA1jOt155ZseQnt+o59GtpCgO+qFNHLfGGhdJA9
szQsU4d0OBMyeeargqM7au9aj/WuaK9wU1qkUYoKYTCoDq1oD3uqC54lPXLlm6SM
kwG6Esa3UuN8IfytOfp+DNaW+lMAJSpNawX+HQBxurFEGq8lPoUwwYfRGjuhOxnJ
5q+Z1J6CO9U34tWfC/nDInDBl/+0KDwdaHUWrmazyWEMWzYP2cEohjJ+lHDQQHf5
kKE24UT/76xpXoBsusBHs3gZksFSELQkyPJ2lx3owuc8qzAPFJafGLY7KMeXccUS
PUkhKoZ7xNRL7RlzqBfvQ0BaMOt3RUTpJ/HG7wUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsf/GENVJTtaPyIEoWQVcX2jOcxTAfBgNVHSMEGDAWgBQ3xlFzbiQ9XqbO
zKY6/bSgMS13MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L044WlJjMjRrUFY2bXpzeW1PdjIwb0RFdGR6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvNTIzYzdkLTM5MTctNDEzNy05ZGYzLWFiZWE2MjU4NjhhOC8x
L3JIX3hoRFZTVTdXajhpQktGa0ZYRjlvem5NVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
NTIzYzdkLTM5MTctNDEzNy05ZGYzLWFiZWE2MjU4NjhhOC8xL044WlJjMjRrUFY2
bXpzeW1PdjIwb0RFdGR6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvmkTANBgkqhkiG9w0BAQsFAAOC
AQEAPkS/obLyMjAKQ4E+JPUKfywUq+AkQlbKvAXgHlKS1sIZ1GHL6hU0TLlFCuEq
RhePRJOiozr1OVqrbWK+nDl1l2XjwxpNuXglDgDLredpDS4MR0L4U3xlLpIet7Mz
t5BCy67IxgNAWMHLmriQfJEgwx1WrIsnKK0cL3z0EFYX/BygLwq4pBs9KX61gFqi
9wN+BFPyMc0qsvvl5ubEgf/omC93ofnztsjqqDHg4eLOzvSazfBtJDuFcyk9CRyL
0JSSd8wFxW9pTzOUCWMUbWH5VakiFnM6EbmxHYy4/WEyujfOoIjThN3Ca/5RGXjW
CK6zic9X5qu3j6bCguMSfPjFZQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:35 2023 by rpki-client on console-ams.rpki-client.org