Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/W9tpyNqLOyA68MBqPQA7U99t5rA.roa
File: W9tpyNqLOyA68MBqPQA7U99t5rA.roa (raw, json)
Hash identifier: Y8Q+TRu2PA9f3FVzKDRJqYmHcvy4gRsBuklBa8LdHzI=
Subject key identifier: 5B:DB:69:C8:DA:8B:3B:20:3A:F0:C0:6A:3D:00:3B:53:DF:6D:E6:B0
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1382F418
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/W9tpyNqLOyA68MBqPQA7U99t5rA.roa
Signing time: Sat 01 Jan 2022 05:56:15 +0000
ROA not before: Sat 01 Jan 2022 05:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57916
IP address blocks: 91.242.97.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327349272 (0x1382f418)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5bdb69c8da8b3b203af0c06a3d003b53df6de6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:47:63:bd:c5:d3:64:d6:b3:66:ee:fa:ae:
26:47:57:90:3a:db:1b:65:cc:a9:ac:0e:b5:69:90:
c3:38:c7:90:58:04:33:d2:a7:68:13:d8:cf:f0:0a:
94:28:9d:4c:1a:ce:44:87:e9:b9:c4:dc:30:00:eb:
4f:1b:af:e2:73:38:e0:da:15:af:cd:55:ab:d2:53:
b9:06:75:ee:a0:69:bd:05:03:55:58:52:8f:ed:00:
9d:e5:70:3c:7b:1e:ce:75:6b:53:ad:28:b9:f9:35:
c0:b4:60:8b:02:7c:29:bd:dd:3d:96:09:c4:6c:c1:
a7:8a:7d:eb:65:91:f5:b5:1c:42:ea:d3:f0:ef:33:
00:74:f4:90:99:d0:9f:25:e8:02:b1:05:c1:7a:cf:
f0:3e:31:2f:9e:a0:3a:dc:98:e3:59:2c:7b:53:1b:
2e:a0:0a:95:c6:b9:79:b9:04:51:21:3a:ae:67:0f:
fb:da:bd:8d:33:f1:0f:f0:18:f7:b8:99:fc:33:63:
70:7f:a5:e3:89:56:9b:f1:5a:a4:5e:82:a0:6c:0d:
6a:a9:5b:e0:15:d4:3b:76:26:0c:ac:f0:9b:5a:28:
1e:dd:de:d3:78:17:04:64:dc:f6:b6:f7:ae:61:02:
1e:9b:1a:b8:19:1a:c7:af:08:53:e4:d4:78:0e:4f:
60:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DB:69:C8:DA:8B:3B:20:3A:F0:C0:6A:3D:00:3B:53:DF:6D:E6:B0
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/W9tpyNqLOyA68MBqPQA7U99t5rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/22
91.242.97.0/24
91.242.100.0/23
91.242.105.0/24
Signature Algorithm: sha256WithRSAEncryption
58:91:a3:00:f2:c7:90:e8:5f:a7:57:29:2c:7e:03:7e:ad:bc:
f0:94:c6:7d:e6:09:87:ca:f0:27:07:10:b4:50:cb:b5:48:5f:
87:b1:60:39:e7:81:d9:03:79:87:4a:4a:5b:bc:98:9b:e5:ae:
95:15:f0:be:a8:df:7c:bd:5f:45:46:9e:ed:eb:59:21:80:b4:
32:e2:db:39:74:bf:52:a8:5b:0c:12:56:49:53:9b:2c:cf:41:
26:e8:e1:a3:e3:f7:8b:28:bb:6e:4c:10:2f:8a:d6:80:4b:24:
f3:f4:d1:e6:f3:08:83:13:d2:d7:05:91:0e:2b:eb:46:4c:5c:
4b:de:39:6f:c7:f9:2a:ce:0e:1b:7d:2a:ec:eb:79:9e:de:97:
91:bf:42:27:a5:c2:04:47:e9:f1:48:c8:38:e7:06:94:3f:9b:
91:fb:f4:ba:51:bc:ed:c0:24:38:06:08:c6:ad:58:e7:04:8a:
60:a1:f9:4e:f3:c4:d3:6a:76:f0:cf:cd:73:d8:4b:20:84:0a:
36:8e:ff:8a:5e:dc:d4:31:7a:25:b2:73:fb:8f:34:63:14:c5:
1a:84:9d:a2:be:99:c2:c6:78:82:b3:c5:36:b7:ad:3c:fb:c9:
aa:dd:02:54:ad:48:c7:b8:b0:a8:95:04:07:51:43:2f:75:b3:
26:50:12:eb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEE4L0GDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJkYjY5YzhkYThi
M2IyMDNhZjBjMDZhM2QwMDNiNTNkZjZkZTZiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTYR2O9xdNk1rNm7vquJkdXkDrbG2XMqawOtWmQwzjHkFgE
M9KnaBPYz/AKlCidTBrORIfpucTcMADrTxuv4nM44NoVr81Vq9JTuQZ17qBpvQUD
VVhSj+0AneVwPHseznVrU60oufk1wLRgiwJ8Kb3dPZYJxGzBp4p962WR9bUcQurT
8O8zAHT0kJnQnyXoArEFwXrP8D4xL56gOtyY41kse1MbLqAKlca5ebkEUSE6rmcP
+9q9jTPxD/AY97iZ/DNjcH+l44lWm/FapF6CoGwNaqlb4BXUO3YmDKzwm1ooHt3e
03gXBGTc9rb3rmECHpsauBkax68IU+TUeA5PYDkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRb22nI2os7IDrwwGo9ADtT323msDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L1c5dHB5TnFMT3lBNjhNQnFQUUE3VTk5dDVyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlvyQAMEAFvyYQMEAVvyZAMEAFvy
aTANBgkqhkiG9w0BAQsFAAOCAQEAWJGjAPLHkOhfp1cpLH4Dfq288JTGfeYJh8rw
JwcQtFDLtUhfh7FgOeeB2QN5h0pKW7yYm+WulRXwvqjffL1fRUae7etZIYC0MuLb
OXS/UqhbDBJWSVObLM9BJujho+P3iyi7bkwQL4rWgEsk8/TR5vMIgxPS1wWRDivr
RkxcS945b8f5Ks4OG30q7Ot5nt6Xkb9CJ6XCBEfp8UjIOOcGlD+bkfv0ulG87cAk
OAYIxq1Y5wSKYKH5TvPE02p28M/Nc9hLIIQKNo7/il7c1DF6JbJz+480YxTFGoSd
or6ZwsZ4grPFNretPPvJqt0CVK1Ix7iwqJUEB1FDL3WzJlAS6w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org