Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z7Je-vHo5g7EfzidJAr1l7mSoLQ.roa
File: Z7Je-vHo5g7EfzidJAr1l7mSoLQ.roa (raw, json)
Hash identifier: 68aaqA6TKqhmE1qylQyBaFjx6AF0r2RaLFQCr50ju+g=
Subject key identifier: 67:B2:5E:FA:F1:E8:E6:0E:C4:7F:38:9D:24:0A:F5:97:B9:92:A0:B4
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0183B84969D7732A58F0200E3267BE5348A5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z7Je-vHo5g7EfzidJAr1l7mSoLQ.roa
Signing time: Sat 08 Oct 2022 15:49:22 +0000
ROA not before: Sat 08 Oct 2022 15:49:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 91.242.105.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b8:49:69:d7:73:2a:58:f0:20:0e:32:67:be:53:48:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 8 15:49:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67b25efaf1e8e60ec47f389d240af597b992a0b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4c:22:31:01:3b:67:02:8b:9e:82:b3:1c:d7:
cd:a5:af:f6:f5:1a:8f:85:40:46:47:89:d6:2a:40:
0a:a6:dd:ff:2c:5b:7e:73:4b:34:71:ce:ea:46:eb:
62:58:49:fd:27:16:a7:12:0d:13:a6:90:c1:74:8d:
49:5e:38:53:e5:26:11:6f:d8:8a:7a:f6:91:06:51:
82:95:ec:1f:b5:2b:b0:63:1d:5b:e1:b3:d6:16:03:
f9:3d:1d:f6:52:44:6a:c2:47:8a:48:d5:10:66:4f:
fc:a2:a6:f4:48:b7:63:fc:7e:2c:82:5f:c1:b7:9f:
3d:f3:4d:2e:45:05:93:42:64:b4:ae:1a:15:69:4d:
3f:0f:2f:57:b3:c9:0e:6e:78:82:f1:ff:a2:0f:7d:
b9:14:a5:f8:63:46:fd:dd:fe:c0:87:a1:44:58:c5:
05:f3:81:ae:6e:ae:9b:50:93:e4:a0:7f:e3:ff:9d:
07:2d:81:a6:dd:68:29:68:fe:be:59:b4:c9:99:74:
55:0b:bc:24:0d:02:10:bc:a3:f7:99:44:54:f9:b7:
6d:13:ee:50:bf:91:c9:4d:f6:13:b2:c0:e9:4b:13:
00:a7:72:66:3d:bb:e7:da:6c:32:ea:d0:17:1b:de:
d9:b7:51:de:cf:96:65:72:67:57:a3:48:e9:77:c5:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B2:5E:FA:F1:E8:E6:0E:C4:7F:38:9D:24:0A:F5:97:B9:92:A0:B4
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z7Je-vHo5g7EfzidJAr1l7mSoLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/22
91.242.105.0/24
Signature Algorithm: sha256WithRSAEncryption
37:11:ad:81:21:78:da:fc:b6:6c:23:05:6a:ce:77:56:2e:31:
b9:67:4b:1a:b9:9c:21:6c:9e:c8:77:f1:77:49:b8:a4:c8:98:
f8:60:7e:4d:0a:87:f2:30:eb:22:a6:c7:e0:8c:a1:9e:f4:3a:
89:32:1e:e3:ea:ec:93:88:ee:61:14:28:62:2a:ac:60:24:7d:
e7:bf:fc:4a:9c:c4:64:e6:5a:8c:e6:1e:22:3c:60:d0:17:10:
de:43:e5:8a:cd:61:78:d3:38:e7:ab:fc:71:35:99:f2:46:e6:
66:db:8a:55:54:a0:d6:bc:c9:a7:6a:df:6b:cf:f2:ee:2c:7c:
50:6a:a1:a2:6b:4a:5b:fa:ea:e5:d1:c0:87:44:89:37:7f:ec:
12:7f:f6:74:98:e8:5a:82:44:4d:66:c8:88:94:9a:95:c2:f9:
8a:29:b7:57:4c:4b:15:21:dc:5e:37:be:92:48:15:bd:32:ef:
7c:91:da:38:87:40:85:0c:6e:7b:c4:1e:eb:b2:0f:7b:54:04:
8f:62:f4:1b:4b:d8:7d:b6:ea:a8:dc:1f:b5:2c:44:c7:d0:2b:
f1:3d:12:56:a9:a8:67:9d:4c:88:68:49:a8:e6:8b:a6:0b:6a:
8a:3c:7d:e3:9b:ea:be:86:97:5f:8b:ab:d1:5c:03:8a:2e:bd:
99:c9:50:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYO4SWnXcypY8CAOMme+U0ilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMDA4MTU0OTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2IyNWVmYWYxZThlNjBlYzQ3ZjM4OWQyNDBhZjU5N2I5OTJhMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUwiMQE7ZwKLnoKzHNfNpa/29RqP
hUBGR4nWKkAKpt3/LFt+c0s0cc7qRutiWEn9JxanEg0TppDBdI1JXjhT5SYRb9iK
evaRBlGClewftSuwYx1b4bPWFgP5PR32UkRqwkeKSNUQZk/8oqb0SLdj/H4sgl/B
t589800uRQWTQmS0rhoVaU0/Dy9Xs8kObniC8f+iD325FKX4Y0b93f7Ah6FEWMUF
84Gubq6bUJPkoH/j/50HLYGm3WgpaP6+WbTJmXRVC7wkDQIQvKP3mURU+bdtE+5Q
v5HJTfYTssDpSxMAp3JmPbvn2mwy6tAXG97Zt1Hez5ZlcmdXo0jpd8XAQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGeyXvrx6OYOxH84nSQK9Ze5kqC0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWjdKZS12SG81ZzdFZnppZEpBcjFsN21Tb0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/JAAwQA
W/JpMA0GCSqGSIb3DQEBCwUAA4IBAQA3Ea2BIXja/LZsIwVqzndWLjG5Z0sauZwh
bJ7Id/F3SbikyJj4YH5NCofyMOsipsfgjKGe9DqJMh7j6uyTiO5hFChiKqxgJH3n
v/xKnMRk5lqM5h4iPGDQFxDeQ+WKzWF40zjnq/xxNZnyRuZm24pVVKDWvMmnat9r
z/LuLHxQaqGia0pb+url0cCHRIk3f+wSf/Z0mOhagkRNZsiIlJqVwvmKKbdXTEsV
IdxeN76SSBW9Mu98kdo4h0CFDG57xB7rsg97VASPYvQbS9h9tuqo3B+1LETH0Cvx
PRJWqahnnUyIaEmo5oumC2qKPH3jm+q+hpdfi6vRXAOKLr2ZyVAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org