Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mxz1CmA2YpyNyJ7V2J4OZN6utjA.roa
File: mxz1CmA2YpyNyJ7V2J4OZN6utjA.roa (raw, json)
Hash identifier: zIdkYbtbCPAn+CnlU1mbq/RHtkgKadncWVp/hj2eNrc=
Subject key identifier: 9B:1C:F5:0A:60:36:62:9C:8D:C8:9E:D5:D8:9E:0E:64:DE:AE:B6:30
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 138611BD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mxz1CmA2YpyNyJ7V2J4OZN6utjA.roa
Signing time: Sat 01 Jan 2022 05:56:17 +0000
ROA not before: Sat 01 Jan 2022 05:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62281
IP address blocks: 91.242.86.0/23 maxlen: 23
91.242.88.0/21 maxlen: 21
91.242.96.0/24 maxlen: 24
91.242.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327553469 (0x138611bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b1cf50a6036629c8dc89ed5d89e0e64deaeb630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:64:7a:e6:32:dc:bd:96:5a:2e:35:7a:7e:af:
59:b6:37:39:20:05:c5:4d:94:85:34:0a:4c:62:55:
e7:28:35:cf:09:fb:97:b6:68:a2:71:57:08:59:7a:
84:8c:3d:90:1e:53:8b:cb:73:9e:62:84:15:99:86:
45:ec:ab:1d:66:c9:5e:0c:60:a6:56:6a:56:cd:4e:
dc:47:03:e4:8b:c7:7e:2e:d6:f6:02:e2:38:87:90:
ae:75:fe:41:f0:d5:5e:81:57:8c:f1:a6:6e:73:cf:
1d:bd:fa:ba:f9:8b:7a:41:75:a1:19:72:e2:c2:ba:
14:bf:28:b5:e3:71:e0:b1:f2:01:6a:10:21:58:47:
cb:6b:0b:48:0a:37:68:39:f4:4c:7a:9b:d5:dc:5d:
c5:95:a7:b9:f6:4f:2b:34:5f:38:ea:ef:dd:05:18:
8f:2b:1b:c6:8e:bf:ba:e4:13:14:db:bd:7a:ad:76:
36:9d:8b:43:0d:11:f0:52:ab:85:4f:21:b2:c1:72:
e2:c7:3a:32:d3:52:81:e6:2a:77:55:73:16:79:1f:
7f:4e:e2:40:c6:8e:40:d6:e5:c8:bb:6d:a1:b2:2e:
3c:4d:62:78:0d:22:33:ec:06:0d:67:84:d4:d8:bc:
1e:58:a0:98:4e:59:89:3f:dc:8b:f9:3e:6c:fc:19:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1C:F5:0A:60:36:62:9C:8D:C8:9E:D5:D8:9E:0E:64:DE:AE:B6:30
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mxz1CmA2YpyNyJ7V2J4OZN6utjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.86.0-91.242.96.255
91.242.106.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1b:16:7d:b2:74:61:da:a1:89:0d:23:43:6c:da:f3:94:b5:
c8:8c:4a:2f:79:c0:1c:af:57:91:f5:fe:85:7c:00:5b:1b:44:
04:1d:a4:24:5b:89:e9:de:09:e1:27:37:92:ad:67:b0:57:e3:
6d:22:55:a2:1b:06:1a:f2:c5:74:85:24:43:14:71:41:76:a9:
bb:b2:1e:14:15:b4:94:c9:56:d6:54:8e:68:1d:cb:7b:47:78:
6d:67:1e:78:ec:1c:b0:b2:35:42:a0:52:94:8d:8c:4b:ef:df:
b2:f6:f6:e3:8b:3e:37:b5:80:be:d1:02:54:2d:4c:5d:e7:93:
61:5c:17:71:ad:0c:be:4f:8f:c1:c3:e3:9d:fb:4f:57:34:16:
8b:8c:8f:a9:e1:fa:f2:53:c8:fd:6d:af:83:e0:71:00:45:a0:
6b:c8:11:48:8a:1e:01:2d:dd:92:97:66:66:7e:dd:18:4c:d9:
5f:5e:dd:6d:ba:3a:7d:fd:b4:b9:8f:cd:fe:9a:95:e0:09:56:
94:67:44:77:e2:82:8c:d6:a9:5b:63:e1:2c:53:7f:3a:e5:cc:
8f:07:06:20:dd:12:6c:c8:9d:19:e8:56:18:2a:e3:37:00:c4:
54:21:a4:53:43:e4:0d:a6:ff:0c:59:ce:67:ba:aa:1c:29:9e:
75:bf:11:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEE4YRvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIxY2Y1MGE2MDM2
NjI5YzhkYzg5ZWQ1ZDg5ZTBlNjRkZWFlYjYzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJkeuYy3L2WWi41en6vWbY3OSAFxU2UhTQKTGJV5yg1zwn7
l7ZoonFXCFl6hIw9kB5Ti8tznmKEFZmGReyrHWbJXgxgplZqVs1O3EcD5IvHfi7W
9gLiOIeQrnX+QfDVXoFXjPGmbnPPHb36uvmLekF1oRly4sK6FL8oteNx4LHyAWoQ
IVhHy2sLSAo3aDn0THqb1dxdxZWnufZPKzRfOOrv3QUYjysbxo6/uuQTFNu9eq12
Np2LQw0R8FKrhU8hssFy4sc6MtNSgeYqd1VzFnkff07iQMaOQNblyLttobIuPE1i
eA0iM+wGDWeE1Ni8HligmE5ZiT/ci/k+bPwZejkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSbHPUKYDZinI3IntXYng5k3q62MDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L214ejFDbUEyWXB5TnlKN1YySjRPWk42dXRqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQBW/JWAwQAW/JgAwQAW/JqMA0G
CSqGSIb3DQEBCwUAA4IBAQCEGxZ9snRh2qGJDSNDbNrzlLXIjEovecAcr1eR9f6F
fABbG0QEHaQkW4np3gnhJzeSrWewV+NtIlWiGwYa8sV0hSRDFHFBdqm7sh4UFbSU
yVbWVI5oHct7R3htZx547BywsjVCoFKUjYxL79+y9vbjiz43tYC+0QJULUxd55Nh
XBdxrQy+T4/Bw+Od+09XNBaLjI+p4fryU8j9ba+D4HEARaBryBFIih4BLd2Sl2Zm
ft0YTNlfXt1tujp9/bS5j83+mpXgCVaUZ0R34oKM1qlbY+EsU3865cyPBwYg3RJs
yJ0Z6FYYKuM3AMRUIaRTQ+QNpv8MWc5nuqocKZ51vxG7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org