Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/4c1cGZ5Aflj8eJJZFQXc-ChJir8.roa
File: 4c1cGZ5Aflj8eJJZFQXc-ChJir8.roa (raw, json)
Hash identifier: IoYvUOyWBILGkymYwdUflZI0UBqj0OG0m7bnFc7sYsU=
Subject key identifier: E1:CD:5C:19:9E:40:7E:58:FC:78:92:59:15:05:DC:F8:28:49:8A:BF
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 018446AACF64E9C05E3A623922CB0599D640
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/4c1cGZ5Aflj8eJJZFQXc-ChJir8.roa
Signing time: Sat 05 Nov 2022 07:21:50 +0000
ROA not before: Sat 05 Nov 2022 07:21:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
94.232.210.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
91.218.72.0/24 maxlen: 24
91.197.171.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:aa:cf:64:e9:c0:5e:3a:62:39:22:cb:05:99:d6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Nov 5 07:21:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1cd5c199e407e58fc7892591505dcf828498abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:62:ae:bc:67:ca:54:31:43:92:2a:2e:5d:
35:b6:41:af:68:ac:43:4f:3a:52:61:4f:75:ed:72:
7a:93:79:bb:e0:1f:c8:31:90:c8:93:34:93:8d:5e:
b7:86:22:b3:60:ec:18:b0:1f:23:f6:3f:d5:c4:76:
67:88:d9:b3:e2:7f:9e:ca:b8:49:09:30:3d:87:1b:
f7:80:e7:2d:a0:8f:ee:88:0f:ec:03:0a:9c:84:e7:
a6:8c:94:5d:55:89:8c:e1:5d:07:a5:f3:59:d8:d2:
63:ef:85:91:1e:a1:fb:62:6f:96:9d:82:5e:1c:60:
8d:61:65:90:27:7c:3b:a7:15:76:c8:f8:2d:06:3e:
46:ff:f8:8e:e8:d5:0a:b8:9c:65:4b:15:5b:01:b6:
0f:d8:a5:f8:7b:d4:17:47:f1:9d:f3:cc:cb:9e:65:
95:90:c4:11:4c:6d:ca:3c:cc:81:68:7a:ab:88:d7:
60:51:47:9c:1b:45:e1:06:b6:7c:d3:19:f0:41:fe:
ba:96:6d:50:da:dc:4b:48:ea:6a:0a:df:b3:62:90:
d9:71:6e:85:f7:e3:06:13:da:9e:87:7c:a9:fd:dc:
29:0c:6a:c1:d0:68:62:65:4f:38:42:6d:ff:e6:e9:
aa:22:fa:70:dc:f5:d5:cb:48:b2:f8:66:de:a1:6a:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CD:5C:19:9E:40:7E:58:FC:78:92:59:15:05:DC:F8:28:49:8A:BF
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/4c1cGZ5Aflj8eJJZFQXc-ChJir8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.171.0/24
91.218.72.0/22
94.232.210.0-94.232.212.255
Signature Algorithm: sha256WithRSAEncryption
0e:e2:8b:e6:68:ac:a9:f6:90:40:f2:f1:52:c3:ee:91:db:9a:
03:06:2d:fc:29:94:8d:cf:a4:c0:7b:16:38:d4:44:89:b3:af:
f5:7a:e2:f7:1a:96:76:f0:f2:53:fe:b8:4c:eb:01:13:c0:fe:
c3:e3:00:de:3c:b8:0e:47:38:f5:82:0b:91:5c:3e:45:43:05:
61:44:00:b0:80:83:60:b9:78:60:ef:5e:cb:c3:ce:85:ab:24:
a1:b1:c7:02:c8:74:89:84:e7:f5:95:1e:71:77:7a:0c:45:ea:
4b:83:a5:20:5b:0a:4d:bd:d3:fd:d8:11:e2:e4:09:cc:7e:78:
a0:e5:81:49:d7:8e:48:ca:4d:6a:c2:6d:7a:a5:2f:cb:9b:00:
fb:48:e3:a1:44:39:86:08:e9:0a:61:e2:b7:06:4a:0e:37:37:
f8:d5:22:df:39:08:74:75:de:67:dc:dd:66:a8:f7:4a:51:1e:
74:f4:af:65:80:51:7b:f7:92:a5:a3:68:9b:1a:6d:ac:5f:23:
62:c7:dd:59:d3:1b:b3:5f:21:ee:14:88:27:bd:f8:ff:f7:d6:
ea:ed:b6:eb:06:25:f4:6d:d5:1a:2b:95:f3:1b:d7:b1:1f:b7:
69:7a:3a:65:5e:a1:9d:f9:5e:d5:3e:14:20:b9:87:00:1e:c3:
92:52:cc:fa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYRGqs9k6cBeOmI5IssFmdZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjIxMTA1MDcyMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWNkNWMxOTllNDA3ZTU4ZmM3ODkyNTkxNTA1ZGNmODI4NDk4YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoipirrxnylQxQ5IqLl01tkGvaKxD
TzpSYU917XJ6k3m74B/IMZDIkzSTjV63hiKzYOwYsB8j9j/VxHZniNmz4n+eyrhJ
CTA9hxv3gOctoI/uiA/sAwqchOemjJRdVYmM4V0HpfNZ2NJj74WRHqH7Ym+WnYJe
HGCNYWWQJ3w7pxV2yPgtBj5G//iO6NUKuJxlSxVbAbYP2KX4e9QXR/Gd88zLnmWV
kMQRTG3KPMyBaHqriNdgUUecG0XhBrZ80xnwQf66lm1Q2txLSOpqCt+zYpDZcW6F
9+MGE9qeh3yp/dwpDGrB0GhiZU84Qm3/5umqIvpw3PXVy0iy+GbeoWq+BQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOHNXBmeQH5Y/HiSWRUF3PgoSYq/MB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvNGMxY0daNUFmbGo4ZUpKWkZRWGMtQ2hKaXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW8WrAwQC
W9pIMAwDBAFe6NIDBABe6NQwDQYJKoZIhvcNAQELBQADggEBAA7ii+ZorKn2kEDy
8VLD7pHbmgMGLfwplI3PpMB7FjjURImzr/V64vcalnbw8lP+uEzrARPA/sPjAN48
uA5HOPWCC5FcPkVDBWFEALCAg2C5eGDvXsvDzoWrJKGxxwLIdImE5/WVHnF3egxF
6kuDpSBbCk290/3YEeLkCcx+eKDlgUnXjkjKTWrCbXqlL8ubAPtI46FEOYYI6Qph
4rcGSg43N/jVIt85CHR13mfc3Wao90pRHnT0r2WAUXv3kqWjaJsabaxfI2LH3VnT
G7NfIe4UiCe9+P/31urttusGJfRt1RorlfMb17Eft2l6OmVeoZ35XtU+FCC5hwAe
w5JSzPo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org