Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/SxgpVFvUGKJtvWjisPiWdn386aU.roa
File: SxgpVFvUGKJtvWjisPiWdn386aU.roa (raw, json)
Hash identifier: 6NtpWflpI0gcqOBWpE4es18I1QFMHl35/PU4RSsG2I0=
Subject key identifier: 4B:18:29:54:5B:D4:18:A2:6D:BD:68:E2:B0:F8:96:76:7D:FC:E9:A5
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1CC7F2EB
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/SxgpVFvUGKJtvWjisPiWdn386aU.roa
Signing time: Wed 06 Apr 2022 13:11:41 +0000
ROA not before: Wed 06 Apr 2022 13:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 91.239.220.0/23 maxlen: 23
91.237.92.0/24 maxlen: 24
109.207.128.0/24 maxlen: 24
91.246.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482865899 (0x1cc7f2eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 6 13:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b1829545bd418a26dbd68e2b0f896767dfce9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:41:6b:3d:21:f0:35:b4:5a:ff:12:c4:67:
80:8e:1e:5d:9a:b7:02:df:67:d5:07:c0:6c:80:c5:
30:4c:41:94:fe:48:05:10:b2:9c:19:57:dc:74:0d:
db:2d:92:66:96:6d:85:7d:fc:c5:09:30:dc:27:df:
67:2b:28:99:27:6b:91:44:f4:1b:64:8c:6f:29:44:
a5:bc:84:02:f9:44:fb:0f:24:a0:9c:06:51:88:6e:
4a:c5:e3:c4:19:1d:2e:b3:a6:dc:e9:c9:73:df:de:
f8:02:f6:b1:00:88:c0:55:bf:d5:ff:35:00:0c:c8:
31:22:b5:61:8b:ad:5b:85:ec:87:24:7a:90:0c:7d:
40:a6:c0:25:7c:1b:a3:56:d6:2d:66:42:c3:96:a8:
5a:cf:00:ff:20:bd:4f:6c:4f:49:91:b0:e8:f8:6c:
dd:1d:95:34:2b:b1:41:d9:c3:6a:cd:31:99:1e:7f:
c8:a8:b8:82:30:4a:27:f2:e9:f0:90:61:c8:7c:f1:
b4:3d:ca:63:6d:a8:46:bf:aa:40:79:86:80:8b:2d:
4f:47:f0:66:4a:d9:e4:7c:4f:a4:80:89:cc:a1:7d:
d3:cb:2a:b4:fe:05:4b:5e:0d:f2:66:33:5f:d3:fa:
40:3c:cf:6d:6f:53:59:1a:89:00:b7:18:04:35:bc:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:18:29:54:5B:D4:18:A2:6D:BD:68:E2:B0:F8:96:76:7D:FC:E9:A5
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/SxgpVFvUGKJtvWjisPiWdn386aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.92.0/24
91.239.220.0/23
91.246.200.0/24
109.207.128.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b5:e5:52:a7:7a:60:ea:ce:a5:f8:f8:3e:fb:b0:74:93:bc:
60:f2:6d:de:3d:06:62:e3:bf:49:75:12:c8:73:56:01:4f:b3:
fe:1a:b9:c3:64:18:c3:24:a2:aa:9e:35:51:a1:1b:a9:c0:4a:
bf:42:21:86:c3:8f:8c:84:ae:64:46:89:67:0f:c5:2b:8f:45:
99:0f:5d:de:bc:6b:ac:ff:15:c9:eb:b4:9a:83:dc:d2:0f:9f:
a4:41:44:7c:62:1e:1a:50:9c:46:4b:18:d4:a5:b1:ec:0f:b0:
b8:89:d0:b6:d9:2f:33:64:22:ac:a1:2a:d7:fd:68:08:fd:54:
fb:1d:c6:98:0f:45:bc:5d:25:03:04:93:c2:ed:ee:29:f9:3c:
1d:48:5d:35:a0:24:42:26:e3:e4:e3:a5:f5:28:f4:3e:95:0b:
2d:92:10:fb:4b:b1:99:c3:56:dd:4a:96:6b:70:16:eb:f4:5f:
5c:8b:03:ea:a3:8c:d8:b4:91:dd:ba:62:15:6a:a5:10:ec:43:
4f:df:6d:1f:22:3f:c6:24:e6:da:ed:53:84:dd:0e:0b:9a:ac:
f3:75:07:ee:0c:18:23:f4:9a:88:61:52:94:c3:d3:a5:24:89:
9f:f9:c1:9a:ef:b2:82:64:98:b2:93:6a:ce:8e:bb:dd:cb:e3:
1b:c9:75:25
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHMfy6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDQw
NjEzMTE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIxODI5NTQ1YmQ0
MThhMjZkYmQ2OGUyYjBmODk2NzY3ZGZjZTlhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtaQWs9IfA1tFr/EsRngI4eXZq3At9n1QfAbIDFMExBlP5I
BRCynBlX3HQN2y2SZpZthX38xQkw3CffZysomSdrkUT0G2SMbylEpbyEAvlE+w8k
oJwGUYhuSsXjxBkdLrOm3OnJc9/e+AL2sQCIwFW/1f81AAzIMSK1YYutW4XshyR6
kAx9QKbAJXwbo1bWLWZCw5aoWs8A/yC9T2xPSZGw6Phs3R2VNCuxQdnDas0xmR5/
yKi4gjBKJ/Lp8JBhyHzxtD3KY22oRr+qQHmGgIstT0fwZkrZ5HxPpICJzKF908sq
tP4FS14N8mYzX9P6QDzPbW9TWRqJALcYBDW8LesCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRLGClUW9QYom29aOKw+JZ2ffzppTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L1N4Z3BWRnZVR0tKdHZXamlzUGlXZG4zODZhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvtXAMEAVvv3AMEAFv2yAMEAG3P
gDANBgkqhkiG9w0BAQsFAAOCAQEASLXlUqd6YOrOpfj4PvuwdJO8YPJt3j0GYuO/
SXUSyHNWAU+z/hq5w2QYwySiqp41UaEbqcBKv0IhhsOPjISuZEaJZw/FK49FmQ9d
3rxrrP8Vyeu0moPc0g+fpEFEfGIeGlCcRksY1KWx7A+wuInQttkvM2QirKEq1/1o
CP1U+x3GmA9FvF0lAwSTwu3uKfk8HUhdNaAkQibj5OOl9Sj0PpULLZIQ+0uxmcNW
3UqWa3AW6/RfXIsD6qOM2LSR3bpiFWqlEOxDT99tHyI/xiTm2u1ThN0OC5qs83UH
7gwYI/SaiGFSlMPTpSSJn/nBmu+ygmSYspNqzo673cvjG8l1JQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org