Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/e7CQkVeisJbVrbTCIxlNsbi3SvI.roa
File: e7CQkVeisJbVrbTCIxlNsbi3SvI.roa (raw, json)
Hash identifier: PQxvViE86FkyEp392xskc6X1UnuCvNPR5n9aUH0xnUg=
Subject key identifier: 7B:B0:90:91:57:A2:B0:96:D5:AD:B4:C2:23:19:4D:B1:B8:B7:4A:F2
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C9B821A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/e7CQkVeisJbVrbTCIxlNsbi3SvI.roa
Signing time: Wed 23 Mar 2022 10:22:22 +0000
ROA not before: Wed 23 Mar 2022 10:22:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209104
IP address blocks: 176.116.230.0/23 maxlen: 24
91.233.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 479953434 (0x1c9b821a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 23 10:22:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bb0909157a2b096d5adb4c223194db1b8b74af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:80:70:ce:78:cd:62:e4:a6:13:b0:bd:e8:7a:
71:e3:14:ff:61:fe:b7:a6:df:40:85:b0:e7:d5:c2:
b1:29:06:4a:49:66:17:1a:27:f2:af:40:b5:5e:71:
24:49:55:d8:4e:fa:42:71:00:0a:3b:b5:98:32:6f:
9e:b4:41:4b:f2:36:6b:28:ae:40:d2:5c:b0:03:fb:
8a:9a:ec:49:00:be:c8:e8:b2:16:76:cf:39:42:ce:
e1:3d:56:18:d2:2f:de:e6:a5:78:c6:4e:81:a8:d1:
0a:37:cb:54:4b:87:c2:88:14:4a:f7:67:9c:4d:f7:
58:4b:9c:59:dd:b9:59:32:98:cf:62:8e:31:f5:d3:
51:bb:65:69:8f:91:57:e0:86:0c:0b:85:f3:be:63:
49:30:90:48:e6:2a:5c:ed:2f:3b:fb:e0:a1:64:58:
16:d5:3e:ce:2c:2e:76:50:af:8e:bd:55:2c:6f:0b:
1d:44:2d:07:1a:63:1e:32:8b:ac:32:f3:31:78:86:
2e:80:bc:3f:e8:16:3b:89:37:b8:7e:71:cb:7a:3a:
55:e1:fa:19:5a:0e:b3:e5:25:17:41:c3:75:68:8b:
1a:54:9e:69:be:bd:8e:2a:c8:33:47:8d:ca:64:5a:
e1:81:75:28:b8:b0:7e:11:d0:62:26:40:db:26:06:
fb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B0:90:91:57:A2:B0:96:D5:AD:B4:C2:23:19:4D:B1:B8:B7:4A:F2
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/e7CQkVeisJbVrbTCIxlNsbi3SvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.201.0/24
176.116.230.0/23
Signature Algorithm: sha256WithRSAEncryption
17:ef:5a:5f:44:bb:b5:b5:04:fd:a8:59:d4:6b:25:bf:1e:c4:
4c:11:c8:57:7d:5b:15:8e:96:25:5f:1c:c3:f4:0e:58:a2:6e:
d9:27:a4:d0:59:21:a1:4b:fe:0e:e0:04:8f:8e:7d:e5:0c:5b:
cc:ef:fa:72:bd:75:b5:5c:b8:b6:91:e6:72:86:e9:58:c4:d6:
84:14:c6:36:a3:ab:67:ca:04:0e:36:62:8d:4c:29:5a:92:38:
34:c8:83:00:84:54:64:25:81:a7:08:97:54:f8:ab:b2:eb:a4:
1f:28:73:48:66:93:75:cb:06:87:d7:88:ca:a3:db:fd:84:77:
50:dc:41:80:8f:d8:8b:02:6e:ab:ae:31:5d:04:24:25:e4:5b:
ec:26:e2:d1:6c:fd:a9:1f:73:0f:37:d7:3c:71:45:3c:6c:88:
5f:12:d8:eb:75:4c:89:17:ab:c8:c4:13:67:1a:c7:e1:ca:ea:
86:30:01:99:36:c0:98:6c:ea:e6:c4:92:22:97:7d:37:71:34:
de:2d:a8:f0:af:1d:92:7b:2a:6a:4e:f1:f2:bf:ac:02:ee:fc:
0b:a2:c3:35:d0:68:14:34:82:39:0e:cb:f6:19:e2:20:06:31:
57:aa:43:bd:64:32:2c:ba:8e:91:16:ac:21:be:ec:a9:d3:fa:
a8:62:6a:0b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHJuCGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMy
MzEwMjIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JiMDkwOTE1N2Ey
YjA5NmQ1YWRiNGMyMjMxOTRkYjFiOGI3NGFmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeAcM54zWLkphOwveh6ceMU/2H+t6bfQIWw59XCsSkGSklm
Fxon8q9AtV5xJElV2E76QnEACju1mDJvnrRBS/I2ayiuQNJcsAP7iprsSQC+yOiy
FnbPOULO4T1WGNIv3ualeMZOgajRCjfLVEuHwogUSvdnnE33WEucWd25WTKYz2KO
MfXTUbtlaY+RV+CGDAuF875jSTCQSOYqXO0vO/vgoWRYFtU+ziwudlCvjr1VLG8L
HUQtBxpjHjKLrDLzMXiGLoC8P+gWO4k3uH5xy3o6VeH6GVoOs+UlF0HDdWiLGlSe
ab69jirIM0eNymRa4YF1KLiwfhHQYiZA2yYG+88CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR7sJCRV6KwltWttMIjGU2xuLdK8jAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2U3Q1FrVmVpc0piVnJiVENJeGxOc2JpM1N2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvpyQMEAbB05jANBgkqhkiG9w0B
AQsFAAOCAQEAF+9aX0S7tbUE/ahZ1Gslvx7ETBHIV31bFY6WJV8cw/QOWKJu2Sek
0FkhoUv+DuAEj4595QxbzO/6cr11tVy4tpHmcobpWMTWhBTGNqOrZ8oEDjZijUwp
WpI4NMiDAIRUZCWBpwiXVPirsuukHyhzSGaTdcsGh9eIyqPb/YR3UNxBgI/YiwJu
q64xXQQkJeRb7Cbi0Wz9qR9zDzfXPHFFPGyIXxLY63VMiReryMQTZxrH4crqhjAB
mTbAmGzq5sSSIpd9N3E03i2o8K8dknsqak7x8r+sAu78C6LDNdBoFDSCOQ7L9hni
IAYxV6pDvWQyLLqOkRasIb7sqdP6qGJqCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org