Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/wNRVvVwLOsRUkt0fp0U1mzsR8fw.roa
File: wNRVvVwLOsRUkt0fp0U1mzsR8fw.roa (raw, json)
Hash identifier: zq0dlWAaqGUFs5zq4L3QaSIOikRxBBF6NUHULtadEQk=
Subject key identifier: C0:D4:55:BD:5C:0B:3A:C4:54:92:DD:1F:A7:45:35:9B:3B:11:F1:FC
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01845C331BC66637BD24ED2BBD8A7B5DC4CE
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/wNRVvVwLOsRUkt0fp0U1mzsR8fw.roa
Signing time: Wed 09 Nov 2022 11:42:43 +0000
ROA not before: Wed 09 Nov 2022 11:42:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201011
IP address blocks: 91.238.41.0/24 maxlen: 24
91.238.42.0/24 maxlen: 24
91.238.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:33:1b:c6:66:37:bd:24:ed:2b:bd:8a:7b:5d:c4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 9 11:42:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0d455bd5c0b3ac45492dd1fa745359b3b11f1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:32:3c:56:a6:04:c0:91:c3:1d:70:b2:5e:3c:
4b:2a:e1:38:d0:0f:c6:67:28:1b:78:97:e0:fb:bd:
4e:12:00:b5:a6:7d:3c:ad:92:c9:b0:63:63:6d:9f:
a3:b3:37:c2:9a:84:da:a8:d4:2c:04:d8:38:26:82:
fa:3b:fe:be:0e:b9:7f:36:8d:0d:a9:98:6d:f3:c8:
6b:c2:a7:72:e6:a9:d2:4f:29:40:d3:83:9c:e4:be:
92:c2:a4:33:9d:fd:84:37:f5:47:b2:91:9a:30:7f:
4b:14:69:61:6c:56:a7:23:73:ce:df:12:a5:05:80:
5f:89:2a:ad:cb:8b:98:08:4b:ff:b6:b1:24:fd:e4:
47:51:1c:74:c2:06:fe:b9:56:53:50:62:a6:2f:0f:
0a:b5:11:f4:58:d0:43:de:6f:60:a4:95:06:85:ae:
76:8f:19:86:20:6e:01:4f:2d:d4:10:6c:32:f8:6d:
9b:fc:7a:9e:67:5e:d2:86:39:80:d2:de:5c:59:2b:
f0:66:ec:8f:2a:60:ab:09:bd:d4:d3:e9:da:d3:18:
c1:af:7c:d9:e4:53:d7:63:27:2f:5a:c3:01:43:f5:
80:c0:d1:be:42:0d:8f:9f:58:17:8d:a9:af:66:f9:
86:9d:98:1b:a9:c2:fe:33:cb:0f:32:89:b8:72:75:
33:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D4:55:BD:5C:0B:3A:C4:54:92:DD:1F:A7:45:35:9B:3B:11:F1:FC
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/wNRVvVwLOsRUkt0fp0U1mzsR8fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.41.0-91.238.43.255
Signature Algorithm: sha256WithRSAEncryption
03:1b:e2:56:6f:98:98:7f:d5:7a:9a:1a:68:4b:6e:5b:8c:75:
3b:d8:25:84:b6:66:8d:92:6f:8c:eb:07:6c:52:9b:ff:6f:d6:
15:33:3b:e4:16:34:81:7a:dd:50:09:3d:96:0e:95:52:48:e6:
a5:4d:ff:5f:74:cb:e8:01:4e:bb:c5:32:b8:ce:ee:1d:c0:df:
d3:be:4b:86:f1:76:88:94:26:c4:b2:34:dc:63:3a:2c:96:79:
1f:de:07:64:c4:64:d9:90:ad:b6:52:a2:8f:5d:58:9c:48:8a:
94:29:a6:63:8b:60:d4:73:77:b1:c2:87:b9:dc:a2:60:8c:e6:
7e:cd:32:9e:05:f2:e8:88:0a:3e:42:dc:75:c1:7e:9b:26:d2:
86:ca:11:51:c4:1a:e7:f9:27:35:4d:07:5c:1a:59:98:af:a9:
36:26:ae:38:a2:17:71:d0:ac:60:5b:1f:af:9a:41:b9:88:4d:
c8:56:8c:28:1c:02:17:32:c6:ec:c8:78:58:f5:1d:c8:0e:5a:
eb:89:f5:b6:ec:f3:b8:3a:d2:25:a2:a2:8b:4c:90:1f:4b:59:
37:80:6e:89:99:d7:35:53:6c:8a:7b:d0:e9:ee:f0:79:03:51:
c7:d0:f7:b9:49:0a:1c:5c:3d:2b:05:8a:56:5f:c7:84:20:57:
f7:b1:9b:7d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYRcMxvGZje9JO0rvYp7XcTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTA5MTE0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ0NTViZDVjMGIzYWM0NTQ5MmRkMWZhNzQ1MzU5YjNiMTFmMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjI8VqYEwJHDHXCyXjxLKuE40A/G
ZygbeJfg+71OEgC1pn08rZLJsGNjbZ+jszfCmoTaqNQsBNg4JoL6O/6+Drl/No0N
qZht88hrwqdy5qnSTylA04Oc5L6SwqQznf2EN/VHspGaMH9LFGlhbFanI3PO3xKl
BYBfiSqty4uYCEv/trEk/eRHURx0wgb+uVZTUGKmLw8KtRH0WNBD3m9gpJUGha52
jxmGIG4BTy3UEGwy+G2b/HqeZ17ShjmA0t5cWSvwZuyPKmCrCb3U0+na0xjBr3zZ
5FPXYycvWsMBQ/WAwNG+Qg2Pn1gXjamvZvmGnZgbqcL+M8sPMom4cnUzNQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMDUVb1cCzrEVJLdH6dFNZs7EfH8MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvd05SVnZWd0xPc1JVa3QwZnAwVTFtenNSOGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb7ikD
BAJb7igwDQYJKoZIhvcNAQELBQADggEBAAMb4lZvmJh/1XqaGmhLbluMdTvYJYS2
Zo2Sb4zrB2xSm/9v1hUzO+QWNIF63VAJPZYOlVJI5qVN/190y+gBTrvFMrjO7h3A
39O+S4bxdoiUJsSyNNxjOiyWeR/eB2TEZNmQrbZSoo9dWJxIipQppmOLYNRzd7HC
h7ncomCM5n7NMp4F8uiICj5C3HXBfpsm0obKEVHEGuf5JzVNB1waWZivqTYmrjii
F3HQrGBbH6+aQbmITchWjCgcAhcyxuzIeFj1HcgOWuuJ9bbs87g60iWiootMkB9L
WTeAbomZ1zVTbIp70Onu8HkDUcfQ97lJChxcPSsFilZfx4QgV/exm30=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org