Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xtme6TCGlm4D3tayy2MkK-BIQJk.roa
File: xtme6TCGlm4D3tayy2MkK-BIQJk.roa (raw, json)
Hash identifier: QKKrhvfL4iobBPsoHQIuDCyqkAI3uOXdwv9Pd57gUJU=
Subject key identifier: C6:D9:9E:E9:30:86:96:6E:03:DE:D6:B2:CB:63:24:2B:E0:48:40:99
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0182FEEE910EC19806656397BA8315FD26F1
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xtme6TCGlm4D3tayy2MkK-BIQJk.roa
Signing time: Fri 02 Sep 2022 16:00:23 +0000
ROA not before: Fri 02 Sep 2022 16:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 91.239.220.0/23 maxlen: 23
91.237.92.0/24 maxlen: 24
64.43.73.0/24 maxlen: 24
91.246.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:ee:91:0e:c1:98:06:65:63:97:ba:83:15:fd:26:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 2 16:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6d99ee93086966e03ded6b2cb63242be0484099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:29:4b:96:d9:b7:3c:59:0b:94:ed:97:a3:ee:
7f:db:44:04:2c:6c:d1:6b:38:90:62:c0:3e:34:cd:
d6:81:9a:4b:c4:9b:62:9b:23:f0:ad:59:07:25:66:
7e:bd:da:94:1b:f0:99:a4:a6:f7:7c:36:c6:b2:b7:
83:4d:72:a2:11:18:72:18:74:47:96:cc:59:3a:3e:
b2:71:82:ee:9d:d6:a1:ff:45:e4:6c:3f:f7:1f:82:
cd:52:06:c4:1e:e3:94:93:48:c8:8b:1d:f8:a3:2c:
c3:3c:23:73:6b:a0:01:42:7d:11:e2:64:7a:97:f3:
b1:a2:87:bd:8a:4d:f3:fc:f4:39:7c:27:28:7e:86:
bb:40:50:55:a1:2b:19:6a:f4:4b:30:d9:5c:13:dd:
7d:ec:b5:99:cb:44:ba:e8:24:a8:31:40:ce:7f:42:
2b:e7:cd:d3:ff:e0:4d:2b:8f:60:01:14:44:5d:8d:
5c:4a:e7:98:27:f6:14:0b:d7:4b:70:57:bc:8f:ae:
4a:ea:15:de:8c:7a:45:59:9a:77:b1:15:bc:df:bb:
63:7e:01:1f:94:ba:35:80:6f:c9:ed:bf:71:14:95:
3d:bc:3b:f7:d1:81:bc:55:f5:a0:9d:07:df:1e:91:
0e:cd:7a:69:09:ba:23:2a:29:c0:2a:c8:8b:1e:af:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D9:9E:E9:30:86:96:6E:03:DE:D6:B2:CB:63:24:2B:E0:48:40:99
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xtme6TCGlm4D3tayy2MkK-BIQJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.73.0/24
91.237.92.0/24
91.239.220.0/23
91.246.200.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:77:b2:fa:33:8a:ec:f2:76:e7:85:91:9f:5c:64:4b:4c:8a:
4d:f7:c1:97:97:56:ac:75:92:c2:34:3b:9a:eb:22:b6:a4:bf:
3e:e0:82:b2:33:06:7b:ec:11:99:92:af:1b:ef:aa:30:9a:49:
ce:d8:d8:07:41:f4:58:30:2a:7d:d7:49:64:2a:27:39:ba:9b:
ff:64:6f:64:62:7c:3f:c2:7e:f1:38:78:29:de:a9:82:2f:bf:
81:a6:e6:b4:b2:02:3a:28:59:9b:00:df:6a:d7:78:29:1a:a1:
12:b8:51:cc:8d:36:12:a2:4c:0d:24:d9:37:b2:f7:2e:ed:9e:
4f:05:fd:ab:d2:be:47:88:78:88:fa:44:e9:d8:0c:95:33:08:
97:e8:09:2a:e1:f6:5d:ee:3b:db:c5:24:1f:10:10:15:14:a6:
f3:ee:38:70:ce:c7:c9:b4:d3:e4:38:d7:7d:08:69:c7:a7:73:
cd:d1:8b:e0:d4:9a:e1:b2:1f:fc:89:e4:0b:87:d8:9d:8e:87:
3b:5a:2d:13:22:1e:d9:5a:73:9b:e4:60:4b:3c:b3:4a:bb:ab:
64:45:a7:df:07:46:09:a9:bf:b0:f1:2d:b5:13:5b:66:59:ea:
7d:1d:a4:6a:fe:b5:7c:9d:4d:18:10:80:11:e9:dc:5b:a5:9b:
bd:13:d4:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYL+7pEOwZgGZWOXuoMV/SbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwOTAyMTYwMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ5OWVlOTMwODY5NjZlMDNkZWQ2YjJjYjYzMjQyYmUwNDg0MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkClLltm3PFkLlO2Xo+5/20QELGzR
aziQYsA+NM3WgZpLxJtimyPwrVkHJWZ+vdqUG/CZpKb3fDbGsreDTXKiERhyGHRH
lsxZOj6ycYLundah/0XkbD/3H4LNUgbEHuOUk0jIix34oyzDPCNza6ABQn0R4mR6
l/Oxooe9ik3z/PQ5fCcofoa7QFBVoSsZavRLMNlcE9197LWZy0S66CSoMUDOf0Ir
583T/+BNK49gARREXY1cSueYJ/YUC9dLcFe8j65K6hXejHpFWZp3sRW837tjfgEf
lLo1gG/J7b9xFJU9vDv30YG8VfWgnQffHpEOzXppCbojKinAKsiLHq9sSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMbZnukwhpZuA97WsstjJCvgSECZMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEveHRtZTZUQ0dsbTREM3RheXkyTWtLLUJJUUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQCtJAwQA
W+1cAwQBW+/cAwQAW/bIMA0GCSqGSIb3DQEBCwUAA4IBAQAdd7L6M4rs8nbnhZGf
XGRLTIpN98GXl1asdZLCNDua6yK2pL8+4IKyMwZ77BGZkq8b76owmknO2NgHQfRY
MCp910lkKic5upv/ZG9kYnw/wn7xOHgp3qmCL7+Bpua0sgI6KFmbAN9q13gpGqES
uFHMjTYSokwNJNk3svcu7Z5PBf2r0r5HiHiI+kTp2AyVMwiX6Akq4fZd7jvbxSQf
EBAVFKbz7jhwzsfJtNPkONd9CGnHp3PN0Yvg1Jrhsh/8ieQLh9idjoc7Wi0TIh7Z
WnOb5GBLPLNKu6tkRaffB0YJqb+w8S21E1tmWep9HaRq/rV8nU0YEIAR6dxbpZu9
E9Rp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org