Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/TwRqzrL6K-X3Iac0fBTAb45k8_Q.roa
File: TwRqzrL6K-X3Iac0fBTAb45k8_Q.roa (raw, json)
Hash identifier: HpEVlj9tao2D6qW+ir+PuC8qbA0J8cQFPWkB3U/b6ok=
Subject key identifier: 4F:04:6A:CE:B2:FA:2B:E5:F7:21:A7:34:7C:14:C0:6F:8E:64:F3:F4
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018476267A6CCC1EF373F05D513912BE568A
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/TwRqzrL6K-X3Iac0fBTAb45k8_Q.roa
Signing time: Mon 14 Nov 2022 12:39:03 +0000
ROA not before: Mon 14 Nov 2022 12:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:26:7a:6c:cc:1e:f3:73:f0:5d:51:39:12:be:56:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 14 12:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f046aceb2fa2be5f721a7347c14c06f8e64f3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:84:63:96:15:02:ef:e9:25:7a:1c:88:3f:6e:
ad:69:f0:09:54:9d:d9:c4:1a:30:09:94:e5:7d:34:
54:31:99:ee:b6:b8:d8:f2:40:a6:ed:86:37:cc:06:
19:ea:59:39:fc:d9:35:2e:ab:ad:3a:5f:09:fd:cd:
21:6e:b6:ed:3b:a4:8c:9f:c6:37:3c:49:c3:48:5e:
ac:0f:0a:61:c9:f3:c9:d4:0c:b2:07:85:5a:6f:25:
3a:7e:6d:cd:31:8b:32:34:50:05:49:4b:cf:eb:35:
42:60:1f:35:05:f0:4b:1f:fd:5d:f3:59:9d:d3:96:
83:c0:90:b1:a8:d3:6e:46:07:c2:10:3b:b4:e8:4e:
99:f1:b9:87:d4:92:5a:21:82:34:fa:a3:09:5b:11:
da:1f:4c:18:80:e5:f3:41:41:ef:1c:2d:67:d3:23:
6b:87:08:fd:45:f7:5a:27:54:87:ad:3c:c5:55:e1:
8b:e4:53:3d:68:48:c2:38:73:2b:c5:80:7a:73:4a:
f5:af:8a:74:7f:26:54:e8:78:13:bb:67:90:be:23:
08:29:05:3c:9a:02:75:22:d1:20:d7:42:c4:ae:d6:
45:30:4a:56:66:27:94:4d:50:26:3a:2b:de:0c:56:
be:41:13:b7:29:a6:6d:45:cc:db:cb:c3:c7:49:56:
5b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:04:6A:CE:B2:FA:2B:E5:F7:21:A7:34:7C:14:C0:6F:8E:64:F3:F4
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/TwRqzrL6K-X3Iac0fBTAb45k8_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:6f:1c:4a:ac:8f:b3:b8:29:c9:75:3f:ae:72:d0:5d:77:81:
23:96:15:4e:e6:6b:d3:08:07:22:db:71:95:f0:bd:69:2b:d8:
cb:6d:2d:9b:78:21:63:cc:e1:fc:69:10:63:89:19:d3:17:66:
78:3c:8f:6c:91:d2:5f:a1:fe:73:d9:c7:43:f7:8e:7a:a2:75:
48:d5:1e:c1:18:43:6e:8b:77:26:61:3b:6d:85:9f:7d:04:e2:
db:78:29:cd:a2:0b:cb:68:12:31:e5:7a:a5:81:6a:35:7c:4f:
84:3d:6a:22:1d:1d:31:f0:d7:b4:13:66:0f:58:a8:2a:4e:a3:
69:df:e2:dc:a8:d0:7e:41:6c:17:8b:61:e7:2f:9e:fe:da:7b:
98:3f:09:d2:93:bf:10:aa:b7:82:11:a9:67:3e:54:83:33:ef:
14:35:ef:0e:ec:c3:47:e8:43:b0:56:09:64:ce:7f:da:ac:08:
a5:72:44:9d:c4:6b:88:a3:18:7c:80:62:b7:80:4d:99:b2:a7:
a9:f2:83:86:11:d4:a7:91:30:e8:00:2b:72:ad:9e:2e:c3:16:
e7:c3:56:a1:8c:99:73:ea:51:cd:90:cb:a4:da:2a:c1:8e:b6:
87:10:22:e2:11:5f:2d:34:79:5b:b7:7e:e5:01:1e:05:1c:e1:
02:96:e5:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYR2JnpszB7zc/BdUTkSvlaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMTE0MTIzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA0NmFjZWIyZmEyYmU1ZjcyMWE3MzQ3YzE0YzA2ZjhlNjRmM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYRjlhUC7+klehyIP26tafAJVJ3Z
xBowCZTlfTRUMZnutrjY8kCm7YY3zAYZ6lk5/Nk1LqutOl8J/c0hbrbtO6SMn8Y3
PEnDSF6sDwphyfPJ1AyyB4VabyU6fm3NMYsyNFAFSUvP6zVCYB81BfBLH/1d81md
05aDwJCxqNNuRgfCEDu06E6Z8bmH1JJaIYI0+qMJWxHaH0wYgOXzQUHvHC1n0yNr
hwj9RfdaJ1SHrTzFVeGL5FM9aEjCOHMrxYB6c0r1r4p0fyZU6HgTu2eQviMIKQU8
mgJ1ItEg10LErtZFMEpWZieUTVAmOiveDFa+QRO3KaZtRczby8PHSVZbvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8Eas6y+ivl9yGnNHwUwG+OZPP0MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvVHdScXpyTDZLLVgzSWFjMGZCVEFiNDVrOF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QMAwQB
W+QOAwQAXpokMA0GCSqGSIb3DQEBCwUAA4IBAQCibxxKrI+zuCnJdT+uctBdd4Ej
lhVO5mvTCAci23GV8L1pK9jLbS2beCFjzOH8aRBjiRnTF2Z4PI9skdJfof5z2cdD
9456onVI1R7BGENui3cmYTtthZ99BOLbeCnNogvLaBIx5XqlgWo1fE+EPWoiHR0x
8Ne0E2YPWKgqTqNp3+LcqNB+QWwXi2HnL57+2nuYPwnSk78QqreCEalnPlSDM+8U
Ne8O7MNH6EOwVglkzn/arAilckSdxGuIoxh8gGK3gE2Zsqep8oOGEdSnkTDoACty
rZ4uwxbnw1ahjJlz6lHNkMuk2irBjraHECLiEV8tNHlbt37lAR4FHOECluUc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org