Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/b9VZFwRuUX6k3Nb1dMhFueCEeLU.roa
File: b9VZFwRuUX6k3Nb1dMhFueCEeLU.roa (raw, json)
Hash identifier: gUFcL1RaehFwD7cguOdHLCjiyQodK6K0OFQ76iUHRMM=
Subject key identifier: 6F:D5:59:17:04:6E:51:7E:A4:DC:D6:F5:74:C8:45:B9:E0:84:78:B5
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01839F8BD2F50DA84A7DB15B134A2FE56A11
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/b9VZFwRuUX6k3Nb1dMhFueCEeLU.roa
Signing time: Mon 03 Oct 2022 20:31:24 +0000
ROA not before: Mon 03 Oct 2022 20:31:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9f:8b:d2:f5:0d:a8:4a:7d:b1:5b:13:4a:2f:e5:6a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 3 20:31:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fd55917046e517ea4dcd6f574c845b9e08478b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:eb:22:3e:c7:c7:8d:b1:bf:11:f2:c1:57:21:
67:be:e2:db:02:f2:f9:96:a8:2f:93:64:09:db:e7:
bd:27:ff:7b:cf:df:a1:0c:ff:74:0e:37:e6:5c:33:
91:da:f5:1f:7d:a8:7c:48:7f:44:f1:ce:0a:19:3e:
be:ef:b3:2c:f2:bb:b6:fd:47:72:70:61:8f:d7:92:
65:0f:1d:3e:55:1d:ac:8d:cb:bb:0e:6b:8a:bb:cc:
78:06:7d:76:8e:dc:ab:64:fd:00:53:35:86:ad:7b:
04:7a:90:3f:24:38:5a:1b:97:7a:e9:bd:71:cc:54:
36:c6:1c:ef:b5:30:55:32:c5:17:62:68:23:a5:90:
bb:d8:74:31:5a:30:60:07:d4:3c:2a:67:9e:cd:18:
c3:c5:06:85:79:c7:9c:7e:6e:d1:80:5a:75:70:21:
2c:96:81:71:ca:f7:cd:64:c9:f9:15:f0:61:64:83:
5f:a7:ea:f1:39:0b:18:6c:07:ca:2e:e9:81:51:09:
65:53:09:e4:e8:4e:a1:fa:9a:87:f3:2c:1a:8f:e6:
b5:14:ab:1b:f1:51:97:7c:15:2e:a2:fd:d6:22:8b:
03:e9:82:f1:87:08:70:0c:c6:66:4c:5c:60:b9:e9:
0d:2b:53:69:11:bb:97:93:4d:9b:13:32:6c:cf:f4:
79:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D5:59:17:04:6E:51:7E:A4:DC:D6:F5:74:C8:45:B9:E0:84:78:B5
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/b9VZFwRuUX6k3Nb1dMhFueCEeLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.32.0-94.154.36.255
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
86:07:5a:16:e5:bc:86:8d:2b:06:46:5b:9f:1c:20:68:4d:5c:
85:f7:d2:4e:7f:8c:3c:9d:b5:be:ff:ed:68:88:3f:be:18:a1:
86:1a:47:0f:0c:96:ce:db:96:24:ee:cc:94:ea:0e:56:31:ba:
3a:16:94:eb:e5:38:e1:f0:50:66:92:f0:19:18:ae:ad:88:62:
a0:a8:09:7c:15:ac:2c:d9:fb:f0:b1:2c:46:ca:7d:ba:c3:80:
a3:4f:68:8f:e9:ab:c6:d3:ac:db:01:2a:71:09:25:66:68:ae:
cd:68:19:5c:c3:62:30:e5:38:b7:53:5f:6d:c9:78:ea:b6:96:
99:1c:b2:c6:55:cd:af:e8:8e:4d:cf:f4:42:53:86:f4:26:ca:
1a:13:a0:ab:8a:02:2e:6d:57:73:8e:5d:62:e0:db:35:6f:e5:
8d:36:07:a4:f7:0a:35:6a:8a:a4:95:60:e3:0a:b4:00:0f:9e:
35:b0:c8:f1:88:2b:a2:28:51:ff:1f:b5:ef:8d:01:d4:dd:fa:
b1:d3:25:65:57:fe:47:4e:89:60:6e:2f:20:26:09:7a:82:1d:
81:06:f4:e6:97:0d:12:f2:c8:83:5f:fa:84:bb:7d:1b:76:9f:
82:79:26:15:a9:99:9e:00:ff:db:cc:10:16:2e:1b:c2:91:10:
f7:5e:9b:7f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYOfi9L1DahKfbFbE0ov5WoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMDAzMjAzMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ1NTkxNzA0NmU1MTdlYTRkY2Q2ZjU3NGM4NDViOWUwODQ3OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnusiPsfHjbG/EfLBVyFnvuLbAvL5
lqgvk2QJ2+e9J/97z9+hDP90DjfmXDOR2vUffah8SH9E8c4KGT6+77Ms8ru2/Udy
cGGP15JlDx0+VR2sjcu7DmuKu8x4Bn12jtyrZP0AUzWGrXsEepA/JDhaG5d66b1x
zFQ2xhzvtTBVMsUXYmgjpZC72HQxWjBgB9Q8KmeezRjDxQaFececfm7RgFp1cCEs
loFxyvfNZMn5FfBhZINfp+rxOQsYbAfKLumBUQllUwnk6E6h+pqH8ywaj+a1FKsb
8VGXfBUuov3WIosD6YLxhwhwDMZmTFxguekNK1NpEbuXk02bEzJsz/R5EwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG/VWRcEblF+pNzW9XTIRbnghHi1MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvYjlWWkZ3UnVVWDZrM05iMWRNaEZ1ZUNFZUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QNMAwD
BAVemiADBABemiQDBABemiYwDQYJKoZIhvcNAQELBQADggEBAIYHWhblvIaNKwZG
W58cIGhNXIX30k5/jDydtb7/7WiIP74YoYYaRw8Mls7bliTuzJTqDlYxujoWlOvl
OOHwUGaS8BkYrq2IYqCoCXwVrCzZ+/CxLEbKfbrDgKNPaI/pq8bTrNsBKnEJJWZo
rs1oGVzDYjDlOLdTX23JeOq2lpkcssZVza/ojk3P9EJThvQmyhoToKuKAi5tV3OO
XWLg2zVv5Y02B6T3CjVqiqSVYOMKtAAPnjWwyPGIK6IoUf8fte+NAdTd+rHTJWVX
/kdOiWBuLyAmCXqCHYEG9OaXDRLyyINf+oS7fRt2n4J5JhWpmZ4A/9vMEBYuG8KR
EPdem38=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org