Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/guuvJLhxXn5-cNWuPX2d8LM-4fo.roa
File: guuvJLhxXn5-cNWuPX2d8LM-4fo.roa (raw, json)
Hash identifier: NXPECRvU6+78Itl2cIo6l1P5oMeKuXXU1Ra1YrotgVo=
Subject key identifier: 82:EB:AF:24:B8:71:5E:7E:7E:70:D5:AE:3D:7D:9D:F0:B3:3E:E1:FA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0184235E950AFA8B2162EAA62B56D78D0CE6
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/guuvJLhxXn5-cNWuPX2d8LM-4fo.roa
Signing time: Sat 29 Oct 2022 10:51:51 +0000
ROA not before: Sat 29 Oct 2022 10:51:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:23:5e:95:0a:fa:8b:21:62:ea:a6:2b:56:d7:8d:0c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 29 10:51:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82ebaf24b8715e7e7e70d5ae3d7d9df0b33ee1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:25:73:6e:1b:af:33:cc:37:4d:53:c2:33:55:
70:da:02:a0:34:5d:39:ee:ee:37:f5:2c:1c:9a:82:
71:02:ea:b3:29:40:25:8c:c9:32:30:fd:42:28:98:
95:67:80:81:1e:03:13:5e:77:5f:7d:49:c4:f7:f9:
b7:38:97:c7:34:86:30:82:ef:7a:52:a4:51:02:86:
ff:c8:db:0c:a4:10:f1:88:15:fd:de:c8:79:ba:86:
50:98:7b:c8:fa:5a:4b:4f:d8:fc:8a:80:dd:0e:0a:
55:83:cd:c8:26:96:a9:9c:8f:c4:74:1b:70:f7:8f:
77:75:90:7e:87:9c:96:ed:3d:15:8f:42:bf:25:ef:
24:8e:47:2d:8f:40:f0:7b:11:2e:e0:29:61:e0:16:
f1:9c:d6:8b:c6:84:f9:3d:e1:26:06:af:99:48:52:
b0:1a:77:14:ed:f1:ea:16:81:b0:3b:eb:51:22:02:
63:82:8c:cf:d4:ef:0d:6f:c5:f7:c7:fd:30:d9:b7:
e1:ac:a4:30:10:2e:19:56:58:eb:01:e5:46:f7:93:
bf:3b:d0:76:43:e8:a3:b4:99:c5:1a:84:0d:9e:1d:
f1:8f:4e:58:74:a2:4d:01:68:20:5a:7e:6a:b6:ce:
c9:db:bc:1a:df:ca:e3:40:7f:9f:a6:25:b1:64:ff:
40:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:EB:AF:24:B8:71:5E:7E:7E:70:D5:AE:3D:7D:9D:F0:B3:3E:E1:FA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/guuvJLhxXn5-cNWuPX2d8LM-4fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.37.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
6b:7f:a9:49:7a:84:6b:e5:3f:d9:94:a4:e4:0f:9f:7e:ef:1b:
42:bf:fc:90:61:2f:0d:d9:75:3d:70:ee:c2:c9:47:15:3b:36:
04:d6:d4:6a:99:a8:11:3c:34:e2:e1:1d:9f:b0:74:02:9f:1f:
ec:60:ba:43:7a:77:8e:cc:be:48:76:ef:2a:f5:83:92:fd:07:
74:86:7f:e0:ed:af:05:f7:53:b7:d6:20:64:9a:bf:f5:1b:93:
88:75:78:38:ef:5c:4d:f3:dd:dd:c0:20:90:10:3b:85:a3:a4:
66:c0:e8:ee:ae:cc:c7:b0:c8:be:d2:72:bc:9d:93:7c:de:99:
de:63:e1:d6:f7:d4:c9:fc:77:b5:b5:80:22:e6:f5:af:6b:bf:
ea:b2:b8:0a:32:f3:80:07:99:03:3c:8a:16:83:a0:3d:da:87:
a3:44:ba:6f:c8:a4:29:4a:ef:eb:ff:23:e1:a3:26:8f:ac:de:
cc:4b:b0:ad:44:56:3d:8b:45:18:f5:e0:c7:0e:16:48:b6:f4:
ab:a8:92:e6:35:64:bb:12:db:96:c6:57:be:6e:e3:41:f0:a0:
f5:0a:f8:25:90:49:92:ec:c7:a8:b3:95:45:62:70:ba:66:c2:
bc:9d:87:9a:0f:6e:ca:ff:04:95:d4:f4:5b:0a:56:ad:20:1a:
5c:cd:77:00
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYQjXpUK+oshYuqmK1bXjQzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMDI5MTA1MTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmViYWYyNGI4NzE1ZTdlN2U3MGQ1YWUzZDdkOWRmMGIzM2VlMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCVzbhuvM8w3TVPCM1Vw2gKgNF05
7u439SwcmoJxAuqzKUAljMkyMP1CKJiVZ4CBHgMTXndffUnE9/m3OJfHNIYwgu96
UqRRAob/yNsMpBDxiBX93sh5uoZQmHvI+lpLT9j8ioDdDgpVg83IJpapnI/EdBtw
9493dZB+h5yW7T0Vj0K/Je8kjkctj0DwexEu4Clh4BbxnNaLxoT5PeEmBq+ZSFKw
GncU7fHqFoGwO+tRIgJjgozP1O8Nb8X3x/0w2bfhrKQwEC4ZVljrAeVG95O/O9B2
Q+ijtJnFGoQNnh3xj05YdKJNAWggWn5qts7J27wa38rjQH+fpiWxZP9AEQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFILrryS4cV5+fnDVrj19nfCzPuH6MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvZ3V1dkpMaHhYbjUtY05XdVBYMmQ4TE0tNGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW+QNMAwD
BABemiUDBABemiYwDQYJKoZIhvcNAQELBQADggEBAGt/qUl6hGvlP9mUpOQPn37v
G0K//JBhLw3ZdT1w7sLJRxU7NgTW1GqZqBE8NOLhHZ+wdAKfH+xgukN6d47Mvkh2
7yr1g5L9B3SGf+DtrwX3U7fWIGSav/Ubk4h1eDjvXE3z3d3AIJAQO4WjpGbA6O6u
zMewyL7Scrydk3zemd5j4db31Mn8d7W1gCLm9a9rv+qyuAoy84AHmQM8ihaDoD3a
h6NEum/IpClK7+v/I+GjJo+s3sxLsK1EVj2LRRj14McOFki29KuokuY1ZLsS25bG
V75u40HwoPUK+CWQSZLsx6izlUVicLpmwrydh5oPbsr/BJXU9FsKVq0gGlzNdwA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-fra.rpki-client.org