Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/rDX1wbu1sewBzOGuNePLxQV3INE.roa
File: rDX1wbu1sewBzOGuNePLxQV3INE.roa (raw, json)
Hash identifier: 36RyYCzDczwsrld5igaYUu9x/BCiDqhSl/EdbkkgLe4=
Subject key identifier: AC:35:F5:C1:BB:B5:B1:EC:01:CC:E1:AE:35:E3:CB:C5:05:77:20:D1
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 072C0208
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/rDX1wbu1sewBzOGuNePLxQV3INE.roa
Signing time: Mon 27 Jun 2022 11:06:45 +0000
ROA not before: Mon 27 Jun 2022 11:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 91.228.13.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120324616 (0x72c0208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jun 27 11:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac35f5c1bbb5b1ec01cce1ae35e3cbc5057720d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:51:2a:16:dc:f0:67:e7:7e:77:0c:17:5d:
d2:0f:44:b1:14:c0:85:a1:4d:82:4a:a8:8d:b7:96:
02:8a:a3:ae:8b:ca:28:b8:a0:fa:cd:8d:96:a3:b3:
b5:cf:da:dc:44:09:e4:5c:a0:1c:17:b6:0e:73:e1:
26:3f:30:4f:47:12:95:bf:11:28:22:d1:ed:aa:30:
0d:6e:17:3d:4e:9d:a6:c5:ad:22:fc:60:97:3d:14:
30:37:53:10:08:2f:4b:52:3a:f3:4b:c0:c8:71:25:
cb:11:4b:4c:51:7f:59:8f:86:14:74:a7:83:be:4e:
87:7e:81:93:39:65:41:1c:a0:bf:80:7a:9e:f5:1a:
04:72:81:c3:80:8e:0b:01:26:92:8b:b2:20:0e:a6:
17:d9:2a:cc:43:6a:15:b3:91:90:4e:f0:4a:89:97:
97:b5:ec:7e:84:8e:2b:65:e0:ca:ad:ce:57:bf:c1:
41:b2:60:bd:ed:88:03:38:e4:5c:7c:d2:19:1c:14:
5a:36:f2:14:7f:d6:f3:62:3e:76:c4:9e:dc:75:38:
7b:ec:cb:eb:72:f3:ea:16:83:f7:88:b6:8a:70:7b:
17:43:0d:93:bd:bc:6d:7e:d0:a6:a1:47:bd:d0:d8:
ff:56:c5:d6:65:04:43:3f:aa:86:53:b0:d7:16:c4:
a0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:35:F5:C1:BB:B5:B1:EC:01:CC:E1:AE:35:E3:CB:C5:05:77:20:D1
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/rDX1wbu1sewBzOGuNePLxQV3INE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
91.228.15.0/24
94.154.32.0-94.154.36.255
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:92:87:4b:34:ed:22:b8:85:b3:11:2f:82:44:23:a3:90:8d:
ac:03:dd:e4:c9:c3:22:d0:81:c6:4a:ec:13:a6:4f:95:26:3e:
08:ea:49:8a:be:64:21:80:02:24:84:4d:b0:96:6c:be:4f:3f:
01:22:50:cd:8b:2d:c6:e0:90:fb:b2:cc:2c:29:61:aa:23:fa:
c3:08:74:55:a6:64:1e:14:8d:d3:51:ff:58:88:d8:32:54:de:
5b:59:71:cc:de:08:52:19:fd:21:43:4b:7a:68:cf:ec:af:93:
79:d7:be:1a:a2:b5:d2:43:6a:86:23:4f:83:63:bc:78:37:82:
df:86:d3:1d:2b:85:e0:06:24:83:c8:42:94:8c:c5:d5:59:b1:
67:a7:75:70:15:d0:d7:7d:6f:37:66:c5:04:5d:58:74:c7:b0:
2e:e9:bc:e8:43:d3:c0:22:84:44:e5:1c:3e:9a:1e:0d:94:e6:
c1:1c:77:78:94:f6:53:5b:36:85:35:8d:a8:20:6a:cd:9b:28:
57:1c:ea:aa:6c:f3:10:3b:bb:a3:7f:63:dc:fb:78:ff:7f:95:
d4:84:a2:c9:bf:b1:37:68:8b:64:9f:74:e5:e1:2b:74:29:68:
5b:bf:e4:82:bd:26:b9:02:12:0f:32:3d:58:67:10:1d:73:9a:
00:3a:2b:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBywCCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2NmMzg4NGI3ODAwN2EyNWRiZTJlMmNlZjBjYzczYjY5OTIxZjg4MB4XDTIyMDYy
NzExMDY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMzNWY1YzFiYmI1
YjFlYzAxY2NlMWFlMzVlM2NiYzUwNTc3MjBkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9lUSoW3PBn5353DBdd0g9EsRTAhaFNgkqojbeWAoqjrovK
KLig+s2NlqOztc/a3EQJ5FygHBe2DnPhJj8wT0cSlb8RKCLR7aowDW4XPU6dpsWt
Ivxglz0UMDdTEAgvS1I680vAyHElyxFLTFF/WY+GFHSng75Oh36BkzllQRygv4B6
nvUaBHKBw4COCwEmkouyIA6mF9kqzENqFbORkE7wSomXl7XsfoSOK2Xgyq3OV7/B
QbJgve2IAzjkXHzSGRwUWjbyFH/W82I+dsSe3HU4e+zL63Lz6haD94i2inB7F0MN
k728bX7QpqFHvdDY/1bF1mUEQz+qhlOw1xbEoLECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSsNfXBu7Wx7AHM4a4148vFBXcg0TAfBgNVHSMEGDAWgBTnzziEt4AHol2+
LizvDMc7aZIfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU4ODRoTGVBQjZKZHZpNHM3d3pITzJtU0g0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8x
L3JEWDF3YnUxc2V3QnpPR3VOZVBMeFFWM0lORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8xLzU4ODRoTGVBQjZK
ZHZpNHM3d3pITzJtU0g0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFvkDQMEAFvkDzAMAwQFXpogAwQA
XpokAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQArkodLNO0iuIWzES+CRCOjkI2s
A93kycMi0IHGSuwTpk+VJj4I6kmKvmQhgAIkhE2wlmy+Tz8BIlDNiy3G4JD7ssws
KWGqI/rDCHRVpmQeFI3TUf9YiNgyVN5bWXHM3ghSGf0hQ0t6aM/sr5N5174aorXS
Q2qGI0+DY7x4N4LfhtMdK4XgBiSDyEKUjMXVWbFnp3VwFdDXfW83ZsUEXVh0x7Au
6bzoQ9PAIoRE5Rw+mh4NlObBHHd4lPZTWzaFNY2oIGrNmyhXHOqqbPMQO7ujf2Pc
+3j/f5XUhKLJv7E3aItkn3Tl4St0KWhbv+SCvSa5AhIPMj1YZxAdc5oAOisQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org