Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/jG7oYH8uuA-2Kanet5r_jcXLHnM.roa
File: jG7oYH8uuA-2Kanet5r_jcXLHnM.roa (raw, json)
Hash identifier: ap+YnAEmENz4uDv1UZI6uoZxsOQnydA0o1UE6kE63RI=
Subject key identifier: 8C:6E:E8:60:7F:2E:B8:0F:B6:29:A9:DE:B7:9A:FF:8D:C5:CB:1E:73
Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial: 0346D1C2
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/jG7oYH8uuA-2Kanet5r_jcXLHnM.roa
Signing time: Wed 02 Mar 2022 09:29:42 +0000
ROA not before: Wed 02 Mar 2022 09:29:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39566
IP address blocks: 193.93.88.0/22 maxlen: 22
91.211.220.0/22 maxlen: 22
2001:678:63c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54972866 (0x346d1c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Validity
Not Before: Mar 2 09:29:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c6ee8607f2eb80fb629a9deb79aff8dc5cb1e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:dd:42:fa:d2:c5:10:3a:b9:a6:9b:b3:2b:
e6:2f:ed:55:6c:89:65:a6:f3:86:1c:e6:52:1f:74:
3a:99:f6:06:a2:dd:1f:56:ce:4d:c9:36:76:02:fc:
f0:44:8e:eb:73:56:94:54:e4:ea:2b:85:b4:00:d2:
ad:b6:61:19:c4:36:b1:d1:94:95:ae:af:28:6d:03:
eb:38:60:d6:ed:f5:95:59:3b:0c:e3:95:b2:8b:cd:
56:80:50:79:79:5c:63:fe:5b:3c:05:13:3c:6e:5b:
63:ed:10:62:57:df:5e:51:c9:0e:52:8b:d7:00:b9:
8b:e2:37:49:13:94:c2:5c:30:39:e7:48:0b:49:b6:
a4:5e:1d:3c:2a:cb:c0:96:0c:0f:c9:a2:64:6c:78:
32:44:b4:68:90:5b:70:b8:6e:fb:b0:63:a1:b0:af:
4a:d0:5e:89:ce:ed:c1:f9:44:ef:6e:31:cd:cb:2d:
f7:18:13:41:7a:79:8d:1f:0a:ec:90:48:8c:55:53:
db:c0:3a:68:e4:5d:00:e1:89:a2:36:51:2d:12:55:
65:cd:46:30:b0:1a:3d:05:70:2b:94:c4:7d:64:9e:
7f:e0:a1:78:50:15:5e:6e:62:11:fa:30:91:70:a7:
13:37:9a:9b:a3:a7:bf:45:b0:e1:e3:73:ac:2a:d4:
42:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6E:E8:60:7F:2E:B8:0F:B6:29:A9:DE:B7:9A:FF:8D:C5:CB:1E:73
X509v3 Authority Key Identifier:
keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/jG7oYH8uuA-2Kanet5r_jcXLHnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.220.0/22
193.93.88.0/22
IPv6:
2001:678:63c::/48
Signature Algorithm: sha256WithRSAEncryption
9a:c4:90:23:ee:db:e4:e4:5b:ff:aa:c8:7c:2e:45:93:c3:f0:
5c:a9:c1:89:b9:f4:94:4e:04:a5:f1:c5:24:5a:18:d0:20:34:
fb:fa:bd:d7:8f:95:05:08:06:b9:77:97:13:92:85:4b:bf:04:
b1:4b:34:d2:d9:26:8a:1c:e7:56:7f:1a:9b:bc:bc:5d:e0:87:
4b:26:b0:f1:5e:09:43:88:7b:25:38:a0:12:a8:d2:ae:c9:60:
3c:0b:7d:aa:da:49:7f:4e:2f:09:ca:1f:6e:b9:7a:a0:5a:dd:
06:fc:e2:d1:cd:03:07:c8:90:0f:03:65:89:76:c6:b2:5d:49:
30:bd:bb:9b:69:5b:25:16:63:02:9d:74:cb:9e:68:26:85:09:
f2:91:4f:98:7f:f9:a6:8b:be:d1:bd:3d:aa:cf:17:83:d4:b3:
36:ad:7f:56:43:00:97:6f:26:3e:42:4e:e5:6c:ab:ab:cf:ab:
bc:5e:54:f2:e6:10:0b:f3:6c:42:a0:1f:84:61:28:e2:83:c6:
61:8a:f1:98:f5:ce:67:82:5a:c0:39:8c:49:04:41:34:16:75:
5c:bf:2b:3a:94:5f:39:37:66:14:c8:c4:3b:ff:f7:83:48:55:
d6:2f:3a:59:1a:91:f0:7d:62:27:ea:54:c2:57:5a:32:7a:ec:
0b:6b:5d:42
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEA0bRwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWYxOWYwNWNjZjIyMjEzOTg0NjljMGJlOGRkYzA0Y2UxNGUxMzVhMB4XDTIyMDMw
MjA5Mjk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM2ZWU4NjA3ZjJl
YjgwZmI2MjlhOWRlYjc5YWZmOGRjNWNiMWU3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd63UL60sUQOrmmm7Mr5i/tVWyJZabzhhzmUh90Opn2BqLd
H1bOTck2dgL88ESO63NWlFTk6iuFtADSrbZhGcQ2sdGUla6vKG0D6zhg1u31lVk7
DOOVsovNVoBQeXlcY/5bPAUTPG5bY+0QYlffXlHJDlKL1wC5i+I3SROUwlwwOedI
C0m2pF4dPCrLwJYMD8miZGx4MkS0aJBbcLhu+7BjobCvStBeic7twflE724xzcst
9xgTQXp5jR8K7JBIjFVT28A6aORdAOGJojZRLRJVZc1GMLAaPQVwK5TEfWSef+Ch
eFAVXm5iEfowkXCnEzeam6Onv0Ww4eNzrCrUQmUCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSMbuhgfy64D7Ypqd63mv+NxcseczAfBgNVHSMEGDAWgBTZ8Z8FzPIiE5hG
nAvo3cBM4U4TWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJmR2ZCY3p5SWhPWVJwd0w2TjNBVE9GT0Uxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvNmUzMjQ2LWZiYTYtNGUxZC04MDg5LTRmZjMzMzM4MzYxZS8x
L2pHN29ZSDh1dUEtMkthbmV0NXJfamNYTEhuTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
NmUzMjQ2LWZiYTYtNGUxZC04MDg5LTRmZjMzMzM4MzYxZS8xLzJmR2ZCY3p5SWhP
WVJwd0w2TjNBVE9GT0Uxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAlvT3AMEAsFdWDAPBAIAAjAJAwcA
IAEGeAY8MA0GCSqGSIb3DQEBCwUAA4IBAQCaxJAj7tvk5Fv/qsh8LkWTw/BcqcGJ
ufSUTgSl8cUkWhjQIDT7+r3Xj5UFCAa5d5cTkoVLvwSxSzTS2SaKHOdWfxqbvLxd
4IdLJrDxXglDiHslOKASqNKuyWA8C32q2kl/Ti8Jyh9uuXqgWt0G/OLRzQMHyJAP
A2WJdsayXUkwvbubaVslFmMCnXTLnmgmhQnykU+Yf/mmi77RvT2qzxeD1LM2rX9W
QwCXbyY+Qk7lbKurz6u8XlTy5hAL82xCoB+EYSjig8ZhivGY9c5nglrAOYxJBEE0
FnVcvys6lF85N2YUyMQ7//eDSFXWLzpZGpHwfWIn6lTCV1oyeuwLa11C
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:25 2023 by rpki-client on console-fra.rpki-client.org