Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/9pmhPZj6kb2VSianCQcCbPp6cGQ.roa
File: 9pmhPZj6kb2VSianCQcCbPp6cGQ.roa (raw, json)
Hash identifier: Peot1Jpg3DOujLvQkbs1d33sSZIg6N7bFSBYabOumQ8=
Subject key identifier: F6:99:A1:3D:98:FA:91:BD:95:4A:26:A7:09:07:02:6C:FA:7A:70:64
Certificate issuer: /CN=b1427bdcd47c78431f662a08589005acb50b9341
Certificate serial: 0182624068006385A3C425F2E960A5E0AECD
Authority key identifier: B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/9pmhPZj6kb2VSianCQcCbPp6cGQ.roa
Signing time: Wed 03 Aug 2022 05:49:24 +0000
ROA not before: Wed 03 Aug 2022 05:49:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51501
IP address blocks: 91.235.148.0/24 maxlen: 24
91.236.12.0/24 maxlen: 24
91.234.54.0/24 maxlen: 24
91.235.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:40:68:00:63:85:a3:c4:25:f2:e9:60:a5:e0:ae:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1427bdcd47c78431f662a08589005acb50b9341
Validity
Not Before: Aug 3 05:49:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f699a13d98fa91bd954a26a70907026cfa7a7064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:92:1a:da:95:b5:bf:6b:de:f6:6f:44:42:4a:
4a:ee:51:29:d0:be:92:0e:3c:6c:e8:b5:25:26:c6:
ad:35:ea:a7:10:53:1b:ae:51:5e:d3:38:2d:0a:12:
ff:8e:c1:38:d9:12:dd:bb:dc:fd:a0:f0:b5:df:24:
93:26:7d:82:ae:53:78:90:d5:3a:3b:81:8b:a1:22:
ea:32:5e:3f:5c:1f:88:4f:5e:2f:26:75:f4:1c:ee:
f7:e9:eb:a6:50:99:f2:c7:78:c4:fd:7d:b5:16:40:
b1:50:f1:ad:9c:76:ac:56:98:eb:b4:63:ab:25:e6:
17:8e:c4:d1:32:19:e6:3c:75:bc:78:9d:2e:27:1a:
9a:d8:62:fe:32:02:a6:cd:33:4c:16:d1:d7:21:81:
9c:ce:84:d3:4b:62:64:1e:26:37:72:6e:c4:90:52:
1c:d6:c3:7c:4d:d5:e7:2b:a0:a3:03:98:8d:77:34:
9d:16:8c:54:79:f1:b8:83:f1:e4:c7:80:18:77:d1:
99:02:54:9f:86:92:79:d4:e8:1a:2e:ab:05:9b:5e:
41:3d:ad:c2:62:76:01:78:47:3f:e1:34:01:ee:11:
de:c6:1e:de:a9:41:cd:6f:8b:9e:29:31:96:02:a6:
b9:f2:10:5b:c1:f6:bc:82:94:7d:14:9b:cb:0b:4b:
05:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:99:A1:3D:98:FA:91:BD:95:4A:26:A7:09:07:02:6C:FA:7A:70:64
X509v3 Authority Key Identifier:
keyid:B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/9pmhPZj6kb2VSianCQcCbPp6cGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/sUJ73NR8eEMfZioIWJAFrLULk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.54.0/24
91.235.148.0/24
91.235.241.0/24
91.236.12.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:fe:76:e3:2a:c6:79:ce:e8:5e:40:fb:14:f2:75:2c:5e:2a:
60:9c:28:d8:07:d9:ae:82:bd:09:f6:cf:ab:7e:57:af:19:46:
9f:e5:ca:bc:c0:d2:86:60:b5:c9:39:c1:b5:f9:8c:2b:e0:97:
ad:4f:43:35:38:54:1f:22:1a:6c:e3:6e:97:f6:50:f2:4e:15:
f0:2b:e7:0d:5b:85:75:19:47:0f:d4:f3:63:9b:2a:3f:2c:91:
4e:21:47:98:44:2c:8f:bf:7e:a2:19:67:04:3b:84:34:eb:da:
b1:88:a1:0e:89:0a:21:c7:1e:e7:57:7d:4f:7c:26:00:52:40:
85:5b:43:78:49:0b:3e:15:44:41:ab:1b:ba:10:e4:5e:0f:91:
10:71:b3:2a:09:13:b3:bc:6c:87:f1:00:8f:96:7f:4d:86:d2:
e0:8a:e5:b2:5c:95:90:63:0b:0c:bc:1d:e1:4d:7d:a5:43:75:
72:26:da:6d:6a:53:28:8d:b2:9b:8e:f6:14:87:04:e0:3a:32:
38:76:5d:aa:fb:13:cc:01:01:db:67:84:f3:30:42:bf:0e:13:
94:b9:01:aa:1a:0b:7b:66:4a:f0:d6:be:76:51:04:c3:3d:97:
e8:70:11:7f:09:ca:33:3d:69:26:6e:95:41:b1:1b:7c:a8:81:
4f:fc:56:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYJiQGgAY4WjxCXy6WCl4K7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDI3YmRjZDQ3Yzc4NDMxZjY2MmEwODU4OTAwNWFjYjUw
YjkzNDEwHhcNMjIwODAzMDU0OTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjk5YTEzZDk4ZmE5MWJkOTU0YTI2YTcwOTA3MDI2Y2ZhN2E3MDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJIa2pW1v2ve9m9EQkpK7lEp0L6S
Djxs6LUlJsatNeqnEFMbrlFe0zgtChL/jsE42RLdu9z9oPC13ySTJn2CrlN4kNU6
O4GLoSLqMl4/XB+IT14vJnX0HO736eumUJnyx3jE/X21FkCxUPGtnHasVpjrtGOr
JeYXjsTRMhnmPHW8eJ0uJxqa2GL+MgKmzTNMFtHXIYGczoTTS2JkHiY3cm7EkFIc
1sN8TdXnK6CjA5iNdzSdFoxUefG4g/Hkx4AYd9GZAlSfhpJ51OgaLqsFm15BPa3C
YnYBeEc/4TQB7hHexh7eqUHNb4ueKTGWAqa58hBbwfa8gpR9FJvLC0sFsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPaZoT2Y+pG9lUompwkHAmz6enBkMB8GA1UdIwQY
MBaAFLFCe9zUfHhDH2YqCFiQBay1C5NBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2Yzkt
NWZjOGU2MzI3ODg5LzEvOXBtaFBaajZrYjJWU2lhbkNRY0NiUHA2Y0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2YzktNWZjOGU2MzI3ODg5
LzEvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+o2AwQA
W+uUAwQAW+vxAwQAW+wMMA0GCSqGSIb3DQEBCwUAA4IBAQDY/nbjKsZ5zuheQPsU
8nUsXipgnCjYB9mugr0J9s+rflevGUaf5cq8wNKGYLXJOcG1+Ywr4JetT0M1OFQf
Ihps426X9lDyThXwK+cNW4V1GUcP1PNjmyo/LJFOIUeYRCyPv36iGWcEO4Q069qx
iKEOiQohxx7nV31PfCYAUkCFW0N4SQs+FURBqxu6EOReD5EQcbMqCROzvGyH8QCP
ln9NhtLgiuWyXJWQYwsMvB3hTX2lQ3VyJtptalMojbKbjvYUhwTgOjI4dl2q+xPM
AQHbZ4TzMEK/DhOUuQGqGgt7Zkrw1r52UQTDPZfocBF/CcozPWkmbpVBsRt8qIFP
/Fb3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:59 2024 by rpki-client on console-fra.rpki-client.org