Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/aryztBEFFt-vn4MPnCU5rX1gH-s.roa
File: aryztBEFFt-vn4MPnCU5rX1gH-s.roa (raw, json)
Hash identifier: 2Dk6SZZPDPmSk+C/+w05m2KBC/9b35RpMgO2Twlgx8g=
Subject key identifier: 6A:BC:B3:B4:11:05:16:DF:AF:9F:83:0F:9C:25:39:AD:7D:60:1F:EB
Certificate issuer: /CN=b1427bdcd47c78431f662a08589005acb50b9341
Certificate serial: 018463B0839A4E3C99A56F2F338E3A5CFA5E
Authority key identifier: B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/aryztBEFFt-vn4MPnCU5rX1gH-s.roa
Signing time: Thu 10 Nov 2022 22:37:03 +0000
ROA not before: Thu 10 Nov 2022 22:37:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8749
IP address blocks: 91.235.148.0/24 maxlen: 24
91.236.12.0/24 maxlen: 24
91.234.54.0/24 maxlen: 24
91.235.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:63:b0:83:9a:4e:3c:99:a5:6f:2f:33:8e:3a:5c:fa:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1427bdcd47c78431f662a08589005acb50b9341
Validity
Not Before: Nov 10 22:37:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6abcb3b4110516dfaf9f830f9c2539ad7d601feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:35:c4:9b:c2:bd:98:b0:67:0d:88:46:52:
ea:ca:ec:4d:76:c4:df:03:79:2c:2c:ec:94:c5:35:
02:67:ed:29:5b:67:04:46:ff:9c:61:97:b2:70:ed:
03:0e:2a:b0:ab:fe:de:7d:ae:02:6f:87:eb:a2:f8:
52:47:3f:06:34:49:d2:92:b8:99:59:de:1f:69:f5:
e4:2b:a7:9a:15:18:1f:9a:f0:35:dc:0b:96:06:fa:
1a:ec:dc:91:40:3c:74:e6:2f:44:47:37:c8:20:97:
7c:db:73:d1:2a:d4:2d:13:03:aa:23:cc:29:dc:72:
0c:67:4c:f8:99:a8:90:05:20:4f:df:46:46:8b:8b:
7a:f5:5d:a8:52:bf:17:2e:9a:b9:80:b4:92:07:fb:
d9:21:44:43:9f:47:bf:83:cb:36:9d:02:bb:c9:61:
41:38:7f:2e:c9:e8:e6:67:37:d4:e7:97:86:d6:32:
3b:fe:2b:d2:52:40:cc:8d:9f:a0:0c:11:05:8f:80:
2f:b8:fa:b0:5d:f9:ae:22:5f:11:80:d3:0a:50:b4:
8b:22:1d:95:f5:4a:fb:fc:97:0a:97:68:de:a3:f9:
bf:a9:c4:b7:e9:27:57:5f:f2:3e:d1:b5:72:42:9f:
09:ca:74:43:73:b5:05:71:2a:c8:d2:e8:6e:74:73:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BC:B3:B4:11:05:16:DF:AF:9F:83:0F:9C:25:39:AD:7D:60:1F:EB
X509v3 Authority Key Identifier:
keyid:B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/aryztBEFFt-vn4MPnCU5rX1gH-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/sUJ73NR8eEMfZioIWJAFrLULk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.54.0/24
91.235.148.0/24
91.235.241.0/24
91.236.12.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ba:aa:c7:19:ee:7f:5f:62:d6:25:fb:35:92:f4:10:bb:3c:
b0:2b:18:55:65:49:3f:ba:68:ae:96:45:0e:54:2a:78:49:cd:
11:88:8a:86:3c:c0:ac:7b:94:9e:25:bc:cc:e7:6b:59:be:2a:
fd:90:33:ff:75:1b:82:9d:05:64:62:44:17:ce:93:13:72:0f:
04:51:b0:be:9f:fd:68:bd:c8:cd:ab:83:4b:ce:1e:e8:54:59:
47:2e:62:92:bd:a3:e6:cb:80:12:58:41:e0:aa:bb:bb:10:0a:
0b:cf:a5:d9:2d:0e:d1:2a:95:c0:58:67:14:a4:e3:9b:84:d4:
c8:e4:57:78:60:81:0f:3f:89:d0:07:db:cb:ac:04:eb:ec:8a:
b8:60:c9:45:e1:ee:6a:4c:9a:21:55:d5:d2:c1:2d:b1:9f:f9:
e9:c0:eb:f9:43:10:98:47:14:bd:a1:28:0d:af:cc:64:29:ba:
28:58:35:68:0c:e0:b7:d3:9a:5e:28:a3:08:16:55:6e:39:f7:
8c:1d:6c:3a:16:b9:ee:91:d6:74:95:cf:44:1e:56:31:e2:a8:
5a:2c:26:d3:62:8a:68:30:22:53:f9:5b:93:58:61:bb:f1:be:
93:44:ed:cd:c5:50:53:b0:f3:e3:30:08:63:4b:29:30:d6:ae:
98:68:67:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRjsIOaTjyZpW8vM446XPpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDI3YmRjZDQ3Yzc4NDMxZjY2MmEwODU4OTAwNWFjYjUw
YjkzNDEwHhcNMjIxMTEwMjIzNzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJjYjNiNDExMDUxNmRmYWY5ZjgzMGY5YzI1MzlhZDdkNjAxZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQM1xJvCvZiwZw2IRlLqyuxNdsTf
A3ksLOyUxTUCZ+0pW2cERv+cYZeycO0DDiqwq/7efa4Cb4frovhSRz8GNEnSkriZ
Wd4fafXkK6eaFRgfmvA13AuWBvoa7NyRQDx05i9ERzfIIJd823PRKtQtEwOqI8wp
3HIMZ0z4maiQBSBP30ZGi4t69V2oUr8XLpq5gLSSB/vZIURDn0e/g8s2nQK7yWFB
OH8uyejmZzfU55eG1jI7/ivSUkDMjZ+gDBEFj4AvuPqwXfmuIl8RgNMKULSLIh2V
9Ur7/JcKl2jeo/m/qcS36SdXX/I+0bVyQp8JynRDc7UFcSrI0uhudHNmNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGq8s7QRBRbfr5+DD5wlOa19YB/rMB8GA1UdIwQY
MBaAFLFCe9zUfHhDH2YqCFiQBay1C5NBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2Yzkt
NWZjOGU2MzI3ODg5LzEvYXJ5enRCRUZGdC12bjRNUG5DVTVyWDFnSC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2YzktNWZjOGU2MzI3ODg5
LzEvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+o2AwQA
W+uUAwQAW+vxAwQAW+wMMA0GCSqGSIb3DQEBCwUAA4IBAQA2uqrHGe5/X2LWJfs1
kvQQuzywKxhVZUk/umiulkUOVCp4Sc0RiIqGPMCse5SeJbzM52tZvir9kDP/dRuC
nQVkYkQXzpMTcg8EUbC+n/1ovcjNq4NLzh7oVFlHLmKSvaPmy4ASWEHgqru7EAoL
z6XZLQ7RKpXAWGcUpOObhNTI5Fd4YIEPP4nQB9vLrATr7Iq4YMlF4e5qTJohVdXS
wS2xn/npwOv5QxCYRxS9oSgNr8xkKbooWDVoDOC305peKKMIFlVuOfeMHWw6Frnu
kdZ0lc9EHlYx4qhaLCbTYopoMCJT+VuTWGG78b6TRO3NxVBTsPPjMAhjSykw1q6Y
aGeH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:59 2024 by rpki-client on console-fra.rpki-client.org