Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83d49c-1e18-43d3-8e3f-dc7a50e51b39/1/SHALZhDM12kjYLQma-oIJFwB-f8.roa
File: SHALZhDM12kjYLQma-oIJFwB-f8.roa (raw, json)
Hash identifier: gJvKCWmI/QD3PpKwx2P14HDfDhrU3q57GIu1U6ciY+c=
Subject key identifier: 48:70:0B:66:10:CC:D7:69:23:60:B4:26:6B:EA:08:24:5C:01:F9:FF
Certificate issuer: /CN=7971511116a533bd6aaf4217d4dfc3f3e0cb4978
Certificate serial: A9E678
Authority key identifier: 79:71:51:11:16:A5:33:BD:6A:AF:42:17:D4:DF:C3:F3:E0:CB:49:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXFRERalM71qr0IX1N_D8-DLSXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/83d49c-1e18-43d3-8e3f-dc7a50e51b39/1/SHALZhDM12kjYLQma-oIJFwB-f8.roa
Signing time: Sat 01 Jan 2022 01:56:18 +0000
ROA not before: Sat 01 Jan 2022 01:56:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.247.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11134584 (0xa9e678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7971511116a533bd6aaf4217d4dfc3f3e0cb4978
Validity
Not Before: Jan 1 01:56:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48700b6610ccd7692360b4266bea08245c01f9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:bf:33:88:1a:f4:23:a8:ca:85:2e:9a:64:
1d:a1:c7:7e:95:72:f2:d3:d2:6e:80:b3:94:be:c2:
b1:ab:27:ad:6e:53:56:fb:39:a0:de:6f:bb:d2:bd:
9f:51:d5:bb:d2:e9:85:07:f1:e2:87:ab:58:cf:0e:
43:f6:ed:eb:79:23:6b:9a:11:20:fa:13:b9:00:7f:
80:ce:f7:31:c8:93:43:ec:ed:71:d3:74:ad:cd:92:
de:c1:95:3a:37:8b:5a:bb:05:cc:e7:60:3b:2e:39:
bf:91:08:8d:8f:7a:0a:6b:46:01:2d:1b:e8:9b:8d:
dc:00:f1:16:b9:a4:9b:36:25:b8:03:00:74:1a:19:
ff:19:b5:5b:56:da:61:24:2e:31:8f:a9:b7:cf:c9:
e6:54:aa:ca:fd:47:07:4f:4d:36:c7:54:0b:38:bd:
6b:e7:97:32:fb:cc:1d:53:ae:1a:30:13:2f:a0:32:
3a:60:ab:7d:8d:41:af:f8:98:64:0b:10:da:3f:32:
6b:ac:43:79:bb:1e:aa:74:c8:99:6d:45:5b:3e:a1:
0f:89:d7:9b:9a:27:5b:27:88:f6:02:1a:11:00:78:
e4:ce:8d:d9:86:45:59:93:b0:3d:d6:d4:6c:77:e4:
85:5b:39:f1:a2:0b:19:4f:bd:8b:dc:43:98:59:2e:
d5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:70:0B:66:10:CC:D7:69:23:60:B4:26:6B:EA:08:24:5C:01:F9:FF
X509v3 Authority Key Identifier:
keyid:79:71:51:11:16:A5:33:BD:6A:AF:42:17:D4:DF:C3:F3:E0:CB:49:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXFRERalM71qr0IX1N_D8-DLSXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83d49c-1e18-43d3-8e3f-dc7a50e51b39/1/SHALZhDM12kjYLQma-oIJFwB-f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83d49c-1e18-43d3-8e3f-dc7a50e51b39/1/eXFRERalM71qr0IX1N_D8-DLSXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.191.0/24
Signature Algorithm: sha256WithRSAEncryption
32:c3:ad:fc:d3:ff:6f:70:b1:19:c5:62:9c:01:26:94:b0:7c:
38:fe:48:cd:a8:e1:38:78:8e:dd:29:49:80:ca:c9:8f:12:98:
7a:3a:06:2d:86:fd:ba:d7:cf:5c:16:44:93:bc:d8:e9:71:23:
ce:c3:29:6c:e4:0a:2a:80:eb:aa:3b:90:40:04:0a:a4:30:69:
b2:8c:c0:f1:0d:25:24:e7:0e:f8:66:51:2f:36:18:02:61:7d:
2d:fa:f3:be:36:b7:20:86:2c:d3:3d:c0:6e:4b:d3:96:86:0a:
a0:95:84:8f:48:27:65:29:90:bb:74:d2:dd:87:a0:0b:d2:f7:
0d:df:95:a7:d8:9f:97:f3:45:de:62:f8:c4:47:39:1d:ac:5b:
0e:b7:17:8e:47:99:c2:88:aa:31:57:1e:93:e6:08:c6:24:e3:
01:69:85:1c:3f:16:f7:84:ea:c5:be:8e:8b:9b:7a:5c:53:10:
f1:47:3e:33:be:0d:e6:56:6c:88:8d:b0:16:fc:3e:3c:78:b8:
28:b0:0a:00:7a:f7:22:01:c6:91:a6:1f:3e:70:76:18:99:18:
d8:82:09:bd:41:e7:a0:4c:1c:24:9e:da:fb:e9:a7:61:d9:38:
65:f8:b3:f1:54:49:a0:7b:5b:48:39:3c:c4:eb:db:04:2a:07:
71:a1:76:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKnmeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTcxNTExMTE2YTUzM2JkNmFhZjQyMTdkNGRmYzNmM2UwY2I0OTc4MB4XDTIyMDEw
MTAxNTYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg3MDBiNjYxMGNj
ZDc2OTIzNjBiNDI2NmJlYTA4MjQ1YzAxZjlmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVyvzOIGvQjqMqFLppkHaHHfpVy8tPSboCzlL7CsasnrW5T
Vvs5oN5vu9K9n1HVu9LphQfx4oerWM8OQ/bt63kja5oRIPoTuQB/gM73MciTQ+zt
cdN0rc2S3sGVOjeLWrsFzOdgOy45v5EIjY96CmtGAS0b6JuN3ADxFrmkmzYluAMA
dBoZ/xm1W1baYSQuMY+pt8/J5lSqyv1HB09NNsdUCzi9a+eXMvvMHVOuGjATL6Ay
OmCrfY1Br/iYZAsQ2j8ya6xDebseqnTImW1FWz6hD4nXm5onWyeI9gIaEQB45M6N
2YZFWZOwPdbUbHfkhVs58aILGU+9i9xDmFku1RcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIcAtmEMzXaSNgtCZr6ggkXAH5/zAfBgNVHSMEGDAWgBR5cVERFqUzvWqv
QhfU38Pz4MtJeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VYRlJFUmFsTTcxcXIwSVgxTl9EOC1ETFNYZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvODNkNDljLTFlMTgtNDNkMy04ZTNmLWRjN2E1MGU1MWIzOS8x
L1NIQUxaaERNMTJrallMUW1hLW9JSkZ3Qi1mOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
ODNkNDljLTFlMTgtNDNkMy04ZTNmLWRjN2E1MGU1MWIzOS8xL2VYRlJFUmFsTTcx
cXIwSVgxTl9EOC1ETFNYZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv3vzANBgkqhkiG9w0BAQsFAAOC
AQEAMsOt/NP/b3CxGcVinAEmlLB8OP5IzajhOHiO3SlJgMrJjxKYejoGLYb9utfP
XBZEk7zY6XEjzsMpbOQKKoDrqjuQQAQKpDBpsozA8Q0lJOcO+GZRLzYYAmF9Lfrz
vja3IIYs0z3AbkvTloYKoJWEj0gnZSmQu3TS3YegC9L3Dd+Vp9ifl/NF3mL4xEc5
HaxbDrcXjkeZwoiqMVcek+YIxiTjAWmFHD8W94Tqxb6Oi5t6XFMQ8Uc+M74N5lZs
iI2wFvw+PHi4KLAKAHr3IgHGkaYfPnB2GJkY2IIJvUHnoEwcJJ7a++mnYdk4Zfiz
8VRJoHtbSDk8xOvbBCoHcaF2Mg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:50 2023 by rpki-client on console-fra.rpki-client.org