Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/vwsR2w7XtbGBZ6eT9VRMSowXS7c.roa
File: vwsR2w7XtbGBZ6eT9VRMSowXS7c.roa (raw, json)
Hash identifier: 6QWBwst5vd6whzstuQWFKM7MgjoNlTKRPJGz7UQn3bM=
Subject key identifier: BF:0B:11:DB:0E:D7:B5:B1:81:67:A7:93:F5:54:4C:4A:8C:17:4B:B7
Certificate issuer: /CN=8df893edf33208d7a2cf62268613769fb4967c66
Certificate serial: 0183C24FDAEE0DC3881DAF5D2354878F7839
Authority key identifier: 8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/vwsR2w7XtbGBZ6eT9VRMSowXS7c.roa
Signing time: Mon 10 Oct 2022 14:32:36 +0000
ROA not before: Mon 10 Oct 2022 14:32:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20910
IP address blocks: 91.228.4.0/22 maxlen: 22
195.28.26.0/23 maxlen: 23
91.194.76.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:4f:da:ee:0d:c3:88:1d:af:5d:23:54:87:8f:78:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df893edf33208d7a2cf62268613769fb4967c66
Validity
Not Before: Oct 10 14:32:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf0b11db0ed7b5b18167a793f5544c4a8c174bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8d:a0:33:8c:0f:c5:6f:7b:63:31:6e:b7:27:
08:b0:d4:02:0f:06:91:36:55:05:ac:7d:3e:67:ce:
e0:7c:3d:c7:ba:ee:63:ab:51:90:5d:0b:a4:62:94:
d1:b3:87:84:44:ea:9e:83:40:cb:d1:c8:8e:21:ad:
d0:86:7d:c1:a9:11:96:3a:67:66:fc:63:58:a7:4a:
ec:4d:db:f9:ed:d4:45:e5:62:c9:23:4a:32:78:be:
5c:72:2b:4c:f1:09:f1:d9:96:bd:37:25:65:be:98:
d6:8c:53:2b:5d:cd:24:75:f6:9e:55:7a:41:5e:20:
30:77:46:fb:61:e6:c8:1b:60:5a:7a:65:f0:10:75:
ea:b4:c7:0d:28:f6:ae:33:02:43:66:2a:de:23:e4:
d6:46:67:f1:96:8b:06:1c:a1:f1:13:70:df:61:d1:
76:38:e7:13:40:f6:ca:67:ce:3f:72:2a:4f:05:be:
f0:93:db:41:cc:5c:b7:9f:de:c9:90:35:2b:11:a9:
e3:f7:1e:53:e9:b8:38:c4:1a:ed:ab:5d:db:4b:07:
47:af:08:ca:f6:a8:fb:cf:48:24:be:6f:89:43:c8:
0a:60:ff:b7:f6:fa:55:cd:b8:2f:ae:90:44:99:09:
38:60:d0:41:28:4d:0a:6f:b4:7a:59:d9:db:7a:54:
04:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:0B:11:DB:0E:D7:B5:B1:81:67:A7:93:F5:54:4C:4A:8C:17:4B:B7
X509v3 Authority Key Identifier:
keyid:8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/vwsR2w7XtbGBZ6eT9VRMSowXS7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.76.0/23
91.228.4.0/22
195.28.26.0/23
Signature Algorithm: sha256WithRSAEncryption
67:42:0f:ab:56:82:2f:dd:5d:d0:f3:08:1a:88:f6:8d:8a:a4:
65:f0:d3:c8:87:09:83:7d:b4:48:8b:45:12:dc:6e:76:9d:5b:
37:7e:d1:b7:d6:62:d2:eb:7c:9b:90:ad:c8:52:b2:af:26:b6:
ba:c3:d2:bf:52:5f:58:24:be:2c:3a:f1:18:f0:15:df:90:5a:
0d:c5:c7:6c:47:76:95:f0:91:57:7b:fb:23:b8:ce:2f:ca:dd:
65:f3:e6:bf:de:61:7d:90:ad:5d:b8:88:06:68:11:56:62:f3:
e2:ef:fd:4a:68:dd:83:d2:8c:3c:2a:e3:a4:90:86:b3:85:f1:
91:69:fb:a1:b0:85:cc:65:f6:39:05:63:8d:c3:80:f0:6e:bc:
a9:73:3d:90:13:68:e2:84:23:86:61:cd:72:c3:e8:86:42:5a:
d1:50:85:ad:a0:4d:63:3e:aa:3d:44:d9:f7:b5:7d:1c:87:59:
b8:d4:b1:24:d7:21:10:52:71:59:ab:37:06:b4:6b:fe:16:bd:
30:9f:17:fc:17:b2:21:62:2d:26:73:cb:61:f6:2b:c8:eb:63:
dc:4c:d1:fa:e2:c2:5b:35:1c:91:d9:77:b6:7b:6b:f2:7a:c4:
0a:56:d3:fc:a5:21:86:b8:88:ff:7f:f4:8f:0b:07:3d:d1:d3:
52:56:cc:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPCT9ruDcOIHa9dI1SHj3g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjg5M2VkZjMzMjA4ZDdhMmNmNjIyNjg2MTM3NjlmYjQ5
NjdjNjYwHhcNMjIxMDEwMTQzMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjBiMTFkYjBlZDdiNWIxODE2N2E3OTNmNTU0NGM0YThjMTc0YmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh42gM4wPxW97YzFutycIsNQCDwaR
NlUFrH0+Z87gfD3Huu5jq1GQXQukYpTRs4eEROqeg0DL0ciOIa3Qhn3BqRGWOmdm
/GNYp0rsTdv57dRF5WLJI0oyeL5ccitM8Qnx2Za9NyVlvpjWjFMrXc0kdfaeVXpB
XiAwd0b7YebIG2BaemXwEHXqtMcNKPauMwJDZireI+TWRmfxlosGHKHxE3DfYdF2
OOcTQPbKZ84/cipPBb7wk9tBzFy3n97JkDUrEanj9x5T6bg4xBrtq13bSwdHrwjK
9qj7z0gkvm+JQ8gKYP+39vpVzbgvrpBEmQk4YNBBKE0Kb7R6WdnbelQEJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL8LEdsO17WxgWenk/VUTEqMF0u3MB8GA1UdIwQY
MBaAFI34k+3zMgjXos9iJoYTdp+0lnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYt
Zjg3Nzg3YjFkMDNjLzEvdndzUjJ3N1h0YkdCWjZlVDlWUk1Tb3dYUzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYtZjg3Nzg3YjFkMDNj
LzEvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8JMAwQC
W+QEAwQBwxwaMA0GCSqGSIb3DQEBCwUAA4IBAQBnQg+rVoIv3V3Q8wgaiPaNiqRl
8NPIhwmDfbRIi0US3G52nVs3ftG31mLS63ybkK3IUrKvJra6w9K/Ul9YJL4sOvEY
8BXfkFoNxcdsR3aV8JFXe/sjuM4vyt1l8+a/3mF9kK1duIgGaBFWYvPi7/1KaN2D
0ow8KuOkkIazhfGRafuhsIXMZfY5BWONw4Dwbrypcz2QE2jihCOGYc1yw+iGQlrR
UIWtoE1jPqo9RNn3tX0ch1m41LEk1yEQUnFZqzcGtGv+Fr0wnxf8F7IhYi0mc8th
9ivI62PcTNH64sJbNRyR2Xe2e2vyesQKVtP8pSGGuIj/f/SPCwc90dNSVswX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:21 2024 by rpki-client on console-fra.rpki-client.org