Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/1-hNc78uLtUJKDuP2HbpCQ5pYqFI.roa
File: 1-hNc78uLtUJKDuP2HbpCQ5pYqFI.roa (raw, json)
Hash identifier: CJTm7IjvCtujVTcJ2sUx3CJcwxhh6gkKjCxYXaKzn3c=
Subject key identifier: FA:13:5C:EF:CB:8B:B5:42:4A:0E:E3:F6:1D:BA:42:43:9A:58:A8:52
Certificate issuer: /CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Certificate serial: 0DAE9E8B
Authority key identifier: 26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/1-hNc78uLtUJKDuP2HbpCQ5pYqFI.roa
Signing time: Sat 01 Jan 2022 10:56:55 +0000
ROA not before: Sat 01 Jan 2022 10:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41893
IP address blocks: 91.143.240.0/24 maxlen: 24
91.143.243.0/24 maxlen: 24
91.143.242.0/24 maxlen: 24
91.143.241.0/24 maxlen: 24
91.143.245.0/24 maxlen: 24
91.143.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229547659 (0xdae9e8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Validity
Not Before: Jan 1 10:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa135cefcb8bb5424a0ee3f61dba42439a58a852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2c:69:25:15:03:5e:29:91:4a:31:c6:b5:74:
46:88:75:06:d2:fd:9c:29:12:2c:88:50:33:59:1e:
cd:eb:a6:8b:c0:b9:c7:5d:a9:e8:d1:67:17:eb:fc:
8d:29:ce:2c:9e:03:d1:72:1f:03:bd:83:54:d4:d7:
60:52:1a:14:b8:c1:c0:1d:60:16:5f:7f:04:d8:cd:
ba:f4:32:87:ee:6a:3d:35:4e:bd:94:c9:79:f3:c9:
64:84:f6:e5:49:b7:7e:6e:7d:12:3a:2c:67:37:2a:
02:e6:67:2d:92:7b:5d:34:20:8e:c9:d9:b3:3e:09:
d1:e8:cf:4d:f6:a8:c3:a9:40:f9:c7:c4:1e:89:9d:
b0:77:dc:8a:df:43:b6:fb:3c:e5:3e:8a:bb:35:e9:
6b:31:19:e7:9d:50:bf:54:90:4f:b3:bd:ca:5e:ee:
3b:66:a5:34:c7:40:44:73:5b:b9:10:49:07:2d:67:
2a:df:e6:8e:bf:cd:73:ca:8d:45:ea:73:e5:47:7c:
41:83:c5:ad:8a:10:4f:40:aa:31:66:85:cf:56:32:
7b:0f:ce:97:e8:c9:f5:22:d0:ff:50:5e:a1:41:c7:
f3:bb:a9:b3:02:47:0d:97:c2:b9:bc:e4:ad:ab:cf:
ca:3f:72:b6:fa:25:cc:4b:85:57:47:71:7d:ef:52:
01:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:13:5C:EF:CB:8B:B5:42:4A:0E:E3:F6:1D:BA:42:43:9A:58:A8:52
X509v3 Authority Key Identifier:
keyid:26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/1-hNc78uLtUJKDuP2HbpCQ5pYqFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.143.240.0-91.143.245.255
Signature Algorithm: sha256WithRSAEncryption
69:2b:39:18:50:b2:29:06:46:bb:ea:bc:4c:21:ca:b5:ff:61:
fd:5f:ee:03:35:75:05:8d:3f:32:94:af:4e:7a:06:81:d0:7b:
8e:01:6d:12:2c:e3:73:74:b3:96:95:48:74:8c:49:a1:a1:b6:
5c:cb:10:f6:2e:8e:69:e0:45:0c:f9:b8:30:d6:db:3d:6a:6a:
e2:34:d3:d5:6e:7b:d5:f6:78:ef:aa:36:8a:58:99:bc:a0:82:
8f:e9:19:0a:18:2a:bd:6e:aa:5f:9a:ae:cb:8e:09:d1:66:d9:
6f:3c:4d:51:11:b1:ca:e4:4d:50:e7:23:ca:e5:88:0b:b8:34:
ab:9f:41:d4:89:3e:ec:76:09:2f:68:b8:72:2d:b0:62:8d:c1:
a6:a7:2d:11:2d:5f:59:11:ff:a0:ab:3c:5b:f7:55:fc:d8:ff:
ad:d3:44:6a:42:54:12:8a:a4:69:e5:b5:2a:9a:8d:9e:a4:ad:
52:36:20:be:25:14:73:fa:10:b6:f6:9a:a3:18:39:22:9a:e6:
70:be:0b:00:ff:74:f5:b4:fb:60:ad:58:de:77:04:cf:9a:07:
e6:a1:7e:37:9a:18:a7:d2:32:af:06:c8:0e:2c:46:71:fc:fb:
8e:0a:b3:70:6d:e7:20:14:38:3b:b1:bb:c0:2c:89:b3:60:de:
fb:c6:f5:05
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIEDa6eizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjdjZjFmMzRlMmYwMTBiOTAyZGMxNDI0NTViNmJiNzMyNmNmMDhkMB4XDTIyMDEw
MTEwNTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmExMzVjZWZjYjhi
YjU0MjRhMGVlM2Y2MWRiYTQyNDM5YTU4YTg1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALosaSUVA14pkUoxxrV0Roh1BtL9nCkSLIhQM1kezeumi8C5
x12p6NFnF+v8jSnOLJ4D0XIfA72DVNTXYFIaFLjBwB1gFl9/BNjNuvQyh+5qPTVO
vZTJefPJZIT25Um3fm59EjosZzcqAuZnLZJ7XTQgjsnZsz4J0ejPTfaow6lA+cfE
HomdsHfcit9Dtvs85T6KuzXpazEZ551Qv1SQT7O9yl7uO2alNMdARHNbuRBJBy1n
Kt/mjr/Nc8qNRepz5Ud8QYPFrYoQT0CqMWaFz1Yyew/Ol+jJ9SLQ/1BeoUHH87up
swJHDZfCubzkravPyj9ytvolzEuFV0dxfe9SAW8CAwEAAaOCAhIwggIOMB0GA1Ud
DgQWBBT6E1zvy4u1QkoO4/YdukJDmlioUjAfBgNVHSMEGDAWgBQmfPHzTi8BC5At
wUJFW2u3MmzwjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pueng4MDR2QVF1UUxjRkNSVnRydHpKczhJMC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvOTFiY2Q4LWExZjctNGZiMS1iMjg4LTAxMWI0NTFiNDViNC8x
LzEtaE5jNzh1THRVSktEdVAySGJwQ1E1cFlxRkkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQw
LzkxYmNkOC1hMWY3LTRmYjEtYjI4OC0wMTFiNDUxYjQ1YjQvMS9Kbnp4ODA0dkFR
dVFMY0ZDUlZ0cnR6SnM4STAuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEBFuP8AMEAVuP9DANBgkqhkiG
9w0BAQsFAAOCAQEAaSs5GFCyKQZGu+q8TCHKtf9h/V/uAzV1BY0/MpSvTnoGgdB7
jgFtEizjc3SzlpVIdIxJoaG2XMsQ9i6OaeBFDPm4MNbbPWpq4jTT1W571fZ476o2
iliZvKCCj+kZChgqvW6qX5quy44J0WbZbzxNURGxyuRNUOcjyuWIC7g0q59B1Ik+
7HYJL2i4ci2wYo3BpqctES1fWRH/oKs8W/dV/Nj/rdNEakJUEoqkaeW1KpqNnqSt
UjYgviUUc/oQtvaaoxg5IprmcL4LAP909bT7YK1Y3ncEz5oH5qF+N5oYp9IyrwbI
DixGcfz7jgqzcG3nIBQ4O7G7wCyJs2De+8b1BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org