Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/krsTNNJOPBfHaX2HyKe1TxHLmhw.roa
File: krsTNNJOPBfHaX2HyKe1TxHLmhw.roa (raw, json)
Hash identifier: 4RvvfC/WZn1vX0KhSf9DQcEuCNbSS6ekx19BO2VMUck=
Subject key identifier: 92:BB:13:34:D2:4E:3C:17:C7:69:7D:87:C8:A7:B5:4F:11:CB:9A:1C
Certificate issuer: /CN=c3bd26fe2295e462be2678533efa531e23b7f102
Certificate serial: 0A319A52
Authority key identifier: C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/krsTNNJOPBfHaX2HyKe1TxHLmhw.roa
Signing time: Sat 01 Jan 2022 15:58:20 +0000
ROA not before: Sat 01 Jan 2022 15:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12552
IP address blocks: 91.208.188.0/24 maxlen: 24
2001:67c:43c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171022930 (0xa319a52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3bd26fe2295e462be2678533efa531e23b7f102
Validity
Not Before: Jan 1 15:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92bb1334d24e3c17c7697d87c8a7b54f11cb9a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:c5:12:a5:bb:4a:90:23:6d:10:36:ad:f7:
6c:2f:4d:ad:c3:97:93:63:55:27:41:85:56:75:71:
70:85:7f:19:5e:a1:ce:08:59:29:2d:ec:97:7e:eb:
e6:c1:b3:98:66:a8:8a:48:ba:c2:16:ad:9b:3f:e8:
4f:d1:6d:9c:b7:a2:52:53:af:96:3f:5d:7f:50:39:
3a:3b:1f:49:7b:91:f7:12:8b:ba:58:ab:86:b9:2e:
77:2d:60:7a:e2:61:1a:f7:7c:33:2f:37:02:eb:e3:
94:21:59:4a:fc:23:35:d1:34:e8:b9:db:11:ab:98:
ca:86:10:17:ce:a4:0e:18:a4:2a:04:4e:4d:fb:f5:
7b:38:36:7d:8a:87:1d:42:9b:ce:f1:cc:8c:96:16:
cb:58:06:1f:35:52:9e:38:f1:82:31:45:6d:02:a2:
cd:5b:08:c0:6c:71:c2:28:09:94:c2:23:1f:4b:a3:
15:1f:27:97:61:a8:18:1e:a5:5c:03:62:44:11:a0:
99:05:b5:f0:78:2a:6a:74:8a:cb:e8:0d:24:9a:e0:
04:5f:40:37:77:71:70:da:58:b5:32:e7:5a:20:65:
8a:b2:bd:6c:f1:4d:eb:b6:01:28:6f:9c:62:78:90:
f1:ae:b6:e2:82:cf:fc:23:49:12:7f:17:0d:c7:45:
26:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BB:13:34:D2:4E:3C:17:C7:69:7D:87:C8:A7:B5:4F:11:CB:9A:1C
X509v3 Authority Key Identifier:
keyid:C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/krsTNNJOPBfHaX2HyKe1TxHLmhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.188.0/24
IPv6:
2001:67c:43c::/48
Signature Algorithm: sha256WithRSAEncryption
4b:a0:df:de:6e:fe:bb:8c:c2:c9:69:00:12:20:f3:05:61:a1:
5d:d5:cd:6f:39:c5:c7:98:d3:b7:70:4f:06:98:63:ff:89:ee:
67:22:76:2d:39:03:61:19:f2:40:44:ff:2b:20:07:a6:b5:97:
22:d8:0b:98:ee:84:82:67:d5:95:74:5d:6d:ef:90:f3:f0:3a:
fc:f1:bd:13:d6:9f:44:b4:f2:01:80:ed:5e:a8:95:66:64:6d:
17:a9:1c:32:20:4c:cf:03:d0:59:df:18:8c:ea:b5:c5:e6:ff:
d0:19:89:43:1e:fc:05:46:5f:a5:17:44:69:48:b3:ee:c6:2c:
e0:bb:02:4d:dd:b8:26:91:ba:56:f9:bf:18:f8:ab:48:b4:67:
b9:63:65:14:62:b1:c9:c7:43:3d:67:39:8a:18:d6:59:b8:9c:
e1:ee:2e:3c:10:fe:bc:55:a1:76:4e:1c:a6:0d:2c:c6:fa:f9:
ab:6c:26:87:f1:29:25:c2:45:21:06:92:6c:0e:e8:c7:fa:5a:
23:3f:9b:de:8f:2c:b8:25:2c:6b:bc:ec:14:fe:85:b5:16:39:
dd:0f:9f:35:f2:f1:16:dc:4c:2a:f4:2d:d3:58:7d:cf:af:78:
6f:64:fc:62:38:c6:05:f9:d7:c6:0a:61:8c:a6:6a:93:c7:48:
9c:66:00:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECjGaUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2JkMjZmZTIyOTVlNDYyYmUyNjc4NTMzZWZhNTMxZTIzYjdmMTAyMB4XDTIyMDEw
MTE1NTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJiYjEzMzRkMjRl
M2MxN2M3Njk3ZDg3YzhhN2I1NGYxMWNiOWExYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgYxRKlu0qQI20QNq33bC9NrcOXk2NVJ0GFVnVxcIV/GV6h
zghZKS3sl37r5sGzmGaoiki6whatmz/oT9FtnLeiUlOvlj9df1A5OjsfSXuR9xKL
ulirhrkudy1geuJhGvd8My83AuvjlCFZSvwjNdE06LnbEauYyoYQF86kDhikKgRO
Tfv1ezg2fYqHHUKbzvHMjJYWy1gGHzVSnjjxgjFFbQKizVsIwGxxwigJlMIjH0uj
FR8nl2GoGB6lXANiRBGgmQW18HgqanSKy+gNJJrgBF9AN3dxcNpYtTLnWiBlirK9
bPFN67YBKG+cYniQ8a624oLP/CNJEn8XDcdFJjECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSSuxM00k48F8dpfYfIp7VPEcuaHDAfBgNVHSMEGDAWgBTDvSb+IpXkYr4m
eFM++lMeI7fxAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c3MG1faUtWNUdLLUpuaFRQdnBUSGlPMzhRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvOWM1YTAwLTBiNWYtNGE5NS05OGE4LThiZDk3NjkxMGRiZi8x
L2tyc1ROTkpPUEJmSGFYMkh5S2UxVHhITG1ody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
OWM1YTAwLTBiNWYtNGE5NS05OGE4LThiZDk3NjkxMGRiZi8xL3c3MG1faUtWNUdL
LUpuaFRQdnBUSGlPMzhRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvQvDAPBAIAAjAJAwcAIAEGfAQ8
MA0GCSqGSIb3DQEBCwUAA4IBAQBLoN/ebv67jMLJaQASIPMFYaFd1c1vOcXHmNO3
cE8GmGP/ie5nInYtOQNhGfJARP8rIAemtZci2AuY7oSCZ9WVdF1t75Dz8Dr88b0T
1p9EtPIBgO1eqJVmZG0XqRwyIEzPA9BZ3xiM6rXF5v/QGYlDHvwFRl+lF0RpSLPu
xizguwJN3bgmkbpW+b8Y+KtItGe5Y2UUYrHJx0M9ZzmKGNZZuJzh7i48EP68VaF2
ThymDSzG+vmrbCaH8SklwkUhBpJsDujH+lojP5vejyy4JSxrvOwU/oW1FjndD581
8vEW3Ewq9C3TWH3Pr3hvZPxiOMYF+dfGCmGMpmqTx0icZgCg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org