Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/4y0JvJDeZsf323-lbY1Oxo0a9ys.roa
File: 4y0JvJDeZsf323-lbY1Oxo0a9ys.roa (raw, json)
Hash identifier: Gn6pkdRvlu08r/upA4f79kjmbapHKSH5KIR5mzaT7wc=
Subject key identifier: E3:2D:09:BC:90:DE:66:C7:F7:DB:7F:A5:6D:8D:4E:C6:8D:1A:F7:2B
Certificate issuer: /CN=2d6f9bdaf69dca1cdb9e440c97c10a092ec1b39c
Certificate serial: 01843024D0B1B898AA8391219340ED887F16
Authority key identifier: 2D:6F:9B:DA:F6:9D:CA:1C:DB:9E:44:0C:97:C1:0A:09:2E:C1:B3:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LW-b2vadyhzbnkQMl8EKCS7Bs5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/4y0JvJDeZsf323-lbY1Oxo0a9ys.roa
Signing time: Mon 31 Oct 2022 22:23:49 +0000
ROA not before: Mon 31 Oct 2022 22:23:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 91.209.227.0/24 maxlen: 24
91.212.11.0/24 maxlen: 24
91.212.14.0/24 maxlen: 24
91.212.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:30:24:d0:b1:b8:98:aa:83:91:21:93:40:ed:88:7f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d6f9bdaf69dca1cdb9e440c97c10a092ec1b39c
Validity
Not Before: Oct 31 22:23:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e32d09bc90de66c7f7db7fa56d8d4ec68d1af72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:33:63:8b:b8:f9:a0:d7:71:ad:99:e4:4b:ea:
9d:cc:3c:71:12:03:56:53:5a:cc:2e:d3:b8:f1:9c:
ea:21:bd:86:e7:2c:ba:54:c4:71:60:25:c5:50:3b:
9a:1f:72:c9:0c:73:5c:c6:51:9f:5d:a4:9c:ed:ef:
0d:8a:13:1f:2e:38:ba:ec:ae:4c:6c:ff:bb:f4:e4:
ec:c8:35:33:1b:45:95:16:d4:ff:2f:4b:08:43:b6:
e5:54:21:e7:cd:5e:b0:62:e3:d2:61:d8:89:3f:09:
39:cb:ec:f1:f0:5d:2e:6a:77:ad:7d:73:1b:e9:ca:
3c:1f:f5:b0:33:5b:d7:65:0b:79:2d:44:9c:fa:f4:
79:15:ec:da:b6:5d:01:3f:80:a9:ba:e9:ef:c8:e2:
f6:0c:a3:d4:39:2c:6e:90:21:0a:16:bc:cd:49:94:
de:c3:3b:27:cd:19:d0:1a:b2:dd:d7:17:a2:e8:d6:
d4:07:b3:f0:a9:6c:f1:18:86:cd:fb:d4:c8:f4:ad:
a6:84:35:0b:7a:e5:da:16:80:f8:5c:ea:9e:66:70:
dd:68:31:73:2f:1c:37:76:e8:0d:75:69:63:7a:9d:
e6:ac:08:d2:0f:88:24:1d:b0:0b:de:bf:80:25:a1:
9c:a9:3c:63:aa:44:3b:25:85:5c:45:6e:bb:11:c7:
60:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2D:09:BC:90:DE:66:C7:F7:DB:7F:A5:6D:8D:4E:C6:8D:1A:F7:2B
X509v3 Authority Key Identifier:
keyid:2D:6F:9B:DA:F6:9D:CA:1C:DB:9E:44:0C:97:C1:0A:09:2E:C1:B3:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LW-b2vadyhzbnkQMl8EKCS7Bs5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/4y0JvJDeZsf323-lbY1Oxo0a9ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4464f2-6c1c-4096-960b-e39b3a302ced/1/LW-b2vadyhzbnkQMl8EKCS7Bs5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.227.0/24
91.212.11.0/24
91.212.14.0/24
91.212.19.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:9e:dc:c2:97:25:52:7e:75:ed:01:5d:c8:32:69:e2:77:2e:
a2:6a:11:99:36:00:18:84:0b:13:0e:a4:f1:39:80:38:c5:a7:
24:3a:3d:f2:f8:f2:d8:6b:16:6f:cd:19:c6:64:b7:6c:0c:4e:
19:03:14:70:21:7d:38:1e:86:0d:46:94:4c:a8:7b:67:b0:92:
8b:bc:d9:00:e6:8c:87:1c:f1:56:4b:1f:dd:82:5c:dd:2b:cb:
62:83:65:05:ef:dc:94:bd:f0:bf:24:6f:56:1a:24:18:f8:6d:
35:c0:ef:6e:64:74:0e:93:7c:d7:69:96:3e:dc:35:9c:b2:a4:
b8:ba:09:a9:f3:48:0c:97:fa:1b:cf:cc:4e:24:b4:b4:88:3c:
82:7e:36:ef:ed:f9:e9:85:ef:e7:83:ae:25:3f:68:7a:6c:74:
b7:64:d6:1a:15:e9:18:75:51:6b:d1:20:72:69:64:62:d5:a5:
2c:a0:96:6a:11:dd:45:4e:8a:c8:6b:8a:10:71:d9:97:70:2a:
1d:cf:ee:0d:c3:23:bd:8b:8e:c7:65:6f:14:af:78:95:d4:9f:
82:76:8b:22:a7:91:c1:e9:c0:52:62:3e:6e:27:d9:4e:15:d2:
f0:b7:82:e4:46:d7:61:cc:49:f7:e8:14:26:41:bc:35:ed:60:
85:96:77:55
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQwJNCxuJiqg5Ehk0DtiH8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNmY5YmRhZjY5ZGNhMWNkYjllNDQwYzk3YzEwYTA5MmVj
MWIzOWMwHhcNMjIxMDMxMjIyMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJkMDliYzkwZGU2NmM3ZjdkYjdmYTU2ZDhkNGVjNjhkMWFmNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozNji7j5oNdxrZnkS+qdzDxxEgNW
U1rMLtO48ZzqIb2G5yy6VMRxYCXFUDuaH3LJDHNcxlGfXaSc7e8NihMfLji67K5M
bP+79OTsyDUzG0WVFtT/L0sIQ7blVCHnzV6wYuPSYdiJPwk5y+zx8F0uanetfXMb
6co8H/WwM1vXZQt5LUSc+vR5Fezatl0BP4CpuunvyOL2DKPUOSxukCEKFrzNSZTe
wzsnzRnQGrLd1xei6NbUB7PwqWzxGIbN+9TI9K2mhDULeuXaFoD4XOqeZnDdaDFz
Lxw3dugNdWljep3mrAjSD4gkHbAL3r+AJaGcqTxjqkQ7JYVcRW67EcdgDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOMtCbyQ3mbH99t/pW2NTsaNGvcrMB8GA1UdIwQY
MBaAFC1vm9r2ncoc255EDJfBCgkuwbOcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFctYjJ2YWR5aHpibmtRTWw4RUtDUzdCczV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80NDY0ZjItNmMxYy00MDk2LTk2MGIt
ZTM5YjNhMzAyY2VkLzEvNHkwSnZKRGVac2YzMjMtbGJZMU94bzBhOXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80NDY0ZjItNmMxYy00MDk2LTk2MGItZTM5YjNhMzAyY2Vk
LzEvTFctYjJ2YWR5aHpibmtRTWw4RUtDUzdCczV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9HjAwQA
W9QLAwQAW9QOAwQAW9QTMA0GCSqGSIb3DQEBCwUAA4IBAQBfntzClyVSfnXtAV3I
Mmnidy6iahGZNgAYhAsTDqTxOYA4xackOj3y+PLYaxZvzRnGZLdsDE4ZAxRwIX04
HoYNRpRMqHtnsJKLvNkA5oyHHPFWSx/dglzdK8tig2UF79yUvfC/JG9WGiQY+G01
wO9uZHQOk3zXaZY+3DWcsqS4ugmp80gMl/obz8xOJLS0iDyCfjbv7fnphe/ng64l
P2h6bHS3ZNYaFekYdVFr0SByaWRi1aUsoJZqEd1FTorIa4oQcdmXcCodz+4NwyO9
i47HZW8Ur3iV1J+Cdosip5HB6cBSYj5uJ9lOFdLwt4LkRtdhzEn36BQmQbw17WCF
lndV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:08 2024 by rpki-client on console-ams.rpki-client.org