Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/9ulfcho0xee37Kx3tbmXyi7K-70.roa
File: 9ulfcho0xee37Kx3tbmXyi7K-70.roa (raw, json)
Hash identifier: k52LE+LIDQbwLpaUK+671lmxxaftAV4PVoFjiHPOC0g=
Subject key identifier: F6:E9:5F:72:1A:34:C5:E7:B7:EC:AC:77:B5:B9:97:CA:2E:CA:FB:BD
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 018225DA0C07F18EBE905CE0F43CAF155C34
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/9ulfcho0xee37Kx3tbmXyi7K-70.roa
Signing time: Fri 22 Jul 2022 12:20:23 +0000
ROA not before: Fri 22 Jul 2022 12:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47856
IP address blocks: 91.206.144.0/23 maxlen: 24
193.28.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:da:0c:07:f1:8e:be:90:5c:e0:f4:3c:af:15:5c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jul 22 12:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6e95f721a34c5e7b7ecac77b5b997ca2ecafbbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:74:67:ad:32:f1:13:9d:32:54:be:a8:a5:01:
9f:7b:18:ac:d1:0a:48:56:5f:b4:9b:55:d1:9f:05:
16:15:0e:35:c1:12:ff:e3:3a:5d:6c:3b:89:25:b7:
ea:36:f5:d1:26:33:ac:9f:c3:c3:ae:a2:9a:73:6f:
32:41:f4:4b:3d:32:ca:00:ab:15:83:28:b9:77:0c:
30:e1:23:2e:91:2c:83:69:af:89:4a:f4:02:23:63:
f1:da:8d:65:ef:bb:2c:83:36:2f:3a:db:fd:68:68:
ab:7d:bf:73:0e:10:46:da:26:5d:b2:7d:6a:22:46:
52:08:78:5e:19:cb:76:d5:bf:06:b0:40:32:7c:7d:
2f:67:95:b8:27:46:bd:7f:2e:8d:20:ed:5f:e5:15:
3e:c3:65:a3:7a:e3:ce:dc:49:64:e2:79:26:3c:29:
d0:77:d7:61:94:55:75:ad:01:2a:70:ca:18:1b:1c:
23:17:fc:8f:a5:af:a0:46:0a:d9:a0:71:38:c6:3f:
2d:db:57:af:1a:0e:ce:ed:2b:b3:4d:95:ef:40:20:
b3:b4:4d:0f:7c:14:f0:50:71:3e:66:43:b4:4e:f4:
d4:37:23:0c:f5:fe:af:e0:eb:ef:a0:8f:3d:e0:fa:
d5:f1:a4:1e:25:0b:25:dc:e2:96:4e:cb:b6:07:47:
91:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E9:5F:72:1A:34:C5:E7:B7:EC:AC:77:B5:B9:97:CA:2E:CA:FB:BD
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/9ulfcho0xee37Kx3tbmXyi7K-70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.144.0/23
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:30:39:df:3a:66:80:f7:ae:9e:ed:04:42:53:e1:38:b2:eb:
26:8b:9b:09:90:67:b7:f3:61:ec:e2:07:62:58:83:3b:30:29:
74:90:15:3a:57:ec:0b:59:b5:6f:fd:9b:32:6b:0b:5a:36:0c:
17:a0:64:f4:3d:fd:04:68:cf:e7:9f:ae:ca:42:26:93:e2:4f:
ee:06:20:cb:1a:f6:98:3b:c4:d6:e9:5b:53:df:04:59:36:4b:
eb:20:7b:aa:25:da:c7:c3:35:2d:38:6b:da:58:0d:ac:15:8f:
87:68:98:5e:60:18:76:aa:f1:f3:10:7e:e7:6c:20:d7:fd:53:
3c:71:b8:01:22:10:6c:1b:f9:de:c8:01:68:6e:a7:d3:0f:92:
98:0f:65:db:fd:e5:f2:af:9a:40:fc:67:f1:b5:e8:ab:43:3e:
fa:25:87:66:b6:01:25:d9:e7:65:31:f6:3f:9c:fa:f3:55:05:
2a:98:77:14:5b:e0:a0:ee:7a:50:ce:da:2d:5a:f5:34:65:51:
f7:dc:d5:be:35:f0:fd:48:e8:6f:d3:f0:1a:d1:20:83:3b:88:
8a:99:f1:42:92:69:c4:65:63:c1:8a:cd:67:7a:ae:a8:22:fc:
8c:52:70:13:fa:9f:c3:0b:92:fd:6e:88:66:ff:ab:4e:9b:73:
53:8b:b2:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIl2gwH8Y6+kFzg9DyvFVw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjIwNzIyMTIyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU5NWY3MjFhMzRjNWU3YjdlY2FjNzdiNWI5OTdjYTJlY2FmYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nRnrTLxE50yVL6opQGfexis0QpI
Vl+0m1XRnwUWFQ41wRL/4zpdbDuJJbfqNvXRJjOsn8PDrqKac28yQfRLPTLKAKsV
gyi5dwww4SMukSyDaa+JSvQCI2Px2o1l77ssgzYvOtv9aGirfb9zDhBG2iZdsn1q
IkZSCHheGct21b8GsEAyfH0vZ5W4J0a9fy6NIO1f5RU+w2WjeuPO3Elk4nkmPCnQ
d9dhlFV1rQEqcMoYGxwjF/yPpa+gRgrZoHE4xj8t21evGg7O7SuzTZXvQCCztE0P
fBTwUHE+ZkO0TvTUNyMM9f6v4OvvoI894PrV8aQeJQsl3OKWTsu2B0eRsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPbpX3IaNMXnt+ysd7W5l8ouyvu9MB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvOXVsZmNobzB4ZWUzN0t4M3RibVh5aTdLLTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW86QAwQA
wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQChMDnfOmaA966e7QRCU+E4susmi5sJkGe3
82Hs4gdiWIM7MCl0kBU6V+wLWbVv/ZsyawtaNgwXoGT0Pf0EaM/nn67KQiaT4k/u
BiDLGvaYO8TW6VtT3wRZNkvrIHuqJdrHwzUtOGvaWA2sFY+HaJheYBh2qvHzEH7n
bCDX/VM8cbgBIhBsG/neyAFobqfTD5KYD2Xb/eXyr5pA/GfxteirQz76JYdmtgEl
2edlMfY/nPrzVQUqmHcUW+Cg7npQztotWvU0ZVH33NW+NfD9SOhv0/Aa0SCDO4iK
mfFCkmnEZWPBis1neq6oIvyMUnAT+p/DC5L9bohm/6tOm3NTi7J/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org