Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/obBHNiaw91eO1emhirPGh63umN0.roa
File: obBHNiaw91eO1emhirPGh63umN0.roa (raw, json)
Hash identifier: hAuYsjx3iXLwvwksQTGuCHPoNxcivekrLItS6Bjo7sw=
Subject key identifier: A1:B0:47:36:26:B0:F7:57:8E:D5:E9:A1:8A:B3:C6:87:AD:EE:98:DD
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 01849E3AF96D606016A5E2349A346302E9B4
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/obBHNiaw91eO1emhirPGh63umN0.roa
Signing time: Tue 22 Nov 2022 07:26:15 +0000
ROA not before: Tue 22 Nov 2022 07:26:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60805
IP address blocks: 91.240.240.0/24 maxlen: 24
2001:67c:1734::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:3a:f9:6d:60:60:16:a5:e2:34:9a:34:63:02:e9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Nov 22 07:26:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1b0473626b0f7578ed5e9a18ab3c687adee98dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e4:af:ad:37:b2:36:16:67:e5:4f:e8:7f:e8:
a0:e8:ee:93:ea:da:4a:70:1a:b8:c7:91:39:6c:6a:
80:d9:a3:11:8e:a2:a7:25:da:70:c0:53:20:d9:42:
bb:ee:f4:67:7b:1f:35:6f:62:64:8b:61:55:a3:d8:
3e:e9:39:dd:d2:bf:a6:b0:1c:4c:ce:a3:68:46:25:
1a:33:68:0e:5b:f9:d3:8a:52:aa:1e:e2:0c:e5:dd:
fb:08:1f:c3:71:96:72:33:b4:7e:04:2a:e8:b2:1b:
bb:cd:10:45:a4:2b:4a:c6:69:8a:1f:ba:aa:ac:20:
5c:57:6f:b4:c2:9c:cc:89:8e:00:94:52:c3:d7:25:
34:6b:af:40:e4:eb:94:a5:80:fd:f5:db:60:4f:4e:
67:f8:74:17:6d:ed:50:42:99:85:59:0f:a2:e7:09:
e7:25:46:32:9a:ef:5b:26:8a:07:de:20:b9:95:c6:
69:e3:47:41:81:20:94:27:39:74:f2:82:a2:16:2f:
a8:d3:d6:70:cd:97:c8:6c:8a:83:d1:a0:d3:21:a4:
b2:a7:f3:87:9b:81:e5:75:2d:04:98:11:bf:a9:6d:
84:e9:bc:b5:3b:66:53:98:c6:50:13:af:0e:ef:99:
18:74:5f:ef:42:6e:79:23:6d:e1:a3:ce:79:52:7c:
54:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B0:47:36:26:B0:F7:57:8E:D5:E9:A1:8A:B3:C6:87:AD:EE:98:DD
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/obBHNiaw91eO1emhirPGh63umN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.240.0/24
IPv6:
2001:67c:1734::/48
Signature Algorithm: sha256WithRSAEncryption
26:51:80:ca:7b:72:c1:5e:71:9c:8e:af:0e:94:72:26:38:b8:
d3:87:5c:b5:a2:8a:d3:76:3e:19:95:1f:dd:4a:2d:74:83:e0:
e0:a1:41:23:71:c9:de:00:c6:bf:36:66:7f:51:62:a3:3a:e3:
18:6d:dc:26:36:c4:d4:07:78:57:bd:a3:72:02:80:d2:78:17:
3a:02:b9:09:bc:6f:e0:ff:73:2d:f1:b1:dc:5b:da:e4:fd:28:
d9:eb:f4:8a:e3:16:f0:0b:a7:c0:a5:f1:25:4f:16:97:b6:12:
37:dd:df:0b:86:ef:37:7d:12:65:7a:2e:4a:2e:b3:cd:81:05:
35:ee:c5:a3:64:6d:85:4c:0e:60:9c:99:06:4b:64:96:4d:e1:
4e:3e:11:e8:4a:5f:6f:25:48:13:dc:d0:38:48:64:85:c5:d0:
7c:61:b0:f0:2d:78:ad:fc:7c:0b:12:9f:55:2b:0b:e1:4d:3f:
c0:b2:e5:b4:9f:87:24:4d:02:c8:f2:ea:8d:0c:89:30:93:c9:
f6:d2:34:02:b1:41:2e:36:ef:1a:9f:7a:08:95:2f:7e:f5:68:
e3:c8:e8:21:a2:3e:2f:2c:80:ed:86:a9:88:32:fd:00:1a:17:
9d:8d:2a:ad:92:8d:80:05:f7:51:33:b5:e2:e9:32:ac:9e:4e:
eb:91:89:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSeOvltYGAWpeI0mjRjAum0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjIxMTIyMDcyNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWIwNDczNjI2YjBmNzU3OGVkNWU5YTE4YWIzYzY4N2FkZWU5OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuSvrTeyNhZn5U/of+ig6O6T6tpK
cBq4x5E5bGqA2aMRjqKnJdpwwFMg2UK77vRnex81b2Jki2FVo9g+6Tnd0r+msBxM
zqNoRiUaM2gOW/nTilKqHuIM5d37CB/DcZZyM7R+BCroshu7zRBFpCtKxmmKH7qq
rCBcV2+0wpzMiY4AlFLD1yU0a69A5OuUpYD99dtgT05n+HQXbe1QQpmFWQ+i5wnn
JUYymu9bJooH3iC5lcZp40dBgSCUJzl08oKiFi+o09ZwzZfIbIqD0aDTIaSyp/OH
m4HldS0EmBG/qW2E6by1O2ZTmMZQE68O75kYdF/vQm55I23ho855UnxUiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKGwRzYmsPdXjtXpoYqzxoet7pjdMB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvb2JCSE5pYXc5MWVPMWVtaGlyUEdoNjN1bU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQtODdhNjg0NWY2NmY5
LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/DwMA8E
AgACMAkDBwAgAQZ8FzQwDQYJKoZIhvcNAQELBQADggEBACZRgMp7csFecZyOrw6U
ciY4uNOHXLWiitN2PhmVH91KLXSD4OChQSNxyd4Axr82Zn9RYqM64xht3CY2xNQH
eFe9o3ICgNJ4FzoCuQm8b+D/cy3xsdxb2uT9KNnr9IrjFvALp8Cl8SVPFpe2Ejfd
3wuG7zd9EmV6Lkous82BBTXuxaNkbYVMDmCcmQZLZJZN4U4+EehKX28lSBPc0DhI
ZIXF0HxhsPAteK38fAsSn1UrC+FNP8Cy5bSfhyRNAsjy6o0MiTCTyfbSNAKxQS42
7xqfegiVL371aOPI6CGiPi8sgO2GqYgy/QAaF52NKq2SjYAF91EzteLpMqyeTuuR
ia4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:57 2024 by rpki-client on console-fra.rpki-client.org