Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/9wAHEYvIHdHCfLeePNZ3VxiEh1g.roa
File: 9wAHEYvIHdHCfLeePNZ3VxiEh1g.roa (raw, json)
Hash identifier: ykVfeHrovRtW4hHYwSzNZKIjeOfRwmt6LNIDnT93fuY=
Subject key identifier: F7:00:07:11:8B:C8:1D:D1:C2:7C:B7:9E:3C:D6:77:57:18:84:87:58
Certificate issuer: /CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Certificate serial: 0183D5D78B7058A780D5A0860C8CF9659E66
Authority key identifier: FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/9wAHEYvIHdHCfLeePNZ3VxiEh1g.roa
Signing time: Fri 14 Oct 2022 09:33:36 +0000
ROA not before: Fri 14 Oct 2022 09:33:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48345
IP address blocks: 91.223.220.0/24 maxlen: 24
91.234.215.0/24 maxlen: 24
94.232.112.0/21 maxlen: 21
2001:67c:174::/48 maxlen: 48
2001:67c:28d8::/48 maxlen: 48
2001:67c:15b8::/48 maxlen: 48
2a0e:d340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d5:d7:8b:70:58:a7:80:d5:a0:86:0c:8c:f9:65:9e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Validity
Not Before: Oct 14 09:33:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f70007118bc81dd1c27cb79e3cd6775718848758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:54:4e:83:bf:72:cb:11:b2:ea:50:4b:12:fd:
87:43:69:b4:d4:44:54:44:41:db:1e:65:c8:9d:fe:
0d:c3:4b:89:01:0f:f1:94:f6:06:5a:9a:95:b4:07:
68:d8:25:ae:d5:12:a1:76:31:f0:63:d0:7c:c0:00:
19:b2:ab:5f:55:cd:e2:2d:5d:e6:91:bf:d1:b3:64:
27:8b:49:98:44:b2:b6:14:3e:0c:6b:38:12:c9:a9:
4d:9d:a3:ce:4a:ed:f3:f8:13:ef:af:5b:f7:76:18:
c2:89:da:79:78:1b:64:fe:a7:11:37:87:b8:46:6d:
c5:ca:41:e2:13:73:4f:57:dc:64:3c:8f:9f:1c:45:
88:84:0d:b8:93:ef:01:32:a1:8b:77:4c:41:9e:3a:
23:71:07:2c:35:e6:d2:ef:0a:9a:89:01:93:2f:0a:
13:2e:51:c8:27:2f:06:d3:91:de:94:10:2b:b3:aa:
56:a3:19:ed:14:e0:ac:e6:80:5e:c9:80:78:93:d5:
11:60:5e:45:e4:00:71:d3:0f:51:e0:70:a5:fe:9e:
4a:f5:6c:f8:8a:8a:b2:e8:aa:41:89:e5:83:90:09:
28:6f:8b:dc:78:3b:60:3c:f0:7b:8a:66:89:7a:6d:
d4:e0:d7:91:da:23:fc:fe:25:bc:f3:2f:19:44:d6:
16:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:00:07:11:8B:C8:1D:D1:C2:7C:B7:9E:3C:D6:77:57:18:84:87:58
X509v3 Authority Key Identifier:
keyid:FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/9wAHEYvIHdHCfLeePNZ3VxiEh1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.220.0/24
91.234.215.0/24
94.232.112.0/21
IPv6:
2001:67c:174::/48
2001:67c:15b8::/48
2001:67c:28d8::/48
2a0e:d340::/48
Signature Algorithm: sha256WithRSAEncryption
8c:a4:c5:65:da:f7:4b:d7:e4:b4:7e:0c:93:dc:27:13:1d:9a:
97:e3:cd:a1:2d:c2:a0:82:5d:ec:75:97:bc:3d:76:2a:e3:b5:
e1:c1:ce:fc:8c:9a:ff:f7:3b:13:fa:b2:06:fb:d9:34:62:0f:
5b:dc:e7:fc:da:5c:42:3f:aa:af:a6:14:10:71:bb:a0:fe:99:
0e:16:61:f0:ba:3a:2b:5e:8e:35:63:98:84:48:db:ad:c1:e4:
fb:7f:ff:1a:42:d7:7e:d5:e5:48:62:ce:95:db:6c:c1:7c:2b:
e8:8a:56:61:cf:2d:0e:38:e5:5b:97:ef:1f:12:3a:3d:4e:bf:
67:b3:f9:6d:ae:ee:25:ca:0e:4d:aa:10:41:ff:b1:2c:91:83:
32:12:e0:69:85:72:93:6a:83:d8:e7:41:7a:92:90:d2:15:cb:
1f:c2:fd:84:5d:f3:54:94:d8:a5:3f:18:93:1f:50:dc:79:25:
f1:56:6f:af:32:ee:37:9c:19:8d:52:e3:35:23:ed:e7:da:63:
bc:53:bf:a4:99:e7:fa:9c:cd:1c:6c:ee:24:af:71:9c:ae:e5:
11:db:96:ec:0a:2c:69:56:f0:9d:0e:a3:49:eb:17:58:df:51:
3b:32:33:67:cf:b2:b1:8e:5f:dd:7a:0b:46:38:a5:3b:bc:de:
e4:87:65:35
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYPV14twWKeA1aCGDIz5ZZ5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzIzNzA2ZDBlODM3NThiYTUyMTM4ZTlkYjQyMDdiNWE1
YzE4OWMwHhcNMjIxMDE0MDkzMzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzAwMDcxMThiYzgxZGQxYzI3Y2I3OWUzY2Q2Nzc1NzE4ODQ4NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1ROg79yyxGy6lBLEv2HQ2m01ERU
REHbHmXInf4Nw0uJAQ/xlPYGWpqVtAdo2CWu1RKhdjHwY9B8wAAZsqtfVc3iLV3m
kb/Rs2Qni0mYRLK2FD4MazgSyalNnaPOSu3z+BPvr1v3dhjCidp5eBtk/qcRN4e4
Rm3FykHiE3NPV9xkPI+fHEWIhA24k+8BMqGLd0xBnjojcQcsNebS7wqaiQGTLwoT
LlHIJy8G05HelBArs6pWoxntFOCs5oBeyYB4k9URYF5F5ABx0w9R4HCl/p5K9Wz4
ioqy6KpBieWDkAkob4vceDtgPPB7imaJem3U4NeR2iP8/iW88y8ZRNYWrwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPcABxGLyB3Rwny3njzWd1cYhIdYMB8GA1UdIwQY
MBaAFPtyNwbQ6DdYulITjp20IHtaXBicMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zSTNCdERvTjFpNlVoT09uYlFnZTFwY0dKdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRk
LWI2MTQzNjExOTZmZC8xLzl3QUhFWXZJSGRIQ2ZMZWVQTlozVnhpRWgxZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRkLWI2MTQzNjExOTZm
ZC8xLzEtM0kzQnREb04xaTZVaE9PbmJRZ2UxcGNHSncuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMBgEAgABMBIDBABb39wD
BABb6tcDBANe6HAwKgQCAAIwJAMHACABBnwBdAMHACABBnwVuAMHACABBnwo2AMH
ACoO00AAADANBgkqhkiG9w0BAQsFAAOCAQEAjKTFZdr3S9fktH4Mk9wnEx2al+PN
oS3CoIJd7HWXvD12KuO14cHO/Iya//c7E/qyBvvZNGIPW9zn/NpcQj+qr6YUEHG7
oP6ZDhZh8Lo6K16ONWOYhEjbrcHk+3//GkLXftXlSGLOldtswXwr6IpWYc8tDjjl
W5fvHxI6PU6/Z7P5ba7uJcoOTaoQQf+xLJGDMhLgaYVyk2qD2OdBepKQ0hXLH8L9
hF3zVJTYpT8Ykx9Q3Hkl8VZvrzLuN5wZjVLjNSPt59pjvFO/pJnn+pzNHGzuJK9x
nK7lEduW7AosaVbwnQ6jSesXWN9ROzIzZ8+ysY5f3XoLRjilO7ze5IdlNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:33 2023 by rpki-client on console-ams.rpki-client.org