Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/1FlzG-WVQGQypW5c3sV_nvCo4pc.roa
File: 1FlzG-WVQGQypW5c3sV_nvCo4pc.roa (raw, json)
Hash identifier: egymUDK5bs/9HyYbP3yI7TtKk86maYMpEHY1eHgLUyE=
Subject key identifier: D4:59:73:1B:E5:95:40:64:32:A5:6E:5C:DE:C5:7F:9E:F0:A8:E2:97
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01841C419551B12D6E6EBF18C1F3D5B97E12
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/1FlzG-WVQGQypW5c3sV_nvCo4pc.roa
Signing time: Fri 28 Oct 2022 01:42:50 +0000
ROA not before: Fri 28 Oct 2022 01:42:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 188.191.98.0/24 maxlen: 24
188.191.96.0/24 maxlen: 24
188.191.97.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1c:41:95:51:b1:2d:6e:6e:bf:18:c1:f3:d5:b9:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 28 01:42:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d459731be595406432a56e5cdec57f9ef0a8e297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:44:bf:a8:78:87:9c:78:00:4d:0f:1b:4b:bf:
9a:b0:45:b4:29:98:0a:83:df:55:2e:d3:45:b5:f5:
fa:19:b0:e9:88:1f:55:ec:e2:d6:7f:eb:55:cf:1b:
55:22:87:d0:34:2d:75:c9:14:a9:39:e9:1a:98:0a:
51:c9:21:0c:bb:3b:52:47:18:c1:ae:bf:ac:8a:fd:
78:b9:57:89:1d:48:9f:d7:f2:76:7e:99:3e:64:54:
4c:be:2f:8c:bb:fe:6c:9d:6c:ab:07:62:59:85:c1:
79:fa:71:55:c3:49:24:f6:d8:c8:21:3c:27:57:28:
01:85:0c:da:5d:a7:26:90:54:c1:c0:8c:63:e1:f1:
9d:26:b9:44:8c:c6:a4:b2:bf:7c:6e:12:bf:c4:d4:
e8:3e:47:f4:dd:eb:88:2b:12:66:a4:b9:92:28:c8:
8c:fa:b6:93:57:6f:2e:44:35:a4:e8:48:12:2b:87:
02:90:f5:f3:d4:78:a5:59:04:2b:ad:78:3f:1a:e4:
95:ba:18:a2:b7:72:b5:64:91:4a:5a:c0:43:78:3a:
42:70:1e:dd:a5:44:f6:14:22:4b:d5:74:29:fa:10:
eb:25:d9:2b:d4:f6:84:eb:60:ed:ee:2f:82:6e:50:
75:68:d8:30:05:f0:21:19:5e:70:ef:9a:a2:29:bc:
aa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:59:73:1B:E5:95:40:64:32:A5:6E:5C:DE:C5:7F:9E:F0:A8:E2:97
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/1FlzG-WVQGQypW5c3sV_nvCo4pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0-91.225.226.255
188.191.96.0-188.191.98.255
188.191.100.0/23
188.191.103.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
5a:3d:98:69:f2:52:f6:27:d3:eb:57:1e:b3:39:da:73:95:a6:
35:30:56:7f:ef:d0:39:8e:09:01:e9:25:58:4c:47:a9:d9:4c:
d2:48:f1:27:95:a7:76:f1:a4:14:7f:94:e7:11:65:16:8d:92:
03:e9:b0:ed:f1:f8:cf:7d:69:21:24:39:93:78:ba:ab:bc:5b:
a7:cf:81:a9:50:43:00:6a:8e:91:8d:a7:42:f6:e4:f6:d1:65:
b6:ee:72:00:58:9c:af:8d:2d:58:10:98:62:9a:35:b8:0a:59:
10:2b:6b:23:b2:a7:03:de:33:83:82:15:1e:f2:de:2e:63:17:
96:d8:cb:d3:55:33:49:72:28:5f:01:b6:52:79:9e:86:ad:fb:
fe:09:ec:5f:af:48:66:02:c3:12:19:94:cb:25:0e:b4:03:10:
48:27:96:00:a0:b5:b3:67:ae:e0:14:af:4d:8e:c6:cc:3f:a6:
32:9a:69:51:14:f2:6e:96:06:5e:5e:3f:8f:a3:3b:36:f8:04:
d2:1f:12:46:49:e4:fc:fb:db:e5:a3:c0:dd:4e:70:1f:8b:01:
c6:93:01:94:ac:3c:59:45:0a:ed:f0:4c:ee:e8:24:c2:60:ef:
db:5c:df:f3:c9:2d:bb:ac:9f:fa:d1:1f:1f:80:4a:54:53:47:
dd:96:f4:78
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQcQZVRsS1ubr8YwfPVuX4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMDI4MDE0MjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU5NzMxYmU1OTU0MDY0MzJhNTZlNWNkZWM1N2Y5ZWYwYThlMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0S/qHiHnHgATQ8bS7+asEW0KZgK
g99VLtNFtfX6GbDpiB9V7OLWf+tVzxtVIofQNC11yRSpOekamApRySEMuztSRxjB
rr+siv14uVeJHUif1/J2fpk+ZFRMvi+Mu/5snWyrB2JZhcF5+nFVw0kk9tjIITwn
VygBhQzaXacmkFTBwIxj4fGdJrlEjMaksr98bhK/xNToPkf03euIKxJmpLmSKMiM
+raTV28uRDWk6EgSK4cCkPXz1HilWQQrrXg/GuSVuhiit3K1ZJFKWsBDeDpCcB7d
pUT2FCJL1XQp+hDrJdkr1PaE62Dt7i+CblB1aNgwBfAhGV5w75qiKbyqwwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNRZcxvllUBkMqVuXN7Ff57wqOKXMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvMUZsekctV1ZRR1F5cFc1YzNzVl9udkNvNHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBABb4eED
BABb4eIwDAMEBby/YAMEALy/YgMEAby/ZAMEALy/ZzAMAwQAvL9tAwQAvL9uMA0G
CSqGSIb3DQEBCwUAA4IBAQBaPZhp8lL2J9PrVx6zOdpzlaY1MFZ/79A5jgkB6SVY
TEep2UzSSPEnlad28aQUf5TnEWUWjZID6bDt8fjPfWkhJDmTeLqrvFunz4GpUEMA
ao6RjadC9uT20WW27nIAWJyvjS1YEJhimjW4ClkQK2sjsqcD3jODghUe8t4uYxeW
2MvTVTNJcihfAbZSeZ6Grfv+Cexfr0hmAsMSGZTLJQ60AxBIJ5YAoLWzZ67gFK9N
jsbMP6YymmlRFPJulgZeXj+Pozs2+ATSHxJGSeT8+9vlo8DdTnAfiwHGkwGUrDxZ
RQrt8Ezu6CTCYO/bXN/zyS27rJ/60R8fgEpUU0fdlvR4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org