Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/6tOtiFmzPKJoQC0HkmnnkR5T2t0.roa
File: 6tOtiFmzPKJoQC0HkmnnkR5T2t0.roa (raw, json)
Hash identifier: QvWUoF5mv0D3PHQkBEEPk7+/IacOeI6zDtRGkzFy5C0=
Subject key identifier: EA:D3:AD:88:59:B3:3C:A2:68:40:2D:07:92:69:E7:91:1E:53:DA:DD
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01843BAA210F238F963936140D68DCAADDA3
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/6tOtiFmzPKJoQC0HkmnnkR5T2t0.roa
Signing time: Thu 03 Nov 2022 04:05:16 +0000
ROA not before: Thu 03 Nov 2022 04:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 91.225.227.0/24 maxlen: 24
188.191.99.0/24 maxlen: 24
188.191.111.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3b:aa:21:0f:23:8f:96:39:36:14:0d:68:dc:aa:dd:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 3 04:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ead3ad8859b33ca268402d079269e7911e53dadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e2:1b:ec:3a:c6:77:72:35:8f:ea:a6:d0:75:
5e:74:05:5a:50:c8:a1:ec:88:15:9e:8e:8d:d5:09:
6a:2c:18:ea:42:64:ec:93:aa:3c:47:7a:cb:95:6e:
5f:28:67:56:b6:e5:a0:bc:65:76:d8:a1:15:77:2b:
e3:84:0c:b1:60:d9:74:0a:f3:0c:10:9c:f3:31:6b:
2e:6c:4c:09:66:7b:4e:98:89:21:b6:88:e6:09:75:
82:14:c7:ed:16:65:08:80:3d:38:d7:d2:83:57:7e:
02:3e:b6:95:8f:c2:d0:ed:e8:59:dc:0e:a6:f8:3b:
f7:3b:f3:f6:06:6d:c5:68:4a:3d:f1:89:b3:18:79:
e7:9e:93:40:c2:fd:48:00:d0:41:4b:5f:ee:5f:49:
04:dc:59:28:a6:c9:bb:8d:b6:c6:e9:ae:82:ec:06:
a5:72:46:54:db:a0:5c:5a:02:5d:9b:da:5d:13:bf:
06:4a:e0:49:43:9e:57:fd:47:9e:14:cf:9a:17:6f:
0f:6b:65:30:84:f2:c6:c3:16:54:7a:41:0c:25:51:
27:ce:cc:ca:5a:c8:5a:78:73:25:d4:e8:00:fd:5d:
75:9d:ca:76:9c:95:2c:fa:37:b2:91:26:f7:d9:ca:
fd:bb:b5:6b:4d:b7:ad:95:4d:ea:53:82:75:90:74:
cd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D3:AD:88:59:B3:3C:A2:68:40:2D:07:92:69:E7:91:1E:53:DA:DD
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/6tOtiFmzPKJoQC0HkmnnkR5T2t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
91.225.227.0/24
188.191.99.0/24
188.191.106.0/23
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
16:69:7c:7a:77:98:83:85:b6:96:7b:b5:15:48:e5:06:83:90:
b6:16:18:57:7a:1e:48:fd:64:af:08:4d:ac:f7:89:a5:03:1b:
c4:20:1d:68:75:5f:73:88:4a:3f:7f:26:21:5f:d2:bf:01:dc:
29:47:9a:c7:85:25:35:04:c9:72:6d:3a:28:8a:fe:86:e8:ee:
db:78:68:16:a1:fb:4d:1e:48:b8:6c:ce:e6:a4:18:a0:55:b3:
42:98:66:c6:72:7f:c8:e4:b4:a6:c8:17:49:95:f9:fb:df:de:
61:07:32:74:f2:35:af:e1:53:22:84:c0:8e:0f:01:fa:6f:7f:
20:35:7b:e0:a5:10:8e:b5:97:0b:47:f6:1f:e1:7b:a9:11:c4:
ec:bf:a5:af:98:fd:cf:b7:8e:34:f7:1b:79:7f:a7:bd:ec:d7:
a4:f6:6d:75:d0:0e:62:c6:c3:95:3f:9f:de:75:80:9c:31:0b:
b0:5c:7b:8c:e2:9b:29:5a:f0:10:d0:f3:cd:eb:e8:1a:94:1a:
70:67:c5:b3:d3:1a:e4:a5:de:cf:33:8e:65:55:98:08:bd:aa:
37:71:ae:ae:a5:7e:53:9a:0a:c6:41:9b:f8:af:09:05:09:a1:
ad:c0:bb:95:8c:29:9d:a1:e1:d3:6b:70:b8:f4:b3:f8:a0:d0:
e9:65:da:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQ7qiEPI4+WOTYUDWjcqt2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTAzMDQwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQzYWQ4ODU5YjMzY2EyNjg0MDJkMDc5MjY5ZTc5MTFlNTNkYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuIb7DrGd3I1j+qm0HVedAVaUMih
7IgVno6N1QlqLBjqQmTsk6o8R3rLlW5fKGdWtuWgvGV22KEVdyvjhAyxYNl0CvMM
EJzzMWsubEwJZntOmIkhtojmCXWCFMftFmUIgD0419KDV34CPraVj8LQ7ehZ3A6m
+Dv3O/P2Bm3FaEo98YmzGHnnnpNAwv1IANBBS1/uX0kE3Fkopsm7jbbG6a6C7Aal
ckZU26BcWgJdm9pdE78GSuBJQ55X/UeeFM+aF28Pa2UwhPLGwxZUekEMJVEnzszK
WshaeHMl1OgA/V11ncp2nJUs+jeykSb32cr9u7VrTbetlU3qU4J1kHTNKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOrTrYhZszyiaEAtB5Jp55EeU9rdMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvNnRPdGlGbXpQS0pvUUMwSGttbm5rUjVUMnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+HgAwQA
W+HjAwQAvL9jAwQBvL9qAwQAvL9vMA0GCSqGSIb3DQEBCwUAA4IBAQAWaXx6d5iD
hbaWe7UVSOUGg5C2FhhXeh5I/WSvCE2s94mlAxvEIB1odV9ziEo/fyYhX9K/Adwp
R5rHhSU1BMlybTooiv6G6O7beGgWoftNHki4bM7mpBigVbNCmGbGcn/I5LSmyBdJ
lfn7395hBzJ08jWv4VMihMCODwH6b38gNXvgpRCOtZcLR/Yf4XupEcTsv6WvmP3P
t4409xt5f6e97Nek9m110A5ixsOVP5/edYCcMQuwXHuM4pspWvAQ0PPN6+galBpw
Z8Wz0xrkpd7PM45lVZgIvao3ca6upX5TmgrGQZv4rwkFCaGtwLuVjCmdoeHTa3C4
9LP4oNDpZdpB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org