Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/99xdlyjHobbkxPQV9Pu4hyXbGGY.roa
File: 99xdlyjHobbkxPQV9Pu4hyXbGGY.roa (raw, json)
Hash identifier: STt/YqfTk4twv2Z+1KkN9v9Fns5jdIhzPMlhg31Hu64=
Subject key identifier: F7:DC:5D:97:28:C7:A1:B6:E4:C4:F4:15:F4:FB:B8:87:25:DB:18:66
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01843181A3A9A0DDB4CD7C97015E4A14B032
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/99xdlyjHobbkxPQV9Pu4hyXbGGY.roa
Signing time: Tue 01 Nov 2022 04:44:50 +0000
ROA not before: Tue 01 Nov 2022 04:44:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 91.225.227.0/24 maxlen: 24
188.191.99.0/24 maxlen: 24
188.191.111.0/24 maxlen: 24
188.191.108.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:31:81:a3:a9:a0:dd:b4:cd:7c:97:01:5e:4a:14:b0:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 1 04:44:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7dc5d9728c7a1b6e4c4f415f4fbb88725db1866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4d:d1:19:0c:a4:d1:7e:c4:58:41:51:e6:0a:
60:74:26:95:d0:3c:2f:3d:19:3b:f9:6e:20:88:0d:
3a:8c:cc:09:c1:da:0f:e1:cf:7b:ba:25:5f:54:80:
a0:f0:7b:a0:44:d4:84:63:e6:ba:72:9d:fd:6c:6a:
2b:cd:83:65:b3:0b:ea:19:9e:b1:12:ef:8c:96:87:
13:5a:5f:2d:70:d9:78:14:70:7d:c8:9d:a1:4e:2c:
19:55:d5:f0:fb:3e:ff:8b:06:85:b4:79:b2:24:9c:
5d:be:41:4d:d7:42:99:c8:69:93:6c:d2:0d:af:7f:
e2:1a:53:51:c3:f3:ab:b9:3d:37:ce:4e:86:10:6c:
0d:2f:82:3e:2c:e1:2b:dc:b7:6d:cf:d9:e3:41:ed:
c7:03:90:18:cb:8f:c1:ef:2f:99:02:f8:eb:e6:41:
21:db:9a:b8:fc:b3:7e:91:c2:a6:30:1d:07:55:e7:
46:fc:ee:0e:5b:c1:6c:da:09:57:8f:03:65:87:96:
76:3f:fd:a4:ea:fb:ec:ee:22:93:a5:15:15:9d:1b:
90:f9:9e:57:04:45:c9:77:7a:4d:4a:be:b3:5e:71:
60:6c:bf:78:a6:6f:d4:cc:49:1b:e2:17:3b:89:12:
ca:a9:c8:99:c9:15:55:c7:ed:bf:2d:51:cf:61:dd:
3a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DC:5D:97:28:C7:A1:B6:E4:C4:F4:15:F4:FB:B8:87:25:DB:18:66
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/99xdlyjHobbkxPQV9Pu4hyXbGGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
91.225.227.0/24
188.191.99.0/24
188.191.106.0-188.191.108.255
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
44:61:74:91:bc:ec:82:02:dd:9e:aa:e7:0a:b9:c2:68:a9:df:
01:ac:ef:46:35:31:1d:cc:56:b0:41:fd:3b:ef:50:ff:fb:45:
88:e5:27:58:7d:12:87:11:5f:c2:f1:6d:5b:45:c6:e5:48:8a:
d2:4b:11:2c:e2:ae:af:d0:dd:1c:46:f5:d7:ea:52:9e:50:9e:
9f:f7:b4:39:3c:cc:f2:c7:03:87:23:6c:2c:29:7c:45:99:34:
f0:b1:25:33:03:76:b3:79:d0:59:ef:aa:8c:5c:17:4e:18:85:
42:c3:00:3f:a5:3d:82:74:72:4a:7b:a3:dd:e1:e9:22:ab:6b:
43:59:8f:3d:bc:44:42:7e:f8:76:65:5b:f9:b4:dd:06:43:96:
ee:81:d2:c9:c5:2a:22:b6:b6:4a:c5:08:b1:1c:d9:09:49:a8:
73:79:8e:f2:70:1d:76:61:61:57:ed:d4:2a:c9:9a:86:96:8d:
fe:2f:3e:99:a6:32:69:81:66:8d:10:72:76:ce:05:b2:24:c3:
92:1a:9b:a3:b4:97:74:fd:98:60:f1:36:0e:7d:4d:cc:c0:dd:
85:1a:e8:42:f4:8f:77:a3:87:54:76:54:7a:f7:c6:36:11:7f:
a0:93:5e:a4:50:94:91:06:ef:46:b4:e2:dc:5e:45:30:b5:d7:
6b:b7:7e:4e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYQxgaOpoN20zXyXAV5KFLAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTAxMDQ0NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RjNWQ5NzI4YzdhMWI2ZTRjNGY0MTVmNGZiYjg4NzI1ZGIxODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq03RGQyk0X7EWEFR5gpgdCaV0Dwv
PRk7+W4giA06jMwJwdoP4c97uiVfVICg8HugRNSEY+a6cp39bGorzYNlswvqGZ6x
Eu+MlocTWl8tcNl4FHB9yJ2hTiwZVdXw+z7/iwaFtHmyJJxdvkFN10KZyGmTbNIN
r3/iGlNRw/OruT03zk6GEGwNL4I+LOEr3Ldtz9njQe3HA5AYy4/B7y+ZAvjr5kEh
25q4/LN+kcKmMB0HVedG/O4OW8Fs2glXjwNlh5Z2P/2k6vvs7iKTpRUVnRuQ+Z5X
BEXJd3pNSr6zXnFgbL94pm/UzEkb4hc7iRLKqciZyRVVx+2/LVHPYd063QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPfcXZcox6G25MT0FfT7uIcl2xhmMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvOTl4ZGx5akhvYmJreFBRVjlQdTRoeVhiR0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW+HgAwQA
W+HjAwQAvL9jMAwDBAG8v2oDBAC8v2wDBAC8v28wDQYJKoZIhvcNAQELBQADggEB
AERhdJG87IIC3Z6q5wq5wmip3wGs70Y1MR3MVrBB/TvvUP/7RYjlJ1h9EocRX8Lx
bVtFxuVIitJLESzirq/Q3RxG9dfqUp5Qnp/3tDk8zPLHA4cjbCwpfEWZNPCxJTMD
drN50FnvqoxcF04YhULDAD+lPYJ0ckp7o93h6SKra0NZjz28REJ++HZlW/m03QZD
lu6B0snFKiK2tkrFCLEc2QlJqHN5jvJwHXZhYVft1CrJmoaWjf4vPpmmMmmBZo0Q
cnbOBbIkw5Iam6O0l3T9mGDxNg59TczA3YUa6EL0j3ejh1R2VHr3xjYRf6CTXqRQ
lJEG70a04txeRTC112u3fk4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org