Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Jt7ufm3H12ohtUDNGJ298o4R9Rs.roa
File: Jt7ufm3H12ohtUDNGJ298o4R9Rs.roa (raw, json)
Hash identifier: d8T/ZxL12VddfiH39tbYaTc9BwzlXWya/PnDSKxCBhk=
Subject key identifier: 26:DE:EE:7E:6D:C7:D7:6A:21:B5:40:CD:18:9D:BD:F2:8E:11:F5:1B
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01841C41966828AC702824BC29BDDB399E55
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Jt7ufm3H12ohtUDNGJ298o4R9Rs.roa
Signing time: Fri 28 Oct 2022 01:42:51 +0000
ROA not before: Fri 28 Oct 2022 01:42:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 91.225.227.0/24 maxlen: 24
188.191.99.0/24 maxlen: 24
188.191.102.0/24 maxlen: 24
188.191.111.0/24 maxlen: 24
188.191.108.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1c:41:96:68:28:ac:70:28:24:bc:29:bd:db:39:9e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 28 01:42:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26deee7e6dc7d76a21b540cd189dbdf28e11f51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:bd:bf:f1:63:a4:1b:3c:1d:8b:b3:1e:cb:
58:bc:ad:d9:0d:dd:d9:41:6d:b4:8a:73:27:61:fa:
4e:df:bc:40:ce:60:66:3a:84:2f:42:56:f3:25:07:
c5:3f:9f:a1:78:16:d5:6c:a4:5d:0b:9e:04:dd:00:
8d:44:b8:ae:a3:d9:bd:16:1b:f2:6c:c0:7c:29:77:
10:7b:85:10:1f:1f:c9:e8:67:86:6c:39:c2:13:5f:
ee:19:9e:48:6b:46:45:60:3e:64:46:c1:4b:02:a6:
26:90:13:1a:68:36:e6:07:2c:9e:80:2b:44:49:ec:
69:45:ae:19:d9:c1:3c:55:75:14:01:cc:ac:bd:2f:
c7:7a:28:63:ff:ae:68:85:77:38:29:13:3d:af:f7:
c9:62:50:d1:17:8b:b5:10:4f:68:19:ee:ee:1c:9a:
21:20:3d:99:c4:5a:dc:1c:96:c8:86:73:48:97:c8:
d1:59:20:86:eb:1c:92:b0:31:47:0f:e3:c2:83:31:
f1:6c:78:5b:5a:2f:1a:b9:e5:63:c3:f9:38:fb:8f:
2c:f4:fd:db:47:81:b0:90:bb:31:55:22:16:b3:3f:
85:81:0c:72:2c:8f:85:43:15:62:74:13:b0:6a:19:
97:d1:9e:cf:8c:49:a7:7a:65:c4:e3:13:9f:ed:32:
de:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DE:EE:7E:6D:C7:D7:6A:21:B5:40:CD:18:9D:BD:F2:8E:11:F5:1B
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Jt7ufm3H12ohtUDNGJ298o4R9Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
91.225.227.0/24
188.191.99.0/24
188.191.102.0/24
188.191.106.0-188.191.108.255
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:41:dd:8b:5f:98:ac:66:6a:e8:0f:b3:6a:14:d3:0f:f2:9b:
05:1b:42:ad:41:95:f4:08:3a:5e:37:94:29:11:78:1b:c8:01:
ed:93:63:67:e1:12:4c:44:c7:9a:f8:ba:0c:48:88:2d:bd:63:
8e:6a:7c:76:eb:f4:ca:25:e7:2a:a1:9a:b8:dc:bf:dd:b8:63:
45:4d:9f:e5:66:df:80:06:f2:be:68:f5:ce:cc:81:b8:e6:26:
e5:17:cb:63:48:75:8b:87:ba:11:51:61:4b:99:22:20:07:e2:
c6:9a:37:e3:7f:84:02:16:62:6b:ec:59:cf:e7:64:7d:70:c5:
ab:b3:ac:46:e0:8e:af:e2:56:f8:6c:e0:be:48:8f:b7:56:c4:
7c:51:d7:93:ce:79:92:0e:49:e4:a3:11:a3:aa:26:6c:d5:47:
96:2c:e1:4d:5e:37:ab:96:c6:b7:d6:fd:1e:c8:c3:67:d1:98:
10:97:d1:00:1f:22:09:7a:f8:c3:7e:2e:7b:9a:3c:50:2f:a7:
ed:4f:fc:73:f5:b4:fb:60:2b:70:42:bb:ce:72:06:f6:b4:5b:
5e:ff:c0:c8:84:0f:29:18:a7:7a:df:9a:7c:dc:c3:88:7b:15:
ed:3c:f2:f3:ac:ab:52:1e:82:50:f1:a6:52:4e:56:f0:f8:f5:
1e:06:b0:c5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYQcQZZoKKxwKCS8Kb3bOZ5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMDI4MDE0MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRlZWU3ZTZkYzdkNzZhMjFiNTQwY2QxODlkYmRmMjhlMTFmNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0K9v/FjpBs8HYuzHstYvK3ZDd3Z
QW20inMnYfpO37xAzmBmOoQvQlbzJQfFP5+heBbVbKRdC54E3QCNRLiuo9m9Fhvy
bMB8KXcQe4UQHx/J6GeGbDnCE1/uGZ5Ia0ZFYD5kRsFLAqYmkBMaaDbmByyegCtE
SexpRa4Z2cE8VXUUAcysvS/Heihj/65ohXc4KRM9r/fJYlDRF4u1EE9oGe7uHJoh
ID2ZxFrcHJbIhnNIl8jRWSCG6xySsDFHD+PCgzHxbHhbWi8aueVjw/k4+48s9P3b
R4GwkLsxVSIWsz+FgQxyLI+FQxVidBOwahmX0Z7PjEmnemXE4xOf7TLe6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCbe7n5tx9dqIbVAzRidvfKOEfUbMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvSnQ3dWZtM0gxMm9odFVETkdKMjk4bzRSOVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAW+HgAwQA
W+HjAwQAvL9jAwQAvL9mMAwDBAG8v2oDBAC8v2wDBAC8v28wDQYJKoZIhvcNAQEL
BQADggEBAC1B3YtfmKxmaugPs2oU0w/ymwUbQq1BlfQIOl43lCkReBvIAe2TY2fh
EkxEx5r4ugxIiC29Y45qfHbr9Mol5yqhmrjcv924Y0VNn+Vm34AG8r5o9c7Mgbjm
JuUXy2NIdYuHuhFRYUuZIiAH4saaN+N/hAIWYmvsWc/nZH1wxauzrEbgjq/iVvhs
4L5Ij7dWxHxR15POeZIOSeSjEaOqJmzVR5Ys4U1eN6uWxrfW/R7Iw2fRmBCX0QAf
Igl6+MN+LnuaPFAvp+1P/HP1tPtgK3BCu85yBva0W17/wMiEDykYp3rfmnzcw4h7
Fe088vOsq1IeglDxplJOVvD49R4GsMU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org