Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/V7tu6G7VKxG3bSiyqDf-4xdIYLQ.roa
File: V7tu6G7VKxG3bSiyqDf-4xdIYLQ.roa (raw, json)
Hash identifier: kvbm6LyOvE1PK15Heq/bMKJO5D+toHpYrjPy/cAKyx0=
Subject key identifier: 57:BB:6E:E8:6E:D5:2B:11:B7:6D:28:B2:A8:37:FE:E3:17:48:60:B4
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0183AEA689FAC7118C0231C25F013D5F2FE4
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/V7tu6G7VKxG3bSiyqDf-4xdIYLQ.roa
Signing time: Thu 06 Oct 2022 18:54:53 +0000
ROA not before: Thu 06 Oct 2022 18:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 188.191.96.0/20 maxlen: 24
91.225.227.0/24 maxlen: 24
91.225.224.0/22 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ae:a6:89:fa:c7:11:8c:02:31:c2:5f:01:3d:5f:2f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 6 18:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57bb6ee86ed52b11b76d28b2a837fee3174860b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e2:f6:4a:67:26:1f:9f:2b:ee:02:42:31:68:
db:01:ce:23:5b:96:70:e3:4f:2a:4a:12:d6:e5:88:
d5:9a:fd:7e:00:0e:e9:c0:b4:d1:54:44:e8:62:e7:
6b:7f:a8:14:3e:70:62:04:26:48:ce:b0:1b:3e:2b:
18:bc:46:ed:9c:22:ed:bd:f0:64:11:68:3a:ae:4f:
b2:93:fd:e8:fd:55:a0:19:58:a5:a0:89:58:1e:8b:
70:e2:42:04:11:63:5e:cc:db:09:5d:a7:3b:6b:65:
ff:df:97:a5:33:a9:b6:be:de:51:c3:ed:74:4a:da:
b3:aa:26:56:fb:26:9d:d2:1e:f8:59:a5:ee:1b:c7:
a8:a4:a8:d0:6f:87:c2:06:19:05:37:a1:d7:04:5b:
bd:ac:c7:d8:62:7b:cb:04:1f:70:8c:a2:b6:a7:5d:
42:63:75:a1:af:4f:98:18:b7:0f:c3:d3:c4:61:04:
a4:ac:72:cb:b6:6a:59:e5:a0:b2:27:96:5c:1e:0b:
31:d5:ad:da:2b:78:70:4e:dd:85:9d:74:30:8a:e5:
14:bc:c7:bb:b8:80:e4:98:d2:47:fc:53:f5:73:26:
5a:6e:93:6c:c1:fa:78:38:2f:bb:95:45:54:9b:a2:
3b:62:c3:19:d4:03:74:5c:c3:b2:e9:9e:78:e5:d4:
0a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:BB:6E:E8:6E:D5:2B:11:B7:6D:28:B2:A8:37:FE:E3:17:48:60:B4
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/V7tu6G7VKxG3bSiyqDf-4xdIYLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/22
188.191.96.0/20
Signature Algorithm: sha256WithRSAEncryption
33:ff:ed:26:49:1d:2e:e2:03:27:5e:ea:16:92:e1:e8:69:76:
0a:a1:54:84:df:63:bc:8f:3e:eb:81:f3:04:09:53:70:7f:32:
f5:f0:f3:5d:6d:c0:67:13:21:9c:1f:9d:21:53:37:85:2a:04:
58:77:4e:7b:ef:e4:bc:00:1a:2b:7d:79:4e:c6:db:c4:db:37:
16:90:48:db:c0:68:6a:e2:54:02:f5:84:d8:03:ac:a7:09:57:
47:62:a2:3b:70:97:d0:6e:92:a7:5c:1b:be:9d:bb:ed:ee:ab:
e8:59:89:8c:96:00:f4:c8:6a:e0:a9:75:61:a2:cf:86:63:d4:
07:7a:b4:6d:40:e2:32:8a:da:c5:41:2e:17:79:f1:5e:b3:38:
48:b2:1a:a7:74:7f:05:82:29:f7:9d:7b:8f:93:dd:23:87:2d:
72:6e:6e:9c:a4:ba:5c:f1:54:87:62:6f:ad:09:d0:73:0f:10:
84:68:a3:ab:78:c3:95:84:c6:68:87:b1:57:6b:a9:dd:c3:c6:
ba:e3:96:b0:27:b0:9e:f2:23:b7:43:43:88:50:3e:1a:e2:29:
38:48:48:68:eb:a2:53:88:67:0f:90:68:cd:38:c8:ac:5c:51:
eb:53:39:3d:af:e6:4e:9b:13:51:26:27:10:fd:2a:12:c5:a2:
3c:78:4a:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOupon6xxGMAjHCXwE9Xy/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMDA2MTg1NDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2JiNmVlODZlZDUyYjExYjc2ZDI4YjJhODM3ZmVlMzE3NDg2MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOL2SmcmH58r7gJCMWjbAc4jW5Zw
408qShLW5YjVmv1+AA7pwLTRVEToYudrf6gUPnBiBCZIzrAbPisYvEbtnCLtvfBk
EWg6rk+yk/3o/VWgGViloIlYHotw4kIEEWNezNsJXac7a2X/35elM6m2vt5Rw+10
StqzqiZW+yad0h74WaXuG8eopKjQb4fCBhkFN6HXBFu9rMfYYnvLBB9wjKK2p11C
Y3Whr0+YGLcPw9PEYQSkrHLLtmpZ5aCyJ5ZcHgsx1a3aK3hwTt2FnXQwiuUUvMe7
uIDkmNJH/FP1cyZabpNswfp4OC+7lUVUm6I7YsMZ1AN0XMOy6Z545dQKgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFe7buhu1SsRt20osqg3/uMXSGC0MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvVjd0dTZHN1ZLeEczYlNpeXFEZi00eGRJWUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+HgAwQE
vL9gMA0GCSqGSIb3DQEBCwUAA4IBAQAz/+0mSR0u4gMnXuoWkuHoaXYKoVSE32O8
jz7rgfMECVNwfzL18PNdbcBnEyGcH50hUzeFKgRYd0577+S8ABorfXlOxtvE2zcW
kEjbwGhq4lQC9YTYA6ynCVdHYqI7cJfQbpKnXBu+nbvt7qvoWYmMlgD0yGrgqXVh
os+GY9QHerRtQOIyitrFQS4XefFeszhIshqndH8Fgin3nXuPk90jhy1ybm6cpLpc
8VSHYm+tCdBzDxCEaKOreMOVhMZoh7FXa6ndw8a645awJ7Ce8iO3Q0OIUD4a4ik4
SEho66JTiGcPkGjNOMisXFHrUzk9r+ZOmxNRJicQ/SoSxaI8eEqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org