Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/ejO8jQxF9EnydGJtG9DCD5T5F90.roa
File: ejO8jQxF9EnydGJtG9DCD5T5F90.roa (raw, json)
Hash identifier: GzfMNILtHa5Ke/pWUKnN2Iy1HangjV5rjeQYNq57iAE=
Subject key identifier: 7A:33:BC:8D:0C:45:F4:49:F2:74:62:6D:1B:D0:C2:0F:94:F9:17:DD
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01843180B6FBDDE1B072213149DE8C30F476
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/ejO8jQxF9EnydGJtG9DCD5T5F90.roa
Signing time: Tue 01 Nov 2022 04:43:49 +0000
ROA not before: Tue 01 Nov 2022 04:43:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 188.191.96.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:31:80:b6:fb:dd:e1:b0:72:21:31:49:de:8c:30:f4:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 1 04:43:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a33bc8d0c45f449f274626d1bd0c20f94f917dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4f:9d:96:e6:e2:e1:9e:25:d8:7a:8d:65:36:
1c:97:ff:78:df:71:2a:d2:4c:e1:e3:ac:8f:d2:8d:
b5:1b:fc:19:a6:1c:eb:7a:4a:28:98:39:5f:dd:b9:
03:89:d2:ee:fd:cb:4e:4e:5e:71:02:c3:d4:dd:57:
65:fd:64:2e:cc:14:6d:c9:c0:7f:4d:34:be:ff:e6:
87:c4:e1:29:37:24:33:4e:df:1d:6e:46:83:36:ce:
ce:ea:42:c9:0a:d9:8b:44:d7:9b:6a:db:66:8c:f1:
47:0d:6b:50:23:f6:a8:03:5b:98:e6:e2:6f:6b:43:
a7:b9:7f:2d:cb:de:8e:b5:82:22:e9:cd:5d:ee:a6:
31:b3:91:2f:b5:03:41:4f:86:da:a5:f9:dd:92:5a:
27:3f:a1:d2:0a:4c:63:4b:bc:21:28:30:45:19:ec:
a3:8c:a8:48:8a:c6:df:8f:16:96:64:c5:cd:21:09:
ff:41:f0:ae:f9:7e:17:ac:77:6f:c7:9f:ef:a8:3d:
d8:ab:8c:08:33:fd:1e:a5:3d:b4:b3:fe:4a:4d:48:
74:da:7d:96:b1:36:5f:ac:74:b6:06:cd:f6:e4:c6:
ce:96:d8:d5:0e:24:89:eb:5d:dd:e7:52:aa:be:4f:
6a:37:83:0b:86:f6:02:3a:f0:f6:7d:c6:57:38:aa:
7c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:33:BC:8D:0C:45:F4:49:F2:74:62:6D:1B:D0:C2:0F:94:F9:17:DD
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/ejO8jQxF9EnydGJtG9DCD5T5F90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
Signature Algorithm: sha256WithRSAEncryption
58:84:f5:a2:ea:2e:03:ba:95:7d:c2:ad:5b:70:e9:35:13:90:
54:70:4c:d0:45:71:8c:f2:d7:e0:d5:0f:e4:e4:ed:43:99:a0:
8a:b0:fc:9c:7a:d6:e9:90:e0:6d:61:54:53:fb:21:0f:7d:0e:
77:13:ab:c1:fb:b3:23:b5:33:61:5b:14:58:1b:a8:5e:56:ff:
d4:5a:b9:e5:52:94:ab:15:46:37:38:30:24:c6:46:f8:55:5c:
97:4b:28:b0:18:a4:f2:5b:6f:22:89:38:f0:28:9a:cc:6a:8e:
fb:72:e5:61:45:25:12:cc:f1:b5:24:5d:e4:27:f3:66:76:ae:
1b:2e:4d:0e:4a:72:e5:f2:b9:33:7c:bc:02:2f:ac:13:17:5e:
d7:d9:58:5e:22:18:c4:a8:ca:6b:4b:eb:89:9f:78:b8:d2:53:
0f:2d:df:d4:ed:78:ee:8e:74:b7:9e:71:4b:83:44:1b:36:28:
38:84:5e:d0:98:68:f4:8b:92:11:ff:df:aa:5d:96:8a:94:7d:
2d:c4:f7:3f:b2:cb:1c:05:27:f7:d1:0f:21:a2:fc:ed:83:d5:
d8:99:55:da:01:8a:35:ad:f2:ba:88:78:8a:2b:6e:2c:94:8b:
7a:64:9c:ec:a0:49:81:df:f2:3d:30:e1:ff:7a:49:5e:d9:9b:
86:c9:00:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQxgLb73eGwciExSd6MMPR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTAxMDQ0MzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTMzYmM4ZDBjNDVmNDQ5ZjI3NDYyNmQxYmQwYzIwZjk0ZjkxN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE+dlubi4Z4l2HqNZTYcl/9433Eq
0kzh46yP0o21G/wZphzrekoomDlf3bkDidLu/ctOTl5xAsPU3Vdl/WQuzBRtycB/
TTS+/+aHxOEpNyQzTt8dbkaDNs7O6kLJCtmLRNebattmjPFHDWtQI/aoA1uY5uJv
a0OnuX8ty96OtYIi6c1d7qYxs5EvtQNBT4bapfndklonP6HSCkxjS7whKDBFGeyj
jKhIisbfjxaWZMXNIQn/QfCu+X4XrHdvx5/vqD3Yq4wIM/0epT20s/5KTUh02n2W
sTZfrHS2Bs325MbOltjVDiSJ613d51Kqvk9qN4MLhvYCOvD2fcZXOKp8qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHozvI0MRfRJ8nRibRvQwg+U+RfdMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZWpPOGpReEY5RW55ZEdKdEc5RENENVQ1RjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+HhAwQA
vL9gMA0GCSqGSIb3DQEBCwUAA4IBAQBYhPWi6i4DupV9wq1bcOk1E5BUcEzQRXGM
8tfg1Q/k5O1DmaCKsPycetbpkOBtYVRT+yEPfQ53E6vB+7MjtTNhWxRYG6heVv/U
WrnlUpSrFUY3ODAkxkb4VVyXSyiwGKTyW28iiTjwKJrMao77cuVhRSUSzPG1JF3k
J/Nmdq4bLk0OSnLl8rkzfLwCL6wTF17X2VheIhjEqMprS+uJn3i40lMPLd/U7Xju
jnS3nnFLg0QbNig4hF7QmGj0i5IR/9+qXZaKlH0txPc/ssscBSf30Q8hovztg9XY
mVXaAYo1rfK6iHiKK24slIt6ZJzsoEmB3/I9MOH/ekle2ZuGyQCq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org