Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/hKrsBI6niPn9iokcE69fVjRsLG8.roa
File: hKrsBI6niPn9iokcE69fVjRsLG8.roa (raw, json)
Hash identifier: yxos9DwDHggyqreSP7VDPWBu1ISPigSdym15F/qJdjU=
Subject key identifier: 84:AA:EC:04:8E:A7:88:F9:FD:8A:89:1C:13:AF:5F:56:34:6C:2C:6F
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0184B58A4DD51F02F98AFCE0F3ACEA71A2C1
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/hKrsBI6niPn9iokcE69fVjRsLG8.roa
Signing time: Sat 26 Nov 2022 20:04:10 +0000
ROA not before: Sat 26 Nov 2022 20:04:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 188.191.99.0/24 maxlen: 24
188.191.111.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b5:8a:4d:d5:1f:02:f9:8a:fc:e0:f3:ac:ea:71:a2:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 26 20:04:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84aaec048ea788f9fd8a891c13af5f56346c2c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6e:40:67:02:51:c7:63:38:d8:d5:9a:88:11:
c4:05:69:33:3a:83:2c:01:d9:e0:c0:02:c9:49:cf:
38:a0:11:cb:c6:e6:3a:d4:6a:7c:2c:03:7b:0e:11:
4e:4d:25:48:c4:e1:e6:16:25:db:95:f8:32:68:7a:
fa:7c:6f:83:9e:cf:ea:59:4b:8d:3a:9e:f1:b9:54:
62:18:8b:d2:b3:47:f8:31:63:bf:9f:ff:74:56:b6:
bc:03:34:fb:63:fb:6e:ef:ec:3f:88:b1:ed:08:e7:
fb:2c:03:13:58:87:71:78:52:1e:5e:16:fb:0d:01:
4a:b3:14:3f:ad:d2:fb:df:6a:85:a7:2d:b7:05:8f:
88:56:7f:a3:50:37:6d:18:2b:89:46:63:04:f4:3d:
d0:ec:2f:b8:fc:6d:e3:46:64:ea:0c:b8:7a:4a:d8:
7a:fc:d0:8a:a4:e1:ef:60:01:8b:6e:98:9d:40:a6:
83:c3:4e:92:fa:a3:7a:98:dc:1f:87:ff:0c:58:49:
f5:76:e5:27:73:de:c6:64:e5:b1:ec:62:e6:46:4a:
dc:11:05:a9:d3:08:56:f4:cb:10:37:5f:30:50:b2:
e1:b5:79:9b:5e:f5:a7:07:41:43:7d:86:48:ea:39:
f4:f0:40:1c:9e:9a:56:05:da:68:24:f3:32:e4:36:
99:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AA:EC:04:8E:A7:88:F9:FD:8A:89:1C:13:AF:5F:56:34:6C:2C:6F
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/hKrsBI6niPn9iokcE69fVjRsLG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
188.191.99.0/24
188.191.107.0/24
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
09:9d:e8:13:50:dc:b9:ca:b1:41:09:57:6a:4f:de:5b:d2:a1:
2c:ad:62:79:90:b5:d8:be:57:8c:d8:0b:58:65:93:92:05:17:
68:eb:5c:a6:8b:97:6a:ef:0d:43:2f:42:f9:2e:f5:22:64:c1:
85:3b:f2:b5:24:2b:8a:61:4d:de:a1:d6:81:e9:a0:cc:d2:d1:
9e:87:12:d5:76:2b:3a:55:32:a1:e4:dd:b5:b6:8d:da:b2:be:
80:f1:25:5e:b0:f8:91:0f:79:d0:e9:8d:9f:bf:c6:06:5d:7c:
c3:11:a6:39:7a:68:cb:37:22:0c:48:40:a4:eb:02:e0:bf:1e:
bb:3f:9a:2c:a8:a6:e3:27:fc:67:b1:8b:be:3a:fe:67:57:48:
75:e0:bb:79:27:c2:f9:74:98:89:3e:ea:32:84:eb:2e:d4:45:
97:d5:17:af:55:b6:22:f8:a4:68:fe:8f:e1:ed:20:41:f8:93:
3d:de:4e:7f:0f:96:7a:dc:53:3f:7a:b7:6d:c3:e9:dc:4e:eb:
16:9e:76:76:cc:e0:93:4f:c1:e2:71:24:2e:68:32:f8:c9:3e:
d3:e9:70:c9:54:0d:76:94:cc:09:60:70:38:f3:ab:3f:0c:6d:
a4:22:3e:b5:f4:93:14:32:26:c4:7c:3a:fa:4d:87:63:7f:c6:
08:53:e3:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYS1ik3VHwL5ivzg86zqcaLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTI2MjAwNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFhZWMwNDhlYTc4OGY5ZmQ4YTg5MWMxM2FmNWY1NjM0NmMyYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG5AZwJRx2M42NWaiBHEBWkzOoMs
AdngwALJSc84oBHLxuY61Gp8LAN7DhFOTSVIxOHmFiXblfgyaHr6fG+Dns/qWUuN
Op7xuVRiGIvSs0f4MWO/n/90Vra8AzT7Y/tu7+w/iLHtCOf7LAMTWIdxeFIeXhb7
DQFKsxQ/rdL732qFpy23BY+IVn+jUDdtGCuJRmME9D3Q7C+4/G3jRmTqDLh6Sth6
/NCKpOHvYAGLbpidQKaDw06S+qN6mNwfh/8MWEn1duUnc97GZOWx7GLmRkrcEQWp
0whW9MsQN18wULLhtXmbXvWnB0FDfYZI6jn08EAcnppWBdpoJPMy5DaZCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFISq7ASOp4j5/YqJHBOvX1Y0bCxvMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvaEtyc0JJNm5pUG45aW9rY0U2OWZWalJzTEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+HgAwQA
vL9jAwQAvL9rAwQAvL9vMA0GCSqGSIb3DQEBCwUAA4IBAQAJnegTUNy5yrFBCVdq
T95b0qEsrWJ5kLXYvleM2AtYZZOSBRdo61ymi5dq7w1DL0L5LvUiZMGFO/K1JCuK
YU3eodaB6aDM0tGehxLVdis6VTKh5N21to3asr6A8SVesPiRD3nQ6Y2fv8YGXXzD
EaY5emjLNyIMSECk6wLgvx67P5osqKbjJ/xnsYu+Ov5nV0h14Lt5J8L5dJiJPuoy
hOsu1EWX1RevVbYi+KRo/o/h7SBB+JM93k5/D5Z63FM/erdtw+ncTusWnnZ2zOCT
T8HicSQuaDL4yT7T6XDJVA12lMwJYHA486s/DG2kIj619JMUMibEfDr6TYdjf8YI
U+MY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org