Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/iPWqCGO1bpTBCIhFlWnAFNhhbHM.roa
File: iPWqCGO1bpTBCIhFlWnAFNhhbHM.roa (raw, json)
Hash identifier: fF8uvOHFY6J77p5oGhMoGr1tq90uGWSVl8Ba+sUXM9g=
Subject key identifier: 88:F5:AA:08:63:B5:6E:94:C1:08:88:45:95:69:C0:14:D8:61:6C:73
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018417E222F5AD68078E2FF5F05161156CE7
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/iPWqCGO1bpTBCIhFlWnAFNhhbHM.roa
Signing time: Thu 27 Oct 2022 05:20:06 +0000
ROA not before: Thu 27 Oct 2022 05:20:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 91.225.227.0/24 maxlen: 24
188.191.97.0/24 maxlen: 24
188.191.99.0/24 maxlen: 24
188.191.102.0/24 maxlen: 24
188.191.111.0/24 maxlen: 24
188.191.108.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:17:e2:22:f5:ad:68:07:8e:2f:f5:f0:51:61:15:6c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 27 05:20:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88f5aa0863b56e94c10888459569c014d8616c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:69:26:ae:81:64:1f:7c:70:1a:73:77:b5:11:
5c:d9:4b:e0:df:4b:51:b3:fc:6e:fb:8f:fd:67:28:
6f:eb:c0:73:26:0e:95:1c:ac:d0:de:7d:bf:ef:ca:
76:d9:8e:32:25:7c:f4:35:3e:0c:b7:7c:5f:03:fe:
ea:fa:56:fa:fb:22:4e:c2:f2:5e:7a:f5:c2:4f:25:
56:94:8f:25:15:b2:9b:bf:97:7f:b4:c8:37:12:d6:
7d:72:55:af:cf:3e:b5:41:fb:77:19:58:d8:fa:53:
3b:5d:c8:de:4b:24:d9:82:2c:05:e7:cf:13:d2:0b:
d0:31:37:c2:6b:31:48:39:60:43:cb:4c:d9:46:44:
f2:4e:85:5f:01:1c:ff:50:6d:93:9a:95:ef:e3:99:
0e:6c:7f:09:72:4c:c0:0a:cf:c8:d8:80:ab:d4:0f:
8f:68:24:b4:fb:a5:c4:bf:60:48:ac:5f:07:fa:f9:
48:4e:57:19:a1:ad:d6:da:13:4c:1e:f3:c3:05:cc:
64:83:2a:0c:2f:74:b2:8c:11:4d:ca:d4:87:b8:b1:
02:ea:ba:bd:7c:40:8d:a6:2f:d1:b7:7c:b1:36:e4:
41:26:11:8c:9b:57:35:72:28:91:01:63:67:e0:3c:
0e:c8:43:d4:c5:fc:7a:6d:d4:e0:5d:86:b3:64:9b:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F5:AA:08:63:B5:6E:94:C1:08:88:45:95:69:C0:14:D8:61:6C:73
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/iPWqCGO1bpTBCIhFlWnAFNhhbHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
91.225.227.0/24
188.191.97.0/24
188.191.99.0/24
188.191.102.0/24
188.191.106.0-188.191.108.255
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:4a:ca:36:98:3f:cd:ae:c9:5f:db:76:5f:b5:61:ba:4f:3e:
57:af:69:38:8b:c7:96:89:af:9b:44:9f:11:28:51:96:f7:54:
7b:f1:54:ae:60:0d:91:88:a4:ee:48:be:66:d9:06:4d:d0:8b:
4b:bd:af:aa:19:85:10:b2:f5:b8:19:e7:f5:81:3a:5d:eb:c0:
12:5c:4a:e5:b5:6f:a8:c6:b8:6f:73:a7:c6:d8:73:ec:cd:4c:
02:67:65:21:4e:9f:f0:12:4a:ba:1e:ab:44:54:66:3a:47:06:
50:28:40:1d:fb:5c:13:d9:0e:60:e4:75:3c:3d:89:b6:5c:d8:
49:b6:08:b1:ce:40:7a:78:48:a4:8a:34:9f:45:11:aa:8b:0d:
ad:09:14:d6:40:b2:9e:56:41:16:b2:f9:90:8d:9a:64:0e:f3:
7d:b9:9d:c4:91:d6:39:e0:b3:84:25:f9:8d:01:07:4b:e5:67:
42:aa:e8:a9:e8:07:81:2b:6d:49:3c:d2:92:2e:72:b9:56:95:
50:1e:20:8a:b7:99:54:9c:01:a5:eb:5d:10:66:80:88:62:d1:
12:e2:dc:a5:9f:56:b0:3e:26:69:64:8d:db:a3:1d:b8:0a:7c:
d0:5c:27:b1:8e:b4:85:72:b3:3c:db:93:7b:98:cf:4b:2b:f7:
04:90:af:99
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYQX4iL1rWgHji/18FFhFWznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMDI3MDUyMDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY1YWEwODYzYjU2ZTk0YzEwODg4NDU5NTY5YzAxNGQ4NjE2YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2kmroFkH3xwGnN3tRFc2Uvg30tR
s/xu+4/9Zyhv68BzJg6VHKzQ3n2/78p22Y4yJXz0NT4Mt3xfA/7q+lb6+yJOwvJe
evXCTyVWlI8lFbKbv5d/tMg3EtZ9clWvzz61Qft3GVjY+lM7XcjeSyTZgiwF588T
0gvQMTfCazFIOWBDy0zZRkTyToVfARz/UG2TmpXv45kObH8JckzACs/I2ICr1A+P
aCS0+6XEv2BIrF8H+vlITlcZoa3W2hNMHvPDBcxkgyoML3SyjBFNytSHuLEC6rq9
fECNpi/Rt3yxNuRBJhGMm1c1ciiRAWNn4DwOyEPUxfx6bdTgXYazZJvLqwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIj1qghjtW6UwQiIRZVpwBTYYWxzMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvaVBXcUNHTzFicFRCQ0loRmxXbkFGTmhoYkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAW+HgAwQA
W+HjAwQAvL9hAwQAvL9jAwQAvL9mMAwDBAG8v2oDBAC8v2wDBAC8v28wDQYJKoZI
hvcNAQELBQADggEBAGpKyjaYP82uyV/bdl+1YbpPPlevaTiLx5aJr5tEnxEoUZb3
VHvxVK5gDZGIpO5IvmbZBk3Qi0u9r6oZhRCy9bgZ5/WBOl3rwBJcSuW1b6jGuG9z
p8bYc+zNTAJnZSFOn/ASSroeq0RUZjpHBlAoQB37XBPZDmDkdTw9ibZc2Em2CLHO
QHp4SKSKNJ9FEaqLDa0JFNZAsp5WQRay+ZCNmmQO8325ncSR1jngs4Ql+Y0BB0vl
Z0Kq6KnoB4ErbUk80pIucrlWlVAeIIq3mVScAaXrXRBmgIhi0RLi3KWfVrA+Jmlk
jdujHbgKfNBcJ7GOtIVyszzbk3uYz0sr9wSQr5k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org