Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/mWx0Y0DmgiBgFaXPvPG671lXwhk.roa
File: mWx0Y0DmgiBgFaXPvPG671lXwhk.roa (raw, json)
Hash identifier: 19v1PgG3duCuO85h0RvA7fXLVYrGxwoMz6D2IR2sk0o=
Subject key identifier: 99:6C:74:63:40:E6:82:20:60:15:A5:CF:BC:F1:BA:EF:59:57:C2:19
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01853642E0962327EC9FB0798188F06A6942
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/mWx0Y0DmgiBgFaXPvPG671lXwhk.roa
Signing time: Wed 21 Dec 2022 19:57:10 +0000
ROA not before: Wed 21 Dec 2022 19:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 188.191.111.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:36:42:e0:96:23:27:ec:9f:b0:79:81:88:f0:6a:69:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Dec 21 19:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=996c746340e682206015a5cfbcf1baef5957c219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:4f:dc:60:01:19:e0:ed:ef:66:4b:15:47:
d5:65:ab:55:bd:a2:00:f1:f9:85:8b:c3:e7:5f:c2:
b4:2c:2e:d1:f0:07:90:87:0c:0e:12:fe:ba:42:f1:
30:7b:2c:20:8d:47:b1:1f:01:83:25:ad:e0:eb:9d:
db:a6:16:cc:90:39:6f:15:22:35:74:0a:f9:84:61:
d0:90:db:00:4c:0d:74:bc:55:0d:6b:a7:49:ff:da:
87:b6:4b:8f:c4:4f:67:a1:be:a2:dc:a7:8d:51:6f:
0b:e4:20:18:e9:ac:87:f7:97:09:fb:ba:92:9a:1c:
7c:6c:ec:26:ff:96:bd:4d:b5:3a:a0:a0:eb:62:8c:
7c:fc:1d:51:bc:14:8c:98:cf:43:06:9a:3c:61:e4:
c2:8b:da:fa:87:ce:d7:58:2a:10:88:27:71:2b:28:
f0:78:be:39:ee:f7:dc:16:bf:f5:9e:2e:98:27:e1:
5e:34:e6:df:dc:4c:f2:19:22:d7:79:08:9f:eb:5c:
6f:10:d8:01:b5:a0:80:05:50:54:cd:e5:46:b9:c3:
ef:cd:de:7e:07:78:f8:d4:d5:af:ab:99:42:af:07:
01:33:e0:fb:a7:4e:94:0b:39:2d:ac:f4:c0:a9:da:
2e:1b:68:1c:98:1d:b5:d4:2b:3c:b7:5b:9b:1e:87:
e0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6C:74:63:40:E6:82:20:60:15:A5:CF:BC:F1:BA:EF:59:57:C2:19
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/mWx0Y0DmgiBgFaXPvPG671lXwhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:86:5d:1b:54:bc:5e:6c:dc:ba:cc:b5:aa:d9:f8:68:6e:36:
88:14:fa:e7:77:95:d1:48:f2:32:d5:a9:62:69:8e:1c:e8:28:
35:66:02:04:f4:a8:63:60:68:33:69:b2:59:ca:58:ad:2a:dc:
d8:91:3a:12:61:2e:21:6a:3a:cb:29:00:06:af:b9:b8:f2:76:
6a:ec:af:57:3d:a8:fc:9b:00:04:be:d1:96:09:93:bf:93:86:
9e:0d:ba:20:b6:d5:13:95:cd:74:dd:bc:ff:b5:d3:df:d8:ab:
ea:26:b9:4b:8b:8f:ff:b7:09:44:76:4a:a9:7e:e8:5a:bd:21:
d9:69:8a:74:79:52:16:8c:5f:c4:7c:60:0d:5a:80:31:1d:43:
33:cd:a9:b5:73:9e:d9:af:9f:38:40:04:79:67:cb:65:3c:71:
37:48:b6:d8:89:55:09:40:1f:d0:d6:58:83:29:f8:fa:f0:e1:
c9:1f:66:6f:d4:fb:a4:59:ed:4c:c7:ad:7a:43:bc:3f:44:4e:
68:f1:5e:a9:0c:69:22:1c:bf:f4:61:e8:e6:3a:64:f9:c9:4e:
69:d3:ba:0d:1f:58:1d:fe:22:93:8e:60:2e:58:0d:e3:3d:b4:
d3:4a:fd:0c:80:e3:9b:6b:38:41:ca:ff:1e:27:42:3f:ad:1b:
0d:5a:bc:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU2QuCWIyfsn7B5gYjwamlCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMjIxMTk1NzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZjNzQ2MzQwZTY4MjIwNjAxNWE1Y2ZiY2YxYmFlZjU5NTdjMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq1P3GABGeDt72ZLFUfVZatVvaIA
8fmFi8PnX8K0LC7R8AeQhwwOEv66QvEweywgjUexHwGDJa3g653bphbMkDlvFSI1
dAr5hGHQkNsATA10vFUNa6dJ/9qHtkuPxE9nob6i3KeNUW8L5CAY6ayH95cJ+7qS
mhx8bOwm/5a9TbU6oKDrYox8/B1RvBSMmM9DBpo8YeTCi9r6h87XWCoQiCdxKyjw
eL457vfcFr/1ni6YJ+FeNObf3EzyGSLXeQif61xvENgBtaCABVBUzeVGucPvzd5+
B3j41NWvq5lCrwcBM+D7p06UCzktrPTAqdouG2gcmB211Cs8t1ubHofg0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJlsdGNA5oIgYBWlz7zxuu9ZV8IZMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvbVd4MFkwRG1naUJnRmFYUHZQRzY3MWxYd2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+HgAwQA
vL9vMA0GCSqGSIb3DQEBCwUAA4IBAQBehl0bVLxebNy6zLWq2fhobjaIFPrnd5XR
SPIy1aliaY4c6Cg1ZgIE9KhjYGgzabJZylitKtzYkToSYS4hajrLKQAGr7m48nZq
7K9XPaj8mwAEvtGWCZO/k4aeDbogttUTlc103bz/tdPf2KvqJrlLi4//twlEdkqp
fuhavSHZaYp0eVIWjF/EfGANWoAxHUMzzam1c57Zr584QAR5Z8tlPHE3SLbYiVUJ
QB/Q1liDKfj68OHJH2Zv1PukWe1Mx616Q7w/RE5o8V6pDGkiHL/0YejmOmT5yU5p
07oNH1gd/iKTjmAuWA3jPbTTSv0MgOObazhByv8eJ0I/rRsNWrx7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org