Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/r7JMcfdTfKbaeZeHNs7dvO4Y9cc.roa
File: r7JMcfdTfKbaeZeHNs7dvO4Y9cc.roa (raw, json)
Hash identifier: dqwPibjAz93BvFHT1S6ERiWmeTFHchLkXVbENQQ7/ns=
Subject key identifier: AF:B2:4C:71:F7:53:7C:A6:DA:79:97:87:36:CE:DD:BC:EE:18:F5:C7
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0184BEE79C935524947363723501B89080AA
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/r7JMcfdTfKbaeZeHNs7dvO4Y9cc.roa
Signing time: Mon 28 Nov 2022 15:42:40 +0000
ROA not before: Mon 28 Nov 2022 15:42:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43310
IP address blocks: 188.191.111.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:e7:9c:93:55:24:94:73:63:72:35:01:b8:90:80:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 28 15:42:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afb24c71f7537ca6da79978736ceddbcee18f5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fd:f5:f2:3f:d1:f3:38:ca:09:76:ca:3f:ce:
93:be:f2:c6:68:07:0c:3a:8c:84:12:42:2f:97:3c:
4a:0f:38:91:01:6d:1c:64:fe:94:c0:28:3d:7b:09:
94:e4:c7:75:fc:6f:7d:6b:8e:7c:a8:ea:2c:40:60:
4f:b1:8c:83:2f:9b:af:b2:38:6f:3a:a2:38:e1:0a:
5e:f5:40:16:e5:c3:fb:d1:4c:53:39:19:64:e6:45:
69:82:f0:2b:2c:dd:2c:27:bc:d7:c2:84:4b:d2:92:
a2:5e:65:29:cc:f8:8f:ec:1e:4b:f9:87:ef:67:ba:
ad:da:21:0f:1d:e9:9d:19:be:25:1e:bc:51:db:b5:
d2:28:fd:19:59:dc:88:0f:6b:c1:eb:09:ed:d5:be:
21:47:68:6a:f6:48:1f:a1:04:17:e8:85:1d:ee:c0:
3c:0e:ac:b0:3b:ba:fe:68:bc:b4:5b:63:96:c5:af:
cf:1c:ae:bf:d3:b7:a1:0d:6c:9d:43:a0:5f:e6:b1:
22:05:80:62:68:5c:7f:c0:eb:38:5e:e7:83:03:28:
80:6b:5d:60:ea:36:eb:1a:b3:8b:c4:92:3d:79:ef:
43:12:4e:fa:b2:14:44:8a:66:7c:91:b0:09:f7:fc:
22:36:1e:12:ce:e3:43:bd:82:67:f5:dc:fd:7e:24:
46:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B2:4C:71:F7:53:7C:A6:DA:79:97:87:36:CE:DD:BC:EE:18:F5:C7
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/r7JMcfdTfKbaeZeHNs7dvO4Y9cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.224.0/24
188.191.107.0/24
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:02:0e:61:fe:eb:3e:11:65:4e:0a:cd:89:36:87:43:62:9c:
ca:c1:72:f3:9f:6a:4f:40:9b:cc:3b:33:4e:7b:31:40:ea:1f:
a8:2d:d3:87:63:bd:72:48:d7:78:bc:2e:04:4f:8c:e7:d5:ec:
0d:41:52:4a:76:78:6a:31:5f:08:70:d9:94:d1:c8:b1:aa:82:
17:30:15:4a:d0:42:2d:90:13:0e:92:95:50:b1:27:03:3e:61:
58:a4:ff:90:b9:11:9e:4b:c2:35:35:e7:d3:9b:bd:1b:04:4c:
21:eb:c6:e1:91:77:b1:81:3d:04:13:61:f4:62:7f:77:15:26:
3f:eb:4b:1e:84:91:2e:35:43:7f:07:06:77:2a:ac:b3:88:eb:
1e:0a:ad:23:e8:12:ae:93:72:0e:54:fa:f9:88:fd:fb:0c:67:
d3:5b:9e:6b:b8:7b:9d:8d:03:a4:ed:a7:de:cb:99:60:30:d5:
d4:5a:91:33:4f:a4:ef:60:41:2b:22:03:3e:d8:17:4e:a9:3a:
d3:94:e4:6a:d7:b1:ac:9e:40:fe:56:1c:b6:33:ab:da:aa:ec:
ca:84:37:c1:5c:a6:4b:6f:02:31:25:78:7c:f0:93:59:cd:b3:
11:0e:66:b6:12:7b:35:b8:05:49:5f:2d:a6:5f:ef:33:65:d9:
ca:df:4e:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS+55yTVSSUc2NyNQG4kICqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTI4MTU0MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmIyNGM3MWY3NTM3Y2E2ZGE3OTk3ODczNmNlZGRiY2VlMThmNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf318j/R8zjKCXbKP86TvvLGaAcM
OoyEEkIvlzxKDziRAW0cZP6UwCg9ewmU5Md1/G99a458qOosQGBPsYyDL5uvsjhv
OqI44Qpe9UAW5cP70UxTORlk5kVpgvArLN0sJ7zXwoRL0pKiXmUpzPiP7B5L+Yfv
Z7qt2iEPHemdGb4lHrxR27XSKP0ZWdyID2vB6wnt1b4hR2hq9kgfoQQX6IUd7sA8
DqywO7r+aLy0W2OWxa/PHK6/07ehDWydQ6Bf5rEiBYBiaFx/wOs4XueDAyiAa11g
6jbrGrOLxJI9ee9DEk76shREimZ8kbAJ9/wiNh4SzuNDvYJn9dz9fiRGlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK+yTHH3U3ym2nmXhzbO3bzuGPXHMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvcjdKTWNmZFRmS2JhZVplSE5zN2R2TzRZOWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+HgAwQA
vL9rAwQAvL9vMA0GCSqGSIb3DQEBCwUAA4IBAQB9Ag5h/us+EWVOCs2JNodDYpzK
wXLzn2pPQJvMOzNOezFA6h+oLdOHY71ySNd4vC4ET4zn1ewNQVJKdnhqMV8IcNmU
0cixqoIXMBVK0EItkBMOkpVQsScDPmFYpP+QuRGeS8I1NefTm70bBEwh68bhkXex
gT0EE2H0Yn93FSY/60sehJEuNUN/BwZ3KqyziOseCq0j6BKuk3IOVPr5iP37DGfT
W55ruHudjQOk7afey5lgMNXUWpEzT6TvYEErIgM+2BdOqTrTlORq17GsnkD+Vhy2
M6vaquzKhDfBXKZLbwIxJXh88JNZzbMRDma2Ens1uAVJXy2mX+8zZdnK305F
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:58 2023 by rpki-client on console-fra.rpki-client.org