Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/1-YK0jZzMlEXUYRRKiMe214lLBgE.roa
File: 1-YK0jZzMlEXUYRRKiMe214lLBgE.roa (raw, json)
Hash identifier: CF8SVE6cnwQkA+u8uYk19i2Rbe4AV7QeXKgzJyGeP9c=
Subject key identifier: F9:82:B4:8D:9C:CC:94:45:D4:61:14:4A:88:C7:B6:D7:89:4B:06:01
Certificate issuer: /CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Certificate serial: 01D4996D
Authority key identifier: 1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/1-YK0jZzMlEXUYRRKiMe214lLBgE.roa
Signing time: Sat 01 Jan 2022 07:58:59 +0000
ROA not before: Sat 01 Jan 2022 07:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211848
IP address blocks: 91.239.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30710125 (0x1d4996d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Validity
Not Before: Jan 1 07:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f982b48d9ccc9445d461144a88c7b6d7894b0601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:31:eb:fc:b1:52:bc:d7:d1:f5:73:86:8f:
e0:31:ee:90:3b:c6:ba:e0:76:0f:73:41:67:6e:bd:
30:78:57:25:2f:6a:46:d9:5a:9e:81:fa:7d:98:cb:
f2:79:6e:9a:84:20:79:dc:36:fe:81:73:5a:34:4d:
74:78:1b:7a:56:3c:c9:38:0b:61:f5:72:44:22:c7:
03:b8:d0:8b:c1:7e:fa:43:35:83:47:ad:74:cc:72:
99:f1:7f:5b:13:72:2e:66:9c:f8:f1:12:b2:6d:c6:
71:28:0d:5e:68:d1:7b:7f:93:3d:8e:83:03:a6:bb:
54:d0:60:c8:65:2d:b0:2a:f0:58:0a:b4:34:49:86:
a9:d8:99:20:2f:b0:0c:35:6b:30:de:53:49:e0:51:
b5:67:d8:82:64:8b:e2:69:12:ff:1e:81:ca:b9:a0:
17:2a:73:23:1d:9d:1e:01:fe:d2:12:cd:b5:b0:a8:
50:15:a1:49:02:50:e9:6e:d7:1d:03:2e:8a:38:26:
38:3f:ac:b1:dc:06:ec:40:39:fc:11:2f:d9:44:fd:
14:9d:78:99:01:d1:df:e5:ca:0e:25:e3:37:68:45:
4d:6b:8a:36:1d:d8:f8:98:1a:d9:b3:9e:4b:72:93:
42:78:e8:5a:3b:85:79:51:0c:3d:95:0e:30:b2:7b:
55:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:82:B4:8D:9C:CC:94:45:D4:61:14:4A:88:C7:B6:D7:89:4B:06:01
X509v3 Authority Key Identifier:
keyid:1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/1-YK0jZzMlEXUYRRKiMe214lLBgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a2:80:99:a3:d1:d0:f2:d2:cc:34:f3:6c:36:09:dc:8d:a8:
b0:a4:cc:06:2a:a0:df:7e:9b:03:35:4a:6a:e6:10:d6:d3:9f:
d0:9b:a1:3d:1b:36:d3:a2:d5:4d:3d:fb:c2:de:33:d4:95:2d:
fa:fc:46:f8:6f:8f:1e:fa:ba:be:3f:a3:14:8f:92:5d:87:e5:
9e:63:7d:8c:3c:7b:c7:11:2b:3a:6f:15:6a:ea:61:71:b7:fe:
3f:e0:85:89:a5:21:40:c0:e6:e3:10:80:7d:46:67:f9:03:90:
da:e8:de:62:1b:52:a8:c0:a2:e2:37:ae:13:07:9e:cd:eb:4d:
03:2c:e0:62:5d:fd:d0:d7:26:a7:80:5c:fb:66:50:32:84:ef:
c2:4f:61:d6:f7:cf:8b:b8:9f:2c:53:3f:28:b3:c7:f8:8f:1d:
1d:92:ec:b4:e6:42:ec:d3:01:e3:b4:81:a7:78:78:29:3b:72:
6e:15:15:48:3b:23:7d:af:98:35:e2:52:74:17:d0:25:74:a0:
9b:2a:38:cc:96:9c:b7:aa:22:26:39:57:9c:89:14:30:35:60:
30:a9:a5:55:c0:11:2e:7d:2c:39:e5:c6:ac:fd:a7:2c:c9:2d:
f2:7a:12:10:25:61:ce:52:0a:32:b5:35:37:63:8e:c0:a2:07:
d3:df:83:f9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAdSZbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2FjYjc3ZTIwYjc4MTQ3ZDQ3ZjgzOTQyOTRmMTE3YjVjODRlZjVlMB4XDTIyMDEw
MTA3NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk4MmI0OGQ5Y2Nj
OTQ0NWQ0NjExNDRhODhjN2I2ZDc4OTRiMDYwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuDMev8sVK819H1c4aP4DHukDvGuuB2D3NBZ269MHhXJS9q
RtlanoH6fZjL8nlumoQgedw2/oFzWjRNdHgbelY8yTgLYfVyRCLHA7jQi8F++kM1
g0etdMxymfF/WxNyLmac+PESsm3GcSgNXmjRe3+TPY6DA6a7VNBgyGUtsCrwWAq0
NEmGqdiZIC+wDDVrMN5TSeBRtWfYgmSL4mkS/x6ByrmgFypzIx2dHgH+0hLNtbCo
UBWhSQJQ6W7XHQMuijgmOD+ssdwG7EA5/BEv2UT9FJ14mQHR3+XKDiXjN2hFTWuK
Nh3Y+Jga2bOeS3KTQnjoWjuFeVEMPZUOMLJ7VYMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT5grSNnMyURdRhFEqIx7bXiUsGATAfBgNVHSMEGDAWgBQcrLd+ILeBR9R/
g5QpTxF7XITvXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hLeTNmaUMzZ1VmVWY0T1VLVThSZTF5RTcxNC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvNDE3YWIyLWZjYjMtNDA1ZC1hMGM4LTUzMjVhNTIwMGJhOS8x
LzEtWUswalp6TWxFWFVZUlJLaU1lMjE0bExCZ0Uucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVj
LzQxN2FiMi1mY2IzLTQwNWQtYTBjOC01MzI1YTUyMDBiYTkvMS9IS3kzZmlDM2dV
ZlVmNE9VS1U4UmUxeUU3MTQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb73UwDQYJKoZIhvcNAQELBQAD
ggEBAE6igJmj0dDy0sw082w2CdyNqLCkzAYqoN9+mwM1SmrmENbTn9CboT0bNtOi
1U09+8LeM9SVLfr8Rvhvjx76ur4/oxSPkl2H5Z5jfYw8e8cRKzpvFWrqYXG3/j/g
hYmlIUDA5uMQgH1GZ/kDkNro3mIbUqjAouI3rhMHns3rTQMs4GJd/dDXJqeAXPtm
UDKE78JPYdb3z4u4nyxTPyizx/iPHR2S7LTmQuzTAeO0gad4eCk7cm4VFUg7I32v
mDXiUnQX0CV0oJsqOMyWnLeqIiY5V5yJFDA1YDCppVXAES59LDnlxqz9pyzJLfJ6
EhAlYc5SCjK1NTdjjsCiB9Pfg/k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:01 2023 by rpki-client on console-fra.rpki-client.org