Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/Sxh7YuL_4qQVCVXBIpGmeI1v5Ek.roa
File: Sxh7YuL_4qQVCVXBIpGmeI1v5Ek.roa (raw, json)
Hash identifier: ZipYCyMe4qmAno0uKI9xnMIFFDYe/bGaDOj+ocke8nI=
Subject key identifier: 4B:18:7B:62:E2:FF:E2:A4:15:09:55:C1:22:91:A6:78:8D:6F:E4:49
Certificate issuer: /CN=c38c3a1c05c899ebfe15d2361909a63597c68078
Certificate serial: 0F4ADB21
Authority key identifier: C3:8C:3A:1C:05:C8:99:EB:FE:15:D2:36:19:09:A6:35:97:C6:80:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4w6HAXImev-FdI2GQmmNZfGgHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/Sxh7YuL_4qQVCVXBIpGmeI1v5Ek.roa
Signing time: Sat 01 Jan 2022 05:01:41 +0000
ROA not before: Sat 01 Jan 2022 05:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43771
IP address blocks: 91.198.148.0/24 maxlen: 24
185.202.4.0/23 maxlen: 23
185.202.6.0/24 maxlen: 24
2a0a:cdc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256564001 (0xf4adb21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38c3a1c05c899ebfe15d2361909a63597c68078
Validity
Not Before: Jan 1 05:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b187b62e2ffe2a4150955c12291a6788d6fe449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2e:31:cd:4c:a8:96:f4:6d:1f:32:ee:8d:a5:
22:18:9d:53:7b:8c:87:1d:b1:a7:81:52:63:2a:20:
8a:da:34:e0:12:2b:6c:05:fb:9f:7d:0b:fa:d3:8e:
6d:db:55:1e:e7:b8:8c:81:5d:eb:7e:e7:8d:ed:80:
b7:33:cd:15:72:75:63:33:31:7a:19:db:b2:17:e7:
73:6f:92:85:24:f6:0b:f8:69:e6:8e:cb:bf:a0:dc:
ef:3f:a7:02:bb:0e:a9:85:0a:e3:1b:2e:c7:5d:3a:
4e:19:62:b2:ce:1d:6c:1d:b8:6c:e2:07:78:40:36:
7f:36:f9:77:ab:2c:d8:64:39:55:4c:09:41:b9:9f:
57:37:cc:56:62:5d:71:32:ba:83:ff:33:71:db:9e:
14:eb:0d:b0:44:8b:30:3c:72:cb:44:d6:3c:c0:96:
d5:8a:2e:9f:29:84:a8:e2:88:5e:94:ed:da:58:5c:
ab:b1:a2:db:66:92:6a:06:a5:d3:e0:6e:11:d8:4e:
c5:7a:15:c1:1b:fa:ca:8c:74:54:4e:c6:a3:39:29:
5c:7b:14:2f:13:26:63:b3:d1:ed:e8:14:76:db:90:
84:51:d5:c1:7c:c2:cc:4c:00:1d:5a:90:39:6a:35:
bc:61:e7:a1:e4:d1:e7:7e:1c:4a:a9:84:c0:97:89:
3f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:18:7B:62:E2:FF:E2:A4:15:09:55:C1:22:91:A6:78:8D:6F:E4:49
X509v3 Authority Key Identifier:
keyid:C3:8C:3A:1C:05:C8:99:EB:FE:15:D2:36:19:09:A6:35:97:C6:80:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4w6HAXImev-FdI2GQmmNZfGgHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/Sxh7YuL_4qQVCVXBIpGmeI1v5Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/w4w6HAXImev-FdI2GQmmNZfGgHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.148.0/24
185.202.4.0-185.202.6.255
IPv6:
2a0a:cdc0::/32
Signature Algorithm: sha256WithRSAEncryption
18:66:5f:16:8f:5d:30:1a:af:f4:55:93:8b:ff:f2:74:8f:63:
f4:55:69:3d:02:f2:39:5e:d8:df:07:0b:4e:b5:0d:af:99:24:
7e:d8:63:8d:37:47:e8:c4:0f:c3:15:8d:ec:72:0c:22:41:78:
7d:52:d8:78:a2:41:f5:9b:e0:c9:45:16:a7:f6:c2:6e:7b:5e:
9d:28:c5:47:80:a4:ab:2f:b8:13:3e:49:9d:4a:df:42:dd:f7:
b8:6b:80:91:76:f1:9b:72:1b:05:6e:62:9f:31:ab:56:1e:3c:
28:ad:e7:25:f2:fd:5b:12:a1:b7:d5:86:30:85:4e:57:27:02:
0d:93:ab:9b:ac:49:eb:e3:3c:d9:62:a7:42:33:d7:c5:ab:7a:
ed:cc:a2:a7:7c:e2:e4:b8:74:a1:fa:6f:57:b9:34:77:2c:54:
d3:11:cb:fb:38:34:e7:9f:1a:f3:f2:d6:51:8b:a4:a5:61:85:
da:69:5e:0a:f8:4f:71:d1:51:fb:ed:fd:6f:8e:cc:4f:9d:27:
d5:9e:46:7e:d3:82:30:1c:fc:bb:58:2c:fd:c1:69:55:ae:44:
0e:a5:8e:26:fc:5c:ec:d2:e6:aa:0b:39:74:14:a5:d4:b9:7e:
80:48:08:f7:76:e9:4a:60:07:59:45:7a:22:f4:9f:6e:ec:d7:
6b:65:1b:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIED0rbITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzhjM2ExYzA1Yzg5OWViZmUxNWQyMzYxOTA5YTYzNTk3YzY4MDc4MB4XDTIyMDEw
MTA1MDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIxODdiNjJlMmZm
ZTJhNDE1MDk1NWMxMjI5MWE2Nzg4ZDZmZTQ0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYuMc1MqJb0bR8y7o2lIhidU3uMhx2xp4FSYyogito04BIr
bAX7n30L+tOObdtVHue4jIFd637nje2AtzPNFXJ1YzMxehnbshfnc2+ShST2C/hp
5o7Lv6Dc7z+nArsOqYUK4xsux106Thliss4dbB24bOIHeEA2fzb5d6ss2GQ5VUwJ
QbmfVzfMVmJdcTK6g/8zcdueFOsNsESLMDxyy0TWPMCW1YounymEqOKIXpTt2lhc
q7Gi22aSagal0+BuEdhOxXoVwRv6yox0VE7GozkpXHsULxMmY7PR7egUdtuQhFHV
wXzCzEwAHVqQOWo1vGHnoeTR534cSqmEwJeJPx8CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRLGHti4v/ipBUJVcEikaZ4jW/kSTAfBgNVHSMEGDAWgBTDjDocBciZ6/4V
0jYZCaY1l8aAeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c0dzZIQVhJbWV2LUZkSTJHUW1tTlpmR2dIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvOWU4NmFiLWJjN2YtNGJjNC1iMTI3LTQyMjYyMTYxZTk0MC8x
L1N4aDdZdUxfNHFRVkNWWEJJcEdtZUkxdjVFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
OWU4NmFiLWJjN2YtNGJjNC1iMTI3LTQyMjYyMTYxZTk0MC8xL3c0dzZIQVhJbWV2
LUZkSTJHUW1tTlpmR2dIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEAFvGlDAMAwQCucoEAwQAucoGMA0E
AgACMAcDBQAqCs3AMA0GCSqGSIb3DQEBCwUAA4IBAQAYZl8Wj10wGq/0VZOL//J0
j2P0VWk9AvI5XtjfBwtOtQ2vmSR+2GONN0foxA/DFY3scgwiQXh9Uth4okH1m+DJ
RRan9sJue16dKMVHgKSrL7gTPkmdSt9C3fe4a4CRdvGbchsFbmKfMatWHjworecl
8v1bEqG31YYwhU5XJwINk6ubrEnr4zzZYqdCM9fFq3rtzKKnfOLkuHSh+m9XuTR3
LFTTEcv7ODTnnxrz8tZRi6SlYYXaaV4K+E9x0VH77f1vjsxPnSfVnkZ+04IwHPy7
WCz9wWlVrkQOpY4m/Fzs0uaqCzl0FKXUuX6ASAj3dulKYAdZRXoi9J9u7NdrZRtH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:56 2024 by rpki-client on console-fra.rpki-client.org