Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/vRsutYpkEbNFOr956I2H0CU80II.roa
File: vRsutYpkEbNFOr956I2H0CU80II.roa (raw, json)
Hash identifier: E97M8q+KZO1Q/p8vuV2aI5px5vQhR2s08fKdPXCQeFI=
Subject key identifier: BD:1B:2E:B5:8A:64:11:B3:45:3A:BF:79:E8:8D:87:D0:25:3C:D0:82
Certificate issuer: /CN=0a06b65cbb97667abdff9b861a22f9d01d1d46cb
Certificate serial: 08D372E2
Authority key identifier: 0A:06:B6:5C:BB:97:66:7A:BD:FF:9B:86:1A:22:F9:D0:1D:1D:46:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/vRsutYpkEbNFOr956I2H0CU80II.roa
Signing time: Sat 01 Jan 2022 03:52:38 +0000
ROA not before: Sat 01 Jan 2022 03:52:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209615
IP address blocks: 91.132.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148075234 (0x8d372e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a06b65cbb97667abdff9b861a22f9d01d1d46cb
Validity
Not Before: Jan 1 03:52:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd1b2eb58a6411b3453abf79e88d87d0253cd082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4b:a2:5e:bc:0a:89:a5:d0:37:5a:de:23:b5:
f6:39:a7:eb:7f:69:67:a6:18:d1:cc:50:a8:2b:19:
f3:b3:e5:80:0b:c1:26:f3:85:69:cb:5b:e7:3a:c1:
50:c3:94:87:1b:93:6c:5c:7b:58:18:d9:80:9a:4f:
d9:70:be:a8:31:48:1f:86:5d:8c:1b:2b:e6:75:a5:
c4:1e:78:8d:bf:30:59:74:aa:db:91:22:6e:fd:e7:
dd:79:de:89:41:13:2c:9a:87:67:0c:56:b6:72:d4:
b3:ce:3b:d3:a8:73:7d:90:2c:69:6e:3f:6b:bb:eb:
f4:bc:eb:84:81:26:6d:08:bd:12:fd:9e:99:6c:c8:
ed:c7:5c:6a:a0:ca:c1:3c:c7:de:b9:fa:9b:e8:94:
f4:aa:86:18:d3:1a:36:26:64:30:ce:35:82:5c:15:
96:f2:20:3d:63:29:77:70:b5:87:50:98:bf:4c:cf:
ff:95:67:23:f0:a3:88:d2:e4:2b:a3:1c:d6:cd:44:
f5:65:2c:73:81:ad:b5:96:66:19:57:82:84:6d:ac:
1a:13:14:87:44:2a:b3:e1:2a:f1:f3:79:4b:51:d5:
67:32:f5:32:83:d1:4b:1f:ca:29:fa:62:10:43:b2:
9f:33:07:85:75:e3:2f:57:12:6b:71:37:40:4d:7f:
81:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:1B:2E:B5:8A:64:11:B3:45:3A:BF:79:E8:8D:87:D0:25:3C:D0:82
X509v3 Authority Key Identifier:
keyid:0A:06:B6:5C:BB:97:66:7A:BD:FF:9B:86:1A:22:F9:D0:1D:1D:46:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/vRsutYpkEbNFOr956I2H0CU80II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.236.0/22
Signature Algorithm: sha256WithRSAEncryption
58:64:d8:57:f8:7e:4e:a8:cd:2d:17:ba:13:99:c5:6d:80:f5:
83:d9:55:fa:61:cf:61:e4:a3:f5:6b:b9:43:69:8d:79:d9:6e:
de:7f:f0:f8:8b:c3:5f:e2:77:a8:25:25:23:f9:25:fa:bd:38:
59:94:0e:9d:83:6d:70:d6:d5:51:a5:36:b1:a7:dc:f7:ff:71:
b0:50:35:f6:b8:f0:62:bd:40:fe:91:39:0e:84:55:5a:5a:09:
50:fd:a0:5a:8d:64:18:76:80:a1:d9:6f:8f:03:ec:27:d4:a7:
0d:b3:19:ef:b9:82:3a:b8:c6:a1:e7:52:43:c9:06:64:10:ee:
61:0e:cd:2a:98:21:d8:99:90:c5:34:32:0c:7b:e6:03:a6:fd:
f8:31:62:5e:f7:5a:45:c3:60:33:ef:13:51:53:76:a7:69:06:
44:98:50:85:c1:29:1f:0f:fa:51:99:81:6d:6d:7c:01:af:14:
f7:0d:f5:c6:c0:c6:16:4f:fd:90:71:1d:0b:cd:74:1c:00:f8:
eb:19:ce:ce:01:f8:fe:07:d3:6d:26:8f:e5:03:09:d1:51:48:
75:e0:0b:0e:42:fc:a7:94:e3:9b:b8:90:79:27:e6:d6:1b:c7:
52:8d:cd:b3:b1:a2:b1:06:7e:6a:5e:ab:45:c4:c9:7c:e4:13:
79:52:c5:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECNNy4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTA2YjY1Y2JiOTc2NjdhYmRmZjliODYxYTIyZjlkMDFkMWQ0NmNiMB4XDTIyMDEw
MTAzNTIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQxYjJlYjU4YTY0
MTFiMzQ1M2FiZjc5ZTg4ZDg3ZDAyNTNjZDA4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpLol68Coml0Dda3iO19jmn639pZ6YY0cxQqCsZ87PlgAvB
JvOFactb5zrBUMOUhxuTbFx7WBjZgJpP2XC+qDFIH4ZdjBsr5nWlxB54jb8wWXSq
25Eibv3n3XneiUETLJqHZwxWtnLUs84706hzfZAsaW4/a7vr9LzrhIEmbQi9Ev2e
mWzI7cdcaqDKwTzH3rn6m+iU9KqGGNMaNiZkMM41glwVlvIgPWMpd3C1h1CYv0zP
/5VnI/CjiNLkK6Mc1s1E9WUsc4GttZZmGVeChG2sGhMUh0Qqs+Eq8fN5S1HVZzL1
MoPRSx/KKfpiEEOynzMHhXXjL1cSa3E3QE1/gRsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9Gy61imQRs0U6v3nojYfQJTzQgjAfBgNVHSMEGDAWgBQKBrZcu5dmer3/
m4YaIvnQHR1GyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NnYTJYTHVYWm5xOV81dUdHaUw1MEIwZFJzcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvMmUxOGY3LTA5YzctNDViMS1iY2I3LTlmNjY4NmU0MjgwMC8x
L3ZSc3V0WXBrRWJORk9yOTU2STJIMENVODBJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
MmUxOGY3LTA5YzctNDViMS1iY2I3LTlmNjY4NmU0MjgwMC8xL0NnYTJYTHVYWm5x
OV81dUdHaUw1MEIwZFJzcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAluE7DANBgkqhkiG9w0BAQsFAAOC
AQEAWGTYV/h+TqjNLRe6E5nFbYD1g9lV+mHPYeSj9Wu5Q2mNedlu3n/w+IvDX+J3
qCUlI/kl+r04WZQOnYNtcNbVUaU2safc9/9xsFA19rjwYr1A/pE5DoRVWloJUP2g
Wo1kGHaAodlvjwPsJ9SnDbMZ77mCOrjGoedSQ8kGZBDuYQ7NKpgh2JmQxTQyDHvm
A6b9+DFiXvdaRcNgM+8TUVN2p2kGRJhQhcEpHw/6UZmBbW18Aa8U9w31xsDGFk/9
kHEdC810HAD46xnOzgH4/gfTbSaP5QMJ0VFIdeALDkL8p5Tjm7iQeSfm1hvHUo3N
s7GisQZ+al6rRcTJfOQTeVLFcQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:55 2023 by rpki-client on console-fra.rpki-client.org