Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/pew1Dw-ZB6h9qrHYtoj7vxtwkSs.roa
File: pew1Dw-ZB6h9qrHYtoj7vxtwkSs.roa (raw, json)
Hash identifier: o5+Ae3sBWLE54e81kGCUlnwbtNQIo5DGHmrjdT56iq8=
Subject key identifier: A5:EC:35:0F:0F:99:07:A8:7D:AA:B1:D8:B6:88:FB:BF:1B:70:91:2B
Certificate issuer: /CN=6baa05c6f8f9bfd70e3d41fe05bafc50d1253bf5
Certificate serial: 018559D649E59B8AAC54A3B60EE77FF91DA8
Authority key identifier: 6B:AA:05:C6:F8:F9:BF:D7:0E:3D:41:FE:05:BA:FC:50:D1:25:3B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6oFxvj5v9cOPUH-Bbr8UNElO_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/pew1Dw-ZB6h9qrHYtoj7vxtwkSs.roa
Signing time: Wed 28 Dec 2022 17:44:53 +0000
ROA not before: Wed 28 Dec 2022 17:44:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 91.196.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:d6:49:e5:9b:8a:ac:54:a3:b6:0e:e7:7f:f9:1d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6baa05c6f8f9bfd70e3d41fe05bafc50d1253bf5
Validity
Not Before: Dec 28 17:44:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5ec350f0f9907a87daab1d8b688fbbf1b70912b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:47:54:17:2b:6a:18:13:7f:36:26:54:f7:77:
cc:ab:79:53:04:80:b8:df:1b:5d:9e:cd:5b:2a:fc:
f2:65:00:5d:de:24:7f:0f:2b:b0:ad:4e:1e:e2:54:
c7:88:9f:79:3e:d8:bd:0d:32:73:e6:4d:fd:72:d2:
2b:18:48:72:0e:39:d9:7e:15:6a:32:80:e0:3c:2b:
17:ac:04:7e:0c:3c:d1:cd:99:bc:16:69:d7:f2:dd:
a5:46:af:8e:93:a6:32:ee:9d:2e:18:17:64:41:b1:
7d:f0:d8:c9:c0:56:4a:97:9f:88:c0:ab:93:3f:b7:
64:18:61:8d:12:5d:b2:12:54:97:5c:e2:08:e1:33:
d7:2b:86:83:46:b9:bc:94:0e:96:c6:0a:3f:8b:db:
ff:b6:5f:a5:99:bd:67:28:cc:c0:e2:ca:c1:a1:ae:
df:9a:4e:e6:a3:1b:19:42:d6:a3:98:fc:a3:4d:ce:
59:1d:5e:d0:f7:e1:57:c9:9a:52:97:43:37:a0:bc:
43:f7:41:aa:05:f7:97:2e:71:29:80:0e:b0:89:a8:
16:14:14:f0:1d:ee:cd:53:4a:52:72:9a:ff:df:d0:
e6:50:c9:4e:d3:44:d7:76:61:eb:56:20:60:66:c0:
1b:39:cd:92:35:1e:dc:bc:4a:47:46:92:d3:24:44:
6c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:EC:35:0F:0F:99:07:A8:7D:AA:B1:D8:B6:88:FB:BF:1B:70:91:2B
X509v3 Authority Key Identifier:
keyid:6B:AA:05:C6:F8:F9:BF:D7:0E:3D:41:FE:05:BA:FC:50:D1:25:3B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6oFxvj5v9cOPUH-Bbr8UNElO_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/pew1Dw-ZB6h9qrHYtoj7vxtwkSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8f5119-6dcc-43a2-8daf-f3211d91520d/1/a6oFxvj5v9cOPUH-Bbr8UNElO_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e1:ee:9d:5e:6c:02:b2:df:d8:e6:b3:0a:4b:76:b6:84:39:
71:f6:ca:1b:3a:28:77:70:f8:fe:75:d6:6f:17:52:60:43:ed:
7b:5d:ec:cb:a4:56:d6:b1:c0:29:83:12:50:b6:79:6a:ea:e6:
30:4b:5c:ee:f3:8f:36:50:17:91:65:6d:51:99:c6:56:c9:06:
1e:b1:3b:3b:0b:22:58:87:80:24:a4:9c:ce:af:1f:f2:9f:62:
ff:be:14:61:ab:05:42:ae:46:cc:a9:23:ce:e8:5a:cf:c7:59:
9d:ce:c8:e1:09:da:5a:f0:0a:aa:87:81:d5:ce:11:b8:cb:f8:
eb:e3:d2:31:c3:a7:14:e4:17:e1:03:04:f7:ff:6b:5e:20:dd:
5f:f3:b4:9a:44:a9:f9:b9:e8:6a:c9:11:77:04:a7:ca:62:7f:
cc:66:08:4e:a5:5e:fa:56:71:4c:21:e6:0d:63:da:1e:39:8b:
0d:f8:88:1b:08:57:98:54:5e:62:2f:7a:c6:51:51:8d:35:f8:
f3:e6:47:05:44:d3:b6:bc:29:51:75:59:3f:46:61:37:75:0d:
56:27:ab:05:e8:0e:38:ed:4b:77:c6:b5:f5:6e:1c:0a:4d:1f:
36:08:e5:d8:ff:b1:30:8e:3e:b8:73:9f:4f:27:a2:7e:0b:5d:
5a:c1:63:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVZ1knlm4qsVKO2Dud/+R2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYWEwNWM2ZjhmOWJmZDcwZTNkNDFmZTA1YmFmYzUwZDEy
NTNiZjUwHhcNMjIxMjI4MTc0NDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWVjMzUwZjBmOTkwN2E4N2RhYWIxZDhiNjg4ZmJiZjFiNzA5MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kdUFytqGBN/NiZU93fMq3lTBIC4
3xtdns1bKvzyZQBd3iR/DyuwrU4e4lTHiJ95Pti9DTJz5k39ctIrGEhyDjnZfhVq
MoDgPCsXrAR+DDzRzZm8FmnX8t2lRq+Ok6Yy7p0uGBdkQbF98NjJwFZKl5+IwKuT
P7dkGGGNEl2yElSXXOII4TPXK4aDRrm8lA6Wxgo/i9v/tl+lmb1nKMzA4srBoa7f
mk7moxsZQtajmPyjTc5ZHV7Q9+FXyZpSl0M3oLxD90GqBfeXLnEpgA6wiagWFBTw
He7NU0pScpr/39DmUMlO00TXdmHrViBgZsAbOc2SNR7cvEpHRpLTJERsIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXsNQ8PmQeofaqx2LaI+78bcJErMB8GA1UdIwQY
MBaAFGuqBcb4+b/XDj1B/gW6/FDRJTv1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZvRnh2ajV2OWNPUFVILUJicjhVTkVsT19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZjUxMTktNmRjYy00M2EyLThkYWYt
ZjMyMTFkOTE1MjBkLzEvcGV3MUR3LVpCNmg5cXJIWXRvajd2eHR3a1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZjUxMTktNmRjYy00M2EyLThkYWYtZjMyMTFkOTE1MjBk
LzEvYTZvRnh2ajV2OWNPUFVILUJicjhVTkVsT19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8SYMA0G
CSqGSIb3DQEBCwUAA4IBAQAc4e6dXmwCst/Y5rMKS3a2hDlx9sobOih3cPj+ddZv
F1JgQ+17XezLpFbWscApgxJQtnlq6uYwS1zu8482UBeRZW1RmcZWyQYesTs7CyJY
h4AkpJzOrx/yn2L/vhRhqwVCrkbMqSPO6FrPx1mdzsjhCdpa8Aqqh4HVzhG4y/jr
49Ixw6cU5BfhAwT3/2teIN1f87SaRKn5uehqyRF3BKfKYn/MZghOpV76VnFMIeYN
Y9oeOYsN+IgbCFeYVF5iL3rGUVGNNfjz5kcFRNO2vClRdVk/RmE3dQ1WJ6sF6A44
7Ut3xrX1bhwKTR82COXY/7Ewjj64c59PJ6J+C11awWOv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:57 2024 by rpki-client on console-ams.rpki-client.org