Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/9AyGKbOClqlnnWD0AXhsJCUTg0Q.roa
File: 9AyGKbOClqlnnWD0AXhsJCUTg0Q.roa (raw, json)
Hash identifier: 2rPMi1xh9Qb7FyqoqZoig6IhOAw+UHSiKwS0kEXZkJU=
Subject key identifier: F4:0C:86:29:B3:82:96:A9:67:9D:60:F4:01:78:6C:24:25:13:83:44
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B94D7D7
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/9AyGKbOClqlnnWD0AXhsJCUTg0Q.roa
Signing time: Wed 22 Jun 2022 21:31:32 +0000
ROA not before: Wed 22 Jun 2022 21:31:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 91.103.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194303959 (0xb94d7d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 22 21:31:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f40c8629b38296a9679d60f401786c2425138344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:af:45:bf:3c:76:e5:69:a5:50:ab:b3:3c:
62:b4:34:49:79:a6:fe:e6:4f:fd:3f:d3:42:23:e9:
5e:75:c8:ea:ab:08:e8:e4:bb:35:2f:89:dd:84:2d:
4f:ce:fe:09:e4:30:b7:69:dc:ee:b4:76:40:08:ac:
c5:a2:95:12:42:78:2b:77:20:c0:8d:07:61:21:00:
16:d1:29:26:4b:32:a6:63:42:b9:df:d4:fa:44:b6:
94:a5:d0:0f:32:0f:0c:bb:31:58:68:d4:1e:0d:0d:
ba:5d:c0:d8:0c:dc:b3:63:f7:72:cc:70:99:f2:c8:
b8:a9:fd:55:c3:ff:c1:8b:7a:54:d2:6b:0f:4f:bd:
be:3d:08:d1:bd:0e:81:1c:a6:4a:58:1f:20:b6:25:
5b:0f:a2:d0:ed:f7:f6:74:04:03:7f:bd:16:65:ea:
93:0b:c3:f4:44:66:d7:06:b6:63:f1:95:2c:41:8f:
e1:2e:79:28:fb:4a:b8:4b:28:ca:40:83:b8:94:7f:
06:d1:2a:7e:45:f3:d8:ff:0c:63:4c:59:0f:be:ed:
74:61:0c:e3:28:56:b5:c1:3e:fa:66:7f:7c:bc:90:
57:6e:a8:31:08:f6:ab:df:e6:45:69:27:3b:2f:fb:
5e:d8:9a:ab:7c:ea:7a:d7:b9:b1:c1:43:67:24:46:
6a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0C:86:29:B3:82:96:A9:67:9D:60:F4:01:78:6C:24:25:13:83:44
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/9AyGKbOClqlnnWD0AXhsJCUTg0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:3e:9c:7f:42:2f:e2:14:fc:ce:28:bd:2a:40:47:15:2e:47:
be:f4:f4:82:78:a1:5a:0b:b9:51:90:6c:5a:3a:30:21:56:62:
1f:cd:99:52:c2:92:1b:1a:bf:eb:95:36:9f:94:e5:52:15:1d:
82:39:f3:09:03:56:0f:92:85:9e:3f:28:b2:26:48:a6:dc:cd:
ca:1c:59:85:65:20:10:7a:6e:16:7e:f0:fb:91:38:86:fe:eb:
4a:ac:21:9e:7f:55:4c:bb:c4:0d:1a:fd:d4:26:ae:61:d1:c0:
d0:4b:4c:be:78:ff:ab:31:38:00:3e:5d:2d:c0:ea:2b:5e:db:
f2:4f:96:e8:bb:d9:f4:9a:61:45:c2:2f:0a:39:c2:7b:d2:0d:
39:a6:cd:ad:dc:75:51:bf:a6:3d:14:e3:ab:a9:4c:f2:77:18:
22:e0:71:c8:fc:0b:4e:e8:aa:62:86:a3:08:ca:d4:d4:07:5b:
1b:c2:fc:28:bb:ac:06:9f:a5:4a:40:49:f1:d7:e8:b2:93:c8:
3c:d5:b9:47:9d:27:57:53:41:20:c8:df:68:cb:c9:1d:52:c9:
aa:3e:b8:1a:28:03:1e:b4:0d:02:b0:6a:2a:4e:49:a4:6b:6f:
04:47:dc:ce:8c:bf:98:89:18:50:df:97:d3:5c:43:93:4b:3e:
7f:e7:f6:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC5TX1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYy
MjIxMzEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQwYzg2MjliMzgy
OTZhOTY3OWQ2MGY0MDE3ODZjMjQyNTEzODM0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy9r0W/PHblaaVQq7M8YrQ0SXmm/uZP/T/TQiPpXnXI6qsI
6OS7NS+J3YQtT87+CeQwt2nc7rR2QAisxaKVEkJ4K3cgwI0HYSEAFtEpJksypmNC
ud/U+kS2lKXQDzIPDLsxWGjUHg0Nul3A2Azcs2P3csxwmfLIuKn9VcP/wYt6VNJr
D0+9vj0I0b0OgRymSlgfILYlWw+i0O339nQEA3+9FmXqkwvD9ERm1wa2Y/GVLEGP
4S55KPtKuEsoykCDuJR/BtEqfkXz2P8MY0xZD77tdGEM4yhWtcE++mZ/fLyQV26o
MQj2q9/mRWknOy/7Xtiaq3zqete5scFDZyRGau0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0DIYps4KWqWedYPQBeGwkJRODRDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzlBeUdLYk9DbHFsbm5XRDBBWGhzSkNVVGcwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAltnfDANBgkqhkiG9w0BAQsFAAOC
AQEAbD6cf0Iv4hT8zii9KkBHFS5HvvT0gnihWgu5UZBsWjowIVZiH82ZUsKSGxq/
65U2n5TlUhUdgjnzCQNWD5KFnj8osiZIptzNyhxZhWUgEHpuFn7w+5E4hv7rSqwh
nn9VTLvEDRr91CauYdHA0EtMvnj/qzE4AD5dLcDqK17b8k+W6LvZ9JphRcIvCjnC
e9INOabNrdx1Ub+mPRTjq6lM8ncYIuBxyPwLTuiqYoajCMrU1AdbG8L8KLusBp+l
SkBJ8dfospPIPNW5R50nV1NBIMjfaMvJHVLJqj64GigDHrQNArBqKk5JpGtvBEfc
zoy/mIkYUN+X01xDk0s+f+f2ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org