Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/H4AeEJYwImH5mAN9wtmGVkUje98.roa
File: H4AeEJYwImH5mAN9wtmGVkUje98.roa (raw, json)
Hash identifier: TlwEJm76Hk/ca66WVinzWR5IFqVdQhFJXmfgH9S/x5w=
Subject key identifier: 1F:80:1E:10:96:30:22:61:F9:98:03:7D:C2:D9:86:56:45:23:7B:DF
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09ADC437
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/H4AeEJYwImH5mAN9wtmGVkUje98.roa
Signing time: Sat 01 Jan 2022 09:56:55 +0000
ROA not before: Sat 01 Jan 2022 09:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206150
IP address blocks: 91.222.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162382903 (0x9adc437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f801e1096302261f998037dc2d9865645237bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:ca:46:40:59:31:95:f9:25:c2:12:59:4b:
41:73:76:14:2b:98:eb:bd:a4:40:2e:1e:d5:49:14:
67:cf:6c:f3:d1:91:c8:e2:5f:97:e7:34:ce:67:0f:
16:90:d7:29:97:e4:6d:9d:cf:34:1c:dc:f7:b1:91:
94:57:85:3e:e9:34:c4:e0:a8:61:4f:9f:c5:c3:b9:
87:cf:cd:2f:c8:9e:ca:16:b7:2e:b2:64:83:f7:79:
0c:b1:93:e6:3b:9d:92:b4:e8:14:27:2c:b6:94:8f:
99:8f:8a:a4:fd:0d:44:f7:6f:de:34:82:d0:b9:b7:
7f:37:26:f0:05:f5:fc:77:54:c1:7e:de:6f:ae:f9:
78:af:df:6b:0f:79:c1:51:c6:79:63:c0:33:ea:da:
d8:1a:a9:61:d8:c4:51:95:87:45:19:80:13:a6:54:
61:5c:56:b9:c4:e2:71:48:b6:d0:e8:78:a7:42:fe:
96:b9:42:ca:36:9e:d9:4a:6a:7f:aa:63:27:8a:55:
33:72:9d:61:51:ab:26:d2:82:e3:96:91:87:11:21:
c7:72:8f:68:5c:80:2b:46:db:82:20:5e:10:20:b9:
8b:c8:ea:33:1b:f8:0d:5d:98:5a:f5:ba:e8:82:7c:
b8:4d:68:71:e5:81:32:59:40:c3:62:ca:1b:1b:b1:
52:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:80:1E:10:96:30:22:61:F9:98:03:7D:C2:D9:86:56:45:23:7B:DF
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/H4AeEJYwImH5mAN9wtmGVkUje98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.43.0/24
Signature Algorithm: sha256WithRSAEncryption
90:5d:cb:52:c6:57:49:d4:6c:ac:e8:41:80:07:88:14:88:fe:
c7:49:5a:c4:d8:f3:19:9a:64:14:23:18:fa:bd:37:eb:d6:e4:
ee:37:a3:3e:2c:2b:db:0f:81:13:f5:17:68:f5:25:2a:24:3b:
20:d5:90:7b:96:25:78:49:a2:f7:d2:49:91:75:72:3d:f9:d1:
52:33:5c:02:14:ba:26:f9:04:d9:cf:eb:d8:2f:3f:0c:60:b5:
0f:f9:b9:5b:f6:51:f9:3f:33:bc:1f:38:c6:c6:48:dd:db:cf:
d7:d9:9c:25:a8:dd:4f:fb:0b:42:da:70:4b:1c:e3:20:21:b9:
5a:5c:dc:17:c4:fd:4d:04:52:d0:79:59:95:73:7f:5f:4e:a1:
56:72:17:1c:fd:4f:17:72:2b:68:3e:53:c5:bd:07:52:b9:0d:
6f:ca:09:8b:0f:71:a3:9f:4c:f4:f1:e3:14:5a:ba:7f:3e:1a:
8a:ec:0b:8e:ce:bd:e6:38:5a:9b:e0:78:73:fb:aa:cc:35:28:
4d:3b:f0:a7:d5:1f:ee:52:41:5f:43:b9:40:f8:c7:ba:e8:f1:
3f:21:48:7c:0d:d2:0c:6b:12:4b:6b:ef:b2:96:24:3c:e8:e3:
3a:68:f9:16:35:09:23:be:d5:0f:f7:4c:ed:ec:a1:c8:a6:1c:
85:62:d9:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECa3ENzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY4MDFlMTA5NjMw
MjI2MWY5OTgwMzdkYzJkOTg2NTY0NTIzN2JkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJI+ykZAWTGV+SXCEllLQXN2FCuY672kQC4e1UkUZ89s89GR
yOJfl+c0zmcPFpDXKZfkbZ3PNBzc97GRlFeFPuk0xOCoYU+fxcO5h8/NL8ieyha3
LrJkg/d5DLGT5judkrToFCcstpSPmY+KpP0NRPdv3jSC0Lm3fzcm8AX1/HdUwX7e
b675eK/faw95wVHGeWPAM+ra2BqpYdjEUZWHRRmAE6ZUYVxWucTicUi20Oh4p0L+
lrlCyjae2Upqf6pjJ4pVM3KdYVGrJtKC45aRhxEhx3KPaFyAK0bbgiBeECC5i8jq
Mxv4DV2YWvW66IJ8uE1oceWBMllAw2LKGxuxUikCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfgB4QljAiYfmYA33C2YZWRSN73zAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0g0QWVFSll3SW1INW1BTjl3dG1HVmtVamU5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFveKzANBgkqhkiG9w0BAQsFAAOC
AQEAkF3LUsZXSdRsrOhBgAeIFIj+x0laxNjzGZpkFCMY+r0369bk7jejPiwr2w+B
E/UXaPUlKiQ7INWQe5YleEmi99JJkXVyPfnRUjNcAhS6JvkE2c/r2C8/DGC1D/m5
W/ZR+T8zvB84xsZI3dvP19mcJajdT/sLQtpwSxzjICG5WlzcF8T9TQRS0HlZlXN/
X06hVnIXHP1PF3IraD5Txb0HUrkNb8oJiw9xo59M9PHjFFq6fz4aiuwLjs695jha
m+B4c/uqzDUoTTvwp9Uf7lJBX0O5QPjHuujxPyFIfA3SDGsSS2vvspYkPOjjOmj5
FjUJI77VD/dM7eyhyKYchWLZIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org