Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SLJF5dxrrEqytrcD-9GD9AZIdRM.roa
File: SLJF5dxrrEqytrcD-9GD9AZIdRM.roa (raw, json)
Hash identifier: uY9IdV+5JwOBqJAB2hHDyRAHgt3wBxS61uzVHP2rSBA=
Subject key identifier: 48:B2:45:E5:DC:6B:AC:4A:B2:B6:B7:03:FB:D1:83:F4:06:48:75:13
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0184F7A3D7F6F7B1720804CF2819DA2111FC
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SLJF5dxrrEqytrcD-9GD9AZIdRM.roa
Signing time: Fri 09 Dec 2022 16:07:00 +0000
ROA not before: Fri 09 Dec 2022 16:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.103.124.0/22 maxlen: 24
95.111.128.0/20 maxlen: 24
95.111.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f7:a3:d7:f6:f7:b1:72:08:04:cf:28:19:da:21:11:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 9 16:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48b245e5dc6bac4ab2b6b703fbd183f406487513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:bb:91:df:89:e5:1d:5f:de:94:e8:31:a0:
be:b4:ed:d9:86:66:79:23:83:99:b1:a6:e7:b1:59:
28:e3:30:90:67:a1:db:08:2b:5a:c5:b8:2c:09:61:
5b:cc:7c:58:7b:af:42:b5:bb:96:07:36:3d:53:85:
ce:11:29:c0:2b:fd:16:3c:ae:a1:f4:38:1b:fb:e8:
dd:b4:40:11:b0:de:ee:7c:e2:b4:8b:4d:15:02:63:
cd:1d:39:18:65:21:23:66:4e:93:f9:27:f1:36:c9:
9c:9e:3d:33:d6:09:c6:19:1d:90:da:40:7f:e2:76:
a2:18:f2:1f:af:47:f8:e6:20:e7:3b:32:79:e2:c6:
d8:a2:09:31:7e:3f:81:4c:71:2d:51:c4:4f:52:a4:
ae:3c:57:19:e6:93:3e:a1:74:e6:36:df:b9:bf:0b:
6f:6c:7d:50:a3:1f:95:d0:0e:19:ab:07:e5:11:59:
3b:16:20:28:14:e3:dd:37:23:b7:9c:43:d6:19:16:
38:52:d6:c3:34:c4:93:d4:1c:f6:b3:74:87:65:b4:
e0:04:bf:89:36:e4:b0:10:0f:e4:e1:e0:34:60:2c:
cd:e3:da:2e:ad:ac:cf:07:23:7f:6e:01:5a:71:8a:
06:b4:3a:0d:2b:5b:0c:fa:c2:ad:8d:87:e2:ba:d4:
c8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B2:45:E5:DC:6B:AC:4A:B2:B6:B7:03:FB:D1:83:F4:06:48:75:13
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SLJF5dxrrEqytrcD-9GD9AZIdRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.124.0/22
95.111.128.0/19
Signature Algorithm: sha256WithRSAEncryption
91:b2:b5:d3:5d:15:a9:e9:88:08:66:62:59:09:d0:00:ea:94:
ad:d0:5c:6e:1f:7c:e8:56:1a:8b:35:c6:b6:59:62:af:42:a7:
bb:eb:93:f3:0c:85:b5:ca:3a:5c:46:70:cb:6f:2a:fc:2b:69:
d6:5c:fd:61:89:5b:c1:be:4f:86:6c:f4:29:6e:c5:11:c9:43:
44:4b:a4:05:c7:79:cd:e3:1a:09:12:c3:3d:e2:80:2d:36:72:
9f:5e:cb:17:7d:c5:1f:ef:d7:7e:08:39:70:67:c8:67:4e:70:
a9:5c:cf:0e:9f:58:7a:e5:d5:8f:57:d4:32:6a:a5:ca:18:36:
2a:0e:d5:41:da:c1:f7:57:c9:25:41:c2:dc:26:b3:d6:6b:b5:
af:4e:57:68:f0:15:3a:c9:d1:26:50:a0:cc:f2:b5:14:92:42:
77:90:e7:64:10:ee:87:af:32:8c:66:3e:df:95:c6:bb:0c:98:
b2:66:f5:c4:18:47:c3:b1:99:87:3a:6e:29:1c:f9:cd:06:99:
95:95:c3:0b:14:45:0a:3b:c1:74:ef:f3:ab:96:59:fc:22:77:
f2:4e:15:22:e1:84:15:11:47:14:f4:c8:49:c6:ef:29:0e:6d:
eb:50:92:95:a7:f1:0c:9e:3f:73:c7:d7:d5:b1:53:a1:7f:9e:
d8:18:99:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYT3o9f297FyCATPKBnaIRH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIxMjA5MTYwNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGIyNDVlNWRjNmJhYzRhYjJiNmI3MDNmYmQxODNmNDA2NDg3NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5C7kd+J5R1f3pToMaC+tO3ZhmZ5
I4OZsabnsVko4zCQZ6HbCCtaxbgsCWFbzHxYe69CtbuWBzY9U4XOESnAK/0WPK6h
9Dgb++jdtEARsN7ufOK0i00VAmPNHTkYZSEjZk6T+SfxNsmcnj0z1gnGGR2Q2kB/
4naiGPIfr0f45iDnOzJ54sbYogkxfj+BTHEtUcRPUqSuPFcZ5pM+oXTmNt+5vwtv
bH1Qox+V0A4ZqwflEVk7FiAoFOPdNyO3nEPWGRY4UtbDNMST1Bz2s3SHZbTgBL+J
NuSwEA/k4eA0YCzN49ourazPByN/bgFacYoGtDoNK1sM+sKtjYfiutTIVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEiyReXca6xKsra3A/vRg/QGSHUTMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvU0xKRjVkeHJyRXF5dHJjRC05R0Q5QVpJZFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW2d8AwQF
X2+AMA0GCSqGSIb3DQEBCwUAA4IBAQCRsrXTXRWp6YgIZmJZCdAA6pSt0FxuH3zo
VhqLNca2WWKvQqe765PzDIW1yjpcRnDLbyr8K2nWXP1hiVvBvk+GbPQpbsURyUNE
S6QFx3nN4xoJEsM94oAtNnKfXssXfcUf79d+CDlwZ8hnTnCpXM8On1h65dWPV9Qy
aqXKGDYqDtVB2sH3V8klQcLcJrPWa7WvTldo8BU6ydEmUKDM8rUUkkJ3kOdkEO6H
rzKMZj7flca7DJiyZvXEGEfDsZmHOm4pHPnNBpmVlcMLFEUKO8F07/Orlln8Infy
ThUi4YQVEUcU9MhJxu8pDm3rUJKVp/EMnj9zx9fVsVOhf57YGJlZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org