Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/aMXA41gK6GVCcK1UG_wxdS5thRY.roa
File: aMXA41gK6GVCcK1UG_wxdS5thRY.roa (raw, json)
Hash identifier: Gpsnetdyhlqq0xF9UWh9evbRXOqYbPsqnODT1c4BNkQ=
Subject key identifier: 68:C5:C0:E3:58:0A:E8:65:42:70:AD:54:1B:FC:31:75:2E:6D:85:16
Certificate issuer: /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial: 0722A3CC
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/aMXA41gK6GVCcK1UG_wxdS5thRY.roa
Signing time: Thu 30 Jun 2022 11:31:02 +0000
ROA not before: Thu 30 Jun 2022 11:31:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44124
IP address blocks: 91.209.149.0/24 maxlen: 24
91.209.151.0/24 maxlen: 24
194.50.253.0/24 maxlen: 24
91.209.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119710668 (0x722a3cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
Validity
Not Before: Jun 30 11:31:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68c5c0e3580ae8654270ad541bfc31752e6d8516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:89:69:1c:22:3d:ea:7e:d3:a5:76:d1:8c:
38:f7:d0:db:bb:a7:d7:2f:d5:cc:96:bd:bb:18:d0:
d2:fc:5f:66:d3:97:7d:b8:76:2d:68:11:fc:88:21:
35:3d:00:00:13:4b:3a:5f:8a:f2:76:01:3a:bf:1a:
c8:80:37:bb:85:59:1c:f4:41:cc:3c:a2:b4:c5:87:
a0:c8:0e:52:b3:62:d6:47:b0:74:29:e3:b0:2b:a9:
f7:39:2a:2b:95:53:f0:ab:a4:1d:ba:f6:52:75:65:
e9:38:d8:40:92:de:77:a9:e1:8b:b1:c1:9c:8e:5a:
fc:4e:ed:17:59:01:da:93:2c:c1:9c:0a:6f:f9:90:
a0:7b:85:c6:0c:33:43:82:32:8d:6f:85:b2:3e:85:
3a:21:e2:cc:15:2c:71:e2:50:3d:63:a5:35:86:e9:
06:74:65:85:fe:44:f5:63:93:ba:1c:66:c7:57:df:
bb:46:0a:40:d9:21:5b:83:cf:a6:95:3a:f8:26:da:
20:a0:30:1c:f7:ba:6c:7b:17:0b:9c:7c:57:d8:16:
f2:c3:7d:3b:22:ae:fb:3b:90:51:b1:dc:96:73:b0:
48:15:86:f4:c4:14:bf:13:41:5f:7c:76:5b:fa:ff:
ba:8b:10:22:35:43:05:6e:71:c2:4c:0d:bc:f6:36:
f0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C5:C0:E3:58:0A:E8:65:42:70:AD:54:1B:FC:31:75:2E:6D:85:16
X509v3 Authority Key Identifier:
keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/aMXA41gK6GVCcK1UG_wxdS5thRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.115.0/24
91.209.149.0/24
91.209.151.0/24
194.50.253.0/24
Signature Algorithm: sha256WithRSAEncryption
27:08:e4:54:0b:1a:46:88:97:2c:0d:2e:52:fa:a3:6f:d5:34:
60:3f:7b:3b:f0:92:45:db:6d:b6:79:bd:c5:ad:9c:fa:4a:18:
70:b6:d1:9d:67:41:d6:d4:d6:b1:cd:1e:d6:ed:9f:ff:3b:fc:
94:ec:2d:db:a8:ec:c5:3e:d3:6f:4f:cd:7c:5b:b2:39:5d:82:
78:b3:25:54:e2:2e:2e:8b:b7:ac:cf:26:2f:4a:71:57:80:1e:
35:9b:e2:97:ba:c7:cb:e5:5b:15:8d:54:11:a7:d4:f5:eb:bb:
c9:55:73:92:79:ac:1b:ca:45:03:4c:13:b2:7d:45:35:c1:ab:
0e:fa:fd:5a:2b:03:a1:96:e6:e1:a0:cd:7b:ea:7f:e7:7f:ab:
88:c5:9c:ba:d2:48:af:fa:9b:e6:d6:f9:f5:1d:2e:78:0e:3e:
14:a3:e6:7c:56:b5:8e:d7:44:1d:29:d9:ee:45:da:4d:43:a8:
5a:9e:a4:b5:e8:5b:c2:9f:b3:00:90:5f:c6:87:67:c7:38:1e:
89:30:1b:46:83:eb:16:d5:0e:7a:4f:b8:6e:c6:e6:50:f7:dc:
a4:f1:71:7e:2f:c8:05:fe:5f:dd:5c:fe:0d:4c:3f:d5:ee:1a:
4f:b7:85:ea:21:fa:48:40:e8:7a:6c:82:46:f1:ce:8e:ab:ac:
0e:30:c9:97
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEByKjzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmJjYWUyYjI5MGM4MDFkNTdkMDlkMDI1YTkzNDhlMTY3MDZmMTgyMB4XDTIyMDYz
MDExMzEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhjNWMwZTM1ODBh
ZTg2NTQyNzBhZDU0MWJmYzMxNzUyZTZkODUxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIATiWkcIj3qftOldtGMOPfQ27un1y/VzJa9uxjQ0vxfZtOX
fbh2LWgR/IghNT0AABNLOl+K8nYBOr8ayIA3u4VZHPRBzDyitMWHoMgOUrNi1kew
dCnjsCup9zkqK5VT8KukHbr2UnVl6TjYQJLed6nhi7HBnI5a/E7tF1kB2pMswZwK
b/mQoHuFxgwzQ4IyjW+Fsj6FOiHizBUsceJQPWOlNYbpBnRlhf5E9WOTuhxmx1ff
u0YKQNkhW4PPppU6+CbaIKAwHPe6bHsXC5x8V9gW8sN9OyKu+zuQUbHclnOwSBWG
9MQUvxNBX3x2W/r/uosQIjVDBW5xwkwNvPY28NMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRoxcDjWAroZUJwrVQb/DF1Lm2FFjAfBgNVHSMEGDAWgBT/vK4rKQyAHVfQ
nQJak0jhZwbxgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L183eXVLeWtNZ0IxWDBKMENXcE5JNFdjRzhZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNTliY2QxLTFlMGItNDg1ZC05NTEwLTA5NmFmNDc4ZjA0Yi8x
L2FNWEE0MWdLNkdWQ2NLMVVHX3d4ZFM1dGhSWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NTliY2QxLTFlMGItNDg1ZC05NTEwLTA5NmFmNDc4ZjA0Yi8xL183eXVLeWtNZ0Ix
WDBKMENXcE5JNFdjRzhZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvRcwMEAFvRlQMEAFvRlwMEAMIy
/TANBgkqhkiG9w0BAQsFAAOCAQEAJwjkVAsaRoiXLA0uUvqjb9U0YD97O/CSRdtt
tnm9xa2c+koYcLbRnWdB1tTWsc0e1u2f/zv8lOwt26jsxT7Tb0/NfFuyOV2CeLMl
VOIuLou3rM8mL0pxV4AeNZvil7rHy+VbFY1UEafU9eu7yVVzknmsG8pFA0wTsn1F
NcGrDvr9WisDoZbm4aDNe+p/53+riMWcutJIr/qb5tb59R0ueA4+FKPmfFa1jtdE
HSnZ7kXaTUOoWp6ktehbwp+zAJBfxodnxzgeiTAbRoPrFtUOek+4bsbmUPfcpPFx
fi/IBf5f3Vz+DUw/1e4aT7eF6iH6SEDoemyCRvHOjqusDjDJlw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:25 2023 by rpki-client on console-fra.rpki-client.org