Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/jrVzWz6yPko2bFiz-LzZHHEJ5ec.roa
File: jrVzWz6yPko2bFiz-LzZHHEJ5ec.roa (raw, json)
Hash identifier: EjM7B3K0dXOiFPy9lxr1JPQ28ql5Y8Kt+mIsZLgIr4A=
Subject key identifier: 8E:B5:73:5B:3E:B2:3E:4A:36:6C:58:B3:F8:BC:D9:1C:71:09:E5:E7
Certificate issuer: /CN=baab3f0885b5566b9b1533d2096df68e549fec3e
Certificate serial: 03F15AF4
Authority key identifier: BA:AB:3F:08:85:B5:56:6B:9B:15:33:D2:09:6D:F6:8E:54:9F:EC:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqs_CIW1VmubFTPSCW32jlSf7D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/jrVzWz6yPko2bFiz-LzZHHEJ5ec.roa
Signing time: Sat 01 Jan 2022 11:57:27 +0000
ROA not before: Sat 01 Jan 2022 11:57:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51134
IP address blocks: 91.230.144.0/24 maxlen: 24
91.216.168.0/24 maxlen: 24
185.252.196.0/22 maxlen: 24
2a0c:3240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66149108 (0x3f15af4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baab3f0885b5566b9b1533d2096df68e549fec3e
Validity
Not Before: Jan 1 11:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8eb5735b3eb23e4a366c58b3f8bcd91c7109e5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:bd:d4:28:ac:57:80:3e:03:3d:ce:02:36:
b0:39:d4:b9:ed:71:a9:30:c1:cf:4b:58:b7:d6:f5:
4d:a1:ac:52:0e:00:8c:26:f6:f9:e6:f9:fc:18:27:
6e:49:e4:3b:bf:46:9b:a5:1d:d0:f7:10:90:7a:97:
f3:67:55:b9:f5:a9:46:9b:d7:8f:3a:35:cb:56:1a:
57:94:ac:be:65:f0:65:e8:e5:84:4f:a8:bc:ac:d1:
5e:48:d8:a8:76:f1:1e:bf:46:4e:86:2f:83:8f:9d:
06:11:fc:5e:91:d5:a2:5d:7f:ad:33:9f:28:d3:76:
ae:98:63:0f:70:6a:fd:a1:e5:c1:76:b4:a1:8c:e6:
2c:bc:af:c1:23:21:be:27:b3:b4:98:ae:be:92:7c:
14:c2:d8:03:85:db:63:97:b6:25:fa:ac:4e:84:a5:
40:95:a7:a7:09:b3:36:36:71:24:f7:26:48:30:be:
3f:0a:ec:cf:4d:c3:db:5c:32:d4:66:ff:f6:81:7b:
b8:02:e7:81:34:fb:98:e3:04:91:19:5f:c0:94:2f:
da:54:63:f9:88:cf:be:d8:09:6b:66:3f:fe:f1:d1:
c9:15:a0:73:82:cb:2c:2a:be:77:09:f1:11:00:c8:
5e:2c:73:39:60:15:7e:c0:43:c8:9b:4d:9c:4d:c2:
78:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B5:73:5B:3E:B2:3E:4A:36:6C:58:B3:F8:BC:D9:1C:71:09:E5:E7
X509v3 Authority Key Identifier:
keyid:BA:AB:3F:08:85:B5:56:6B:9B:15:33:D2:09:6D:F6:8E:54:9F:EC:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqs_CIW1VmubFTPSCW32jlSf7D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/jrVzWz6yPko2bFiz-LzZHHEJ5ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/uqs_CIW1VmubFTPSCW32jlSf7D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.168.0/24
91.230.144.0/24
185.252.196.0/22
IPv6:
2a0c:3240::/29
Signature Algorithm: sha256WithRSAEncryption
65:08:f4:3a:e7:35:bc:2d:b5:9e:00:df:ff:61:d9:d6:f0:6a:
47:2c:ef:5b:04:78:f2:6a:82:44:e2:63:6b:30:5b:35:45:96:
92:15:b3:15:97:8c:43:ff:7e:aa:32:8f:77:b4:98:0a:74:ee:
1a:97:1e:45:b4:14:35:46:da:8f:08:00:cc:9a:7c:54:2c:de:
ca:6e:b1:40:9a:ec:2a:f0:99:ff:12:65:4b:99:4b:79:3a:28:
bb:b0:23:79:a4:53:72:ea:35:0c:6d:43:4a:0b:c0:73:c2:62:
c0:66:82:39:55:44:ed:3b:3b:8e:e3:d9:62:58:67:7d:39:0b:
34:f5:c9:59:da:a5:ca:48:25:26:2b:74:95:32:83:89:df:97:
fa:86:ef:bc:b5:5e:3d:50:98:2c:aa:a6:d5:8c:d1:db:ab:4e:
ae:77:1d:4a:c1:87:97:3b:52:e4:80:d4:83:fd:a2:c8:07:af:
e4:11:41:b7:d7:68:22:df:a5:ca:f9:4e:0e:d7:f1:d4:be:c1:
9f:a7:75:68:b5:54:57:cb:56:88:4f:9d:be:e3:44:24:fd:bc:
15:cd:c7:7d:c8:72:13:28:e3:ff:a9:7f:8c:4c:d6:f3:35:53:
5e:4c:94:f6:39:a3:04:a2:75:bb:e3:ab:5f:94:37:dd:a8:26:
c2:91:3b:03
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEA/Fa9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YWFiM2YwODg1YjU1NjZiOWIxNTMzZDIwOTZkZjY4ZTU0OWZlYzNlMB4XDTIyMDEw
MTExNTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGViNTczNWIzZWIy
M2U0YTM2NmM1OGIzZjhiY2Q5MWM3MTA5ZTVlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6fvdQorFeAPgM9zgI2sDnUue1xqTDBz0tYt9b1TaGsUg4A
jCb2+eb5/BgnbknkO79Gm6Ud0PcQkHqX82dVufWpRpvXjzo1y1YaV5SsvmXwZejl
hE+ovKzRXkjYqHbxHr9GToYvg4+dBhH8XpHVol1/rTOfKNN2rphjD3Bq/aHlwXa0
oYzmLLyvwSMhvieztJiuvpJ8FMLYA4XbY5e2JfqsToSlQJWnpwmzNjZxJPcmSDC+
Pwrsz03D21wy1Gb/9oF7uALngTT7mOMEkRlfwJQv2lRj+YjPvtgJa2Y//vHRyRWg
c4LLLCq+dwnxEQDIXixzOWAVfsBDyJtNnE3CeCsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSOtXNbPrI+SjZsWLP4vNkccQnl5zAfBgNVHSMEGDAWgBS6qz8IhbVWa5sV
M9IJbfaOVJ/sPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Vxc19DSVcxVm11YkZUUFNDVzMyamxTZjdENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvY2QxMTFjLTJkN2YtNDRmMy05ZWI2LTlhZjEzZjgzNjg3OS8x
L2pyVnpXejZ5UGtvMmJGaXotTHpaSEhFSjVlYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
Y2QxMTFjLTJkN2YtNDRmMy05ZWI2LTlhZjEzZjgzNjg3OS8xL3Vxc19DSVcxVm11
YkZUUFNDVzMyamxTZjdENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFvYqAMEAFvmkAMEArn8xDANBAIA
AjAHAwUDKgwyQDANBgkqhkiG9w0BAQsFAAOCAQEAZQj0Ouc1vC21ngDf/2HZ1vBq
RyzvWwR48mqCROJjazBbNUWWkhWzFZeMQ/9+qjKPd7SYCnTuGpceRbQUNUbajwgA
zJp8VCzeym6xQJrsKvCZ/xJlS5lLeToou7AjeaRTcuo1DG1DSgvAc8JiwGaCOVVE
7Ts7juPZYlhnfTkLNPXJWdqlykglJit0lTKDid+X+obvvLVePVCYLKqm1YzR26tO
rncdSsGHlztS5IDUg/2iyAev5BFBt9doIt+lyvlODtfx1L7Bn6d1aLVUV8tWiE+d
vuNEJP28Fc3HfchyEyjj/6l/jEzW8zVTXkyU9jmjBKJ1u+OrX5Q33agmwpE7Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:15 2024 by rpki-client on console-ams.rpki-client.org