Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/bSrfbpRyPkODwcrhCC2CFjyjCoI.roa
File: bSrfbpRyPkODwcrhCC2CFjyjCoI.roa (raw, json)
Hash identifier: qaMuYVr/pPBp35eStTXQw0BK3QuNMVqb5+gLPzbZII8=
Subject key identifier: 6D:2A:DF:6E:94:72:3E:43:83:C1:CA:E1:08:2D:82:16:3C:A3:0A:82
Certificate issuer: /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial: 01853F484FD370D9D5121C6FE33FE48E410C
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/bSrfbpRyPkODwcrhCC2CFjyjCoI.roa
Signing time: Fri 23 Dec 2022 13:59:41 +0000
ROA not before: Fri 23 Dec 2022 13:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211703
IP address blocks: 91.217.219.0/24 maxlen: 24
2a12:62c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:48:4f:d3:70:d9:d5:12:1c:6f:e3:3f:e4:8e:41:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Validity
Not Before: Dec 23 13:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d2adf6e94723e4383c1cae1082d82163ca30a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1b:52:08:c3:63:0d:c1:3a:30:44:7c:0a:41:
67:8f:40:c4:73:df:cf:19:fc:7d:30:15:41:a9:be:
e1:1b:ac:33:da:d5:6a:c0:65:41:7a:36:0d:50:9d:
a8:91:f5:7b:62:3f:4f:cd:5b:c5:ed:07:be:11:94:
71:a2:c0:e1:c1:4f:24:63:b5:82:5b:51:de:03:9c:
d7:07:2b:68:32:56:d5:4e:d0:3e:00:e5:7e:e0:2d:
52:72:6c:7d:8e:17:70:88:78:da:27:73:16:1d:bb:
b4:30:ab:21:60:32:b6:1d:d8:f1:38:ff:59:b6:9c:
50:85:3a:55:d9:21:0f:b2:c4:4a:52:84:f2:d4:85:
dc:76:9c:82:03:88:e9:08:99:ad:6d:ec:68:3b:04:
ff:3e:db:b0:ce:24:33:be:c1:ee:d6:ff:65:a1:9b:
06:a3:14:96:c4:82:b0:b7:09:fa:d6:a5:77:07:3c:
48:ae:0a:ae:9c:4c:97:80:d2:16:7d:7f:4f:b6:ff:
24:ac:71:3c:49:9e:24:56:6a:e3:14:ed:6b:1c:8a:
03:3b:6f:95:26:d1:4a:cc:a1:f5:55:c5:77:41:3a:
30:ce:9d:20:52:ba:74:8d:8c:9c:83:42:59:9d:28:
70:8d:ec:3d:91:b5:de:d5:10:1c:88:2a:5c:a6:90:
60:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2A:DF:6E:94:72:3E:43:83:C1:CA:E1:08:2D:82:16:3C:A3:0A:82
X509v3 Authority Key Identifier:
keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/bSrfbpRyPkODwcrhCC2CFjyjCoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:ef:3c:5c:5c:19:76:dc:50:a1:15:1d:ea:ea:9c:fa:9c:7e:
e5:41:4a:85:44:35:a5:01:b6:cb:8c:ee:a7:fa:db:ad:10:1b:
f8:99:e6:ab:1f:5f:94:dc:e5:75:45:2c:b3:bb:09:ed:fe:02:
12:7d:1f:2c:00:3b:c2:54:ce:fd:5b:e5:0b:f9:62:38:16:30:
fd:91:ea:f3:b3:e4:6d:04:88:d6:c8:cf:ec:16:5e:9a:dd:b1:
40:3e:9a:d7:a2:e2:43:d2:08:34:55:bf:88:24:0f:d3:42:86:
50:66:78:a0:27:f4:86:2c:1a:ef:ab:fb:f0:d7:ba:ff:fc:60:
67:c9:a9:c9:e2:66:cd:64:b3:12:a1:b5:39:f9:4d:98:1d:38:
39:a8:c8:83:01:c3:cc:8b:77:3d:6b:e2:e5:50:00:de:af:8c:
ba:44:4c:d4:f7:fe:86:55:7f:a6:7e:8a:58:55:80:fc:a8:b3:
63:b8:9d:31:84:41:2c:7c:fb:38:2e:7c:b0:aa:05:11:84:8b:
f0:95:e4:0f:4b:f0:9f:58:44:1c:b7:b7:8b:51:1a:ab:30:6f:
c8:dd:1a:b8:56:44:db:ef:5f:e0:cc:e1:8d:90:ff:3f:77:e7:
e6:a7:05:29:8d:9b:9d:09:ad:64:fc:0e:ba:af:0d:e5:6c:32:
66:62:2c:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYU/SE/TcNnVEhxv4z/kjkEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjIxMjIzMTM1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJhZGY2ZTk0NzIzZTQzODNjMWNhZTEwODJkODIxNjNjYTMwYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxtSCMNjDcE6MER8CkFnj0DEc9/P
Gfx9MBVBqb7hG6wz2tVqwGVBejYNUJ2okfV7Yj9PzVvF7Qe+EZRxosDhwU8kY7WC
W1HeA5zXBytoMlbVTtA+AOV+4C1Scmx9jhdwiHjaJ3MWHbu0MKshYDK2HdjxOP9Z
tpxQhTpV2SEPssRKUoTy1IXcdpyCA4jpCJmtbexoOwT/PtuwziQzvsHu1v9loZsG
oxSWxIKwtwn61qV3BzxIrgqunEyXgNIWfX9Ptv8krHE8SZ4kVmrjFO1rHIoDO2+V
JtFKzKH1VcV3QTowzp0gUrp0jYycg0JZnShwjew9kbXe1RAciCpcppBg2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG0q326Ucj5Dg8HK4QgtghY8owqCMB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvYlNyZmJwUnlQa09Ed2NyaENDMkNGanlqQ29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQAA7zxcXBl23FChFR3q6pz6
nH7lQUqFRDWlAbbLjO6n+tutEBv4mearH1+U3OV1RSyzuwnt/gISfR8sADvCVM79
W+UL+WI4FjD9kerzs+RtBIjWyM/sFl6a3bFAPprXouJD0gg0Vb+IJA/TQoZQZnig
J/SGLBrvq/vw17r//GBnyanJ4mbNZLMSobU5+U2YHTg5qMiDAcPMi3c9a+LlUADe
r4y6REzU9/6GVX+mfopYVYD8qLNjuJ0xhEEsfPs4LnywqgURhIvwleQPS/CfWEQc
t7eLURqrMG/I3Rq4VkTb71/gzOGNkP8/d+fmpwUpjZudCa1k/A66rw3lbDJmYiyM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:33 2023 by rpki-client on console-fra.rpki-client.org