Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/gYciRyVZ2i4DQ4ZxuS2GN8xmJlI.roa
File: gYciRyVZ2i4DQ4ZxuS2GN8xmJlI.roa (raw, json)
Hash identifier: J8JPxYTPpi9Hb67S41Hv8KUwZ+IN3yV0ansn+x64AD8=
Subject key identifier: 81:87:22:47:25:59:DA:2E:03:43:86:71:B9:2D:86:37:CC:66:26:52
Certificate issuer: /CN=63c657190fed73f6bbe765f4b68201fd5555e3c8
Certificate serial: 0182B5FE4BE781C1943DDE6B5445713FE26C
Authority key identifier: 63:C6:57:19:0F:ED:73:F6:BB:E7:65:F4:B6:82:01:FD:55:55:E3:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8ZXGQ_tc_a752X0toIB_VVV48g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/gYciRyVZ2i4DQ4ZxuS2GN8xmJlI.roa
Signing time: Fri 19 Aug 2022 12:05:17 +0000
ROA not before: Fri 19 Aug 2022 12:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198356
IP address blocks: 91.234.24.0/24 maxlen: 24
91.234.24.0/22 maxlen: 22
91.234.26.0/24 maxlen: 24
91.234.27.0/24 maxlen: 24
91.234.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:fe:4b:e7:81:c1:94:3d:de:6b:54:45:71:3f:e2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c657190fed73f6bbe765f4b68201fd5555e3c8
Validity
Not Before: Aug 19 12:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=818722472559da2e03438671b92d8637cc662652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dc:39:8c:e3:3a:8c:71:cd:07:7e:07:5d:f1:
5d:1b:56:5f:73:75:0a:9b:96:af:24:f8:0d:d9:7d:
94:2a:ff:b4:53:87:d2:38:dd:3c:57:e6:67:0b:8e:
5e:f0:c8:7c:b9:34:c1:86:48:20:88:5a:bd:8d:b9:
78:4a:84:e5:ff:bf:bb:b6:cd:c0:83:61:5a:34:4c:
7f:cf:a0:fc:83:a2:9a:70:79:96:29:f5:66:aa:37:
e7:d0:86:eb:6e:01:02:a3:5d:c0:12:f0:04:9f:a8:
41:a0:49:12:c3:fb:81:9f:32:88:7c:70:04:78:4f:
44:26:80:29:b6:89:ad:52:cb:f5:ab:c6:aa:0b:43:
43:ee:12:ad:f1:d4:e0:e6:29:a0:6a:94:56:3d:e5:
3f:39:68:ff:ac:2e:da:43:2b:8e:c3:f5:d1:13:b8:
a6:7e:6f:97:22:1b:c1:d1:f0:28:3b:73:bc:3a:08:
75:37:e1:d2:33:85:09:89:57:92:e4:28:d7:75:2b:
9a:3b:39:d1:5e:98:ff:73:65:12:88:33:09:64:69:
bc:66:04:50:0f:ed:77:d1:54:66:58:72:31:d1:5e:
7e:37:9c:5f:6a:b9:44:ac:14:f4:19:2f:ad:fa:3c:
0f:9e:17:77:78:5d:23:78:f5:77:3a:19:1f:b6:c7:
17:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:87:22:47:25:59:DA:2E:03:43:86:71:B9:2D:86:37:CC:66:26:52
X509v3 Authority Key Identifier:
keyid:63:C6:57:19:0F:ED:73:F6:BB:E7:65:F4:B6:82:01:FD:55:55:E3:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8ZXGQ_tc_a752X0toIB_VVV48g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/gYciRyVZ2i4DQ4ZxuS2GN8xmJlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/Y8ZXGQ_tc_a752X0toIB_VVV48g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.24.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:e3:b8:41:d2:9a:43:2a:ec:91:88:8e:4a:ac:c4:63:c4:12:
a7:97:5f:20:2b:55:e6:ef:f2:25:a7:03:4e:50:d5:55:87:59:
6b:d5:43:9d:88:01:e4:ff:54:b8:2b:2b:3a:7c:5c:d5:5e:c3:
76:e4:ee:ea:58:4b:aa:f5:ee:82:5b:39:57:de:28:e9:bd:3c:
e0:9c:4e:8e:5c:5f:08:ea:28:97:9c:1a:13:58:f1:fe:40:6d:
b8:a1:46:06:a5:77:f9:87:2a:34:6d:83:a3:0f:c3:78:a3:6a:
63:4c:4e:f8:6d:ff:b2:52:5d:f4:4b:a9:c0:26:8f:ae:bd:6c:
63:2a:89:f5:25:e2:f8:31:1e:14:bd:00:bb:27:cf:76:1b:cc:
94:0f:17:f8:e5:a0:82:11:89:c5:aa:dc:b7:ad:f8:c4:98:22:
23:72:2e:af:27:03:b1:d2:57:12:00:10:a1:75:65:93:6d:16:
7a:71:c2:38:d6:f0:1e:6e:73:4b:8f:17:92:48:0a:2b:04:6a:
dd:c7:42:4a:55:dd:95:d1:e1:a3:b3:6e:bb:63:5a:da:74:3c:
49:c3:fe:8d:42:1a:17:bf:c7:ad:3a:28:8e:21:72:84:3e:fa:
ed:8f:e1:ec:2d:09:93:51:c6:d3:a1:b1:e4:f4:aa:2c:c6:1c:
7f:d2:21:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYK1/kvngcGUPd5rVEVxP+JsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzY1NzE5MGZlZDczZjZiYmU3NjVmNGI2ODIwMWZkNTU1
NWUzYzgwHhcNMjIwODE5MTIwNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTg3MjI0NzI1NTlkYTJlMDM0Mzg2NzFiOTJkODYzN2NjNjYyNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNw5jOM6jHHNB34HXfFdG1Zfc3UK
m5avJPgN2X2UKv+0U4fSON08V+ZnC45e8Mh8uTTBhkggiFq9jbl4SoTl/7+7ts3A
g2FaNEx/z6D8g6KacHmWKfVmqjfn0IbrbgECo13AEvAEn6hBoEkSw/uBnzKIfHAE
eE9EJoAptomtUsv1q8aqC0ND7hKt8dTg5imgapRWPeU/OWj/rC7aQyuOw/XRE7im
fm+XIhvB0fAoO3O8Ogh1N+HSM4UJiVeS5CjXdSuaOznRXpj/c2USiDMJZGm8ZgRQ
D+130VRmWHIx0V5+N5xfarlErBT0GS+t+jwPnhd3eF0jePV3OhkftscXmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGHIkclWdouA0OGcbkthjfMZiZSMB8GA1UdIwQY
MBaAFGPGVxkP7XP2u+dl9LaCAf1VVePIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThaWEdRX3RjX2E3NTJYMHRvSUJfVlZWNDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNTBiODgtODhlZS00MjM0LWE1ZTgt
YWE3NzMwYjJiNGYzLzEvZ1ljaVJ5VloyaTREUTRaeHVTMkdOOHhtSmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNTBiODgtODhlZS00MjM0LWE1ZTgtYWE3NzMwYjJiNGYz
LzEvWThaWEdRX3RjX2E3NTJYMHRvSUJfVlZWNDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+oYMA0G
CSqGSIb3DQEBCwUAA4IBAQA+47hB0ppDKuyRiI5KrMRjxBKnl18gK1Xm7/IlpwNO
UNVVh1lr1UOdiAHk/1S4Kys6fFzVXsN25O7qWEuq9e6CWzlX3ijpvTzgnE6OXF8I
6iiXnBoTWPH+QG24oUYGpXf5hyo0bYOjD8N4o2pjTE74bf+yUl30S6nAJo+uvWxj
Kon1JeL4MR4UvQC7J892G8yUDxf45aCCEYnFqty3rfjEmCIjci6vJwOx0lcSABCh
dWWTbRZ6ccI41vAebnNLjxeSSAorBGrdx0JKVd2V0eGjs267Y1radDxJw/6NQhoX
v8etOiiOIXKEPvrtj+HsLQmTUcbTobHk9Kosxhx/0iG7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:10 2024 by rpki-client on console-fra.rpki-client.org