Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/xCZ4JlBnkMEdPIebq_nzyQdE_Ek.roa
File: xCZ4JlBnkMEdPIebq_nzyQdE_Ek.roa (raw, json)
Hash identifier: Gryf8MPsE/JQ8rZ1hSPnonPGfCsDndcpBb2MVxNXH80=
Subject key identifier: C4:26:78:26:50:67:90:C1:1D:3C:87:9B:AB:F9:F3:C9:07:44:FC:49
Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Certificate serial: 06DC5E34
Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/xCZ4JlBnkMEdPIebq_nzyQdE_Ek.roa
Signing time: Sat 01 Jan 2022 03:57:17 +0000
ROA not before: Sat 01 Jan 2022 03:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51509
IP address blocks: 91.217.92.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115105332 (0x6dc5e34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Validity
Not Before: Jan 1 03:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4267826506790c11d3c879babf9f3c90744fc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:06:6d:2b:c2:c3:c1:08:20:cf:4a:93:e4:4f:
9b:05:eb:dd:fb:ed:8b:43:17:31:c3:ab:4e:86:87:
34:a5:ad:7b:9c:ab:45:aa:63:5e:89:73:af:59:8c:
87:43:09:e8:6c:61:7d:02:cb:79:74:9b:23:8d:09:
bd:e1:06:9c:ba:4e:fe:38:a8:1d:d2:70:45:d0:b3:
3d:a9:7c:a6:72:f7:44:c5:a9:2a:79:65:d6:dc:c9:
83:2e:76:b1:67:2a:fa:ae:91:07:8e:8d:87:65:d0:
71:d1:9d:70:0b:76:7d:53:f0:bd:af:20:0f:8c:fd:
bd:b1:c0:9b:b8:36:34:83:0b:b1:04:fa:f9:69:7f:
37:df:9b:09:c1:22:ff:d4:8c:9a:c6:1f:0e:b9:70:
52:26:18:cd:e3:3d:64:4c:1c:6e:71:d7:3b:64:8a:
5b:55:91:0f:1e:f8:95:f4:0a:9e:d9:dc:44:75:0a:
db:e0:0f:c5:02:ae:8f:6b:49:df:1b:24:df:db:9c:
45:3a:39:61:6b:96:44:7e:9d:a6:86:b0:ca:03:51:
dc:f4:eb:95:44:7d:f3:c4:01:5f:ff:dd:ee:41:ac:
46:59:e3:95:3e:3d:e7:cd:a9:55:73:11:62:f7:1b:
1d:1f:d4:1f:b1:30:b7:37:0d:26:36:36:f0:1c:20:
75:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:26:78:26:50:67:90:C1:1D:3C:87:9B:AB:F9:F3:C9:07:44:FC:49
X509v3 Authority Key Identifier:
keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/xCZ4JlBnkMEdPIebq_nzyQdE_Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.92.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:4b:eb:2a:23:16:ba:a3:26:b1:52:5f:b7:cc:86:a2:d4:98:
85:c6:73:f6:49:fc:1d:8b:c3:78:44:f1:d6:b6:51:56:69:ea:
c1:8c:99:54:6b:b6:90:dc:ca:75:e1:66:47:f3:ce:72:9b:bd:
fa:1c:3a:ac:e3:86:63:5f:82:45:fd:f2:bf:b3:3d:13:d3:7e:
e0:38:d0:30:71:cc:1b:4a:7f:c4:2a:21:83:b1:2d:f0:49:53:
53:ae:5b:bf:98:f6:aa:1a:03:93:01:26:57:b6:8f:3f:7a:72:
b2:73:86:fa:c4:3c:40:01:38:c6:5c:d4:ea:8d:c4:e6:a1:81:
29:67:2b:48:a6:35:c1:76:00:34:ed:b0:f2:cc:eb:0c:3d:46:
12:a4:9e:f5:d4:77:ad:e7:50:de:bf:75:99:5d:de:4c:cc:e6:
10:9b:24:8f:41:b5:03:e9:8a:aa:94:e7:0a:d8:81:06:b4:44:
40:ee:b8:22:41:15:c5:9b:5c:ad:de:8a:ef:39:50:b1:f3:de:
8f:3d:ff:fe:bb:73:6b:51:64:c5:33:89:a2:f3:02:f4:9d:58:
98:c7:ce:e9:87:e1:2a:be:2f:f7:07:fa:7b:0e:44:e8:90:6a:
c9:49:50:b1:5d:0e:47:e2:9f:3d:11:d7:0c:88:84:1a:37:0b:
fb:36:7a:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBtxeNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDBhYTUxNjM0OTZlMDUzYTc2YjZkNjljZGM0NWY3NTAwNmNkOGRmMB4XDTIyMDEw
MTAzNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQyNjc4MjY1MDY3
OTBjMTFkM2M4NzliYWJmOWYzYzkwNzQ0ZmM0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0GbSvCw8EIIM9Kk+RPmwXr3fvti0MXMcOrToaHNKWte5yr
RapjXolzr1mMh0MJ6GxhfQLLeXSbI40JveEGnLpO/jioHdJwRdCzPal8pnL3RMWp
Knll1tzJgy52sWcq+q6RB46Nh2XQcdGdcAt2fVPwva8gD4z9vbHAm7g2NIMLsQT6
+Wl/N9+bCcEi/9SMmsYfDrlwUiYYzeM9ZEwcbnHXO2SKW1WRDx74lfQKntncRHUK
2+APxQKuj2tJ3xsk39ucRTo5YWuWRH6dpoawygNR3PTrlUR988QBX//d7kGsRlnj
lT49582pVXMRYvcbHR/UH7EwtzcNJjY28BwgdZUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEJngmUGeQwR08h5ur+fPJB0T8STAfBgNVHSMEGDAWgBS0CqUWNJbgU6dr
bWnNxF91AGzY3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RBcWxGalNXNEZPbmEyMXB6Y1JmZFFCczJOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvYTIwZmIwLTViOGQtNDUxNy1iNDZlLWM3MmNiYWMyODVmOC8x
L3hDWjRKbEJua01FZFBJZWJxX256eVFkRV9Fay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
YTIwZmIwLTViOGQtNDUxNy1iNDZlLWM3MmNiYWMyODVmOC8xL3RBcWxGalNXNEZP
bmEyMXB6Y1JmZFFCczJOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvZXDANBgkqhkiG9w0BAQsFAAOC
AQEAS0vrKiMWuqMmsVJft8yGotSYhcZz9kn8HYvDeETx1rZRVmnqwYyZVGu2kNzK
deFmR/POcpu9+hw6rOOGY1+CRf3yv7M9E9N+4DjQMHHMG0p/xCohg7Et8ElTU65b
v5j2qhoDkwEmV7aPP3pysnOG+sQ8QAE4xlzU6o3E5qGBKWcrSKY1wXYANO2w8szr
DD1GEqSe9dR3redQ3r91mV3eTMzmEJskj0G1A+mKqpTnCtiBBrREQO64IkEVxZtc
rd6K7zlQsfPejz3//rtza1FkxTOJovMC9J1YmMfO6YfhKr4v9wf6ew5E6JBqyUlQ
sV0OR+KfPRHXDIiEGjcL+zZ6Nw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:47 2023 by rpki-client on console-fra.rpki-client.org