Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/6WhOQldv8nZBTQ7RNqJAfH1btHQ.roa
File: 6WhOQldv8nZBTQ7RNqJAfH1btHQ.roa (raw, json)
Hash identifier: kNi8PKMO4NaB6vj873nLUM8uxXlDrrVf/iGJLYriWrU=
Subject key identifier: E9:68:4E:42:57:6F:F2:76:41:4D:0E:D1:36:A2:40:7C:7D:5B:B4:74
Certificate issuer: /CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6
Certificate serial: 018515E1245C6084D56AA113A4BC37F74C2A
Authority key identifier: 3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/6WhOQldv8nZBTQ7RNqJAfH1btHQ.roa
Signing time: Thu 15 Dec 2022 13:02:34 +0000
ROA not before: Thu 15 Dec 2022 13:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199296
IP address blocks: 91.233.136.0/22 maxlen: 22
2a13:60c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:e1:24:5c:60:84:d5:6a:a1:13:a4:bc:37:f7:4c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6
Validity
Not Before: Dec 15 13:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9684e42576ff276414d0ed136a2407c7d5bb474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bb:c2:24:7c:89:13:48:58:5c:60:4b:e9:45:
dd:2b:17:aa:ef:9e:bc:63:3f:ee:90:e6:6d:3b:27:
fb:f3:c5:32:be:61:94:00:96:e3:87:77:6a:dc:02:
01:f1:fd:c4:e4:4a:cf:7a:a0:cf:43:b7:3b:24:ae:
79:3e:10:54:83:3d:2f:9b:59:60:80:e8:dd:1e:a4:
ce:53:19:d8:f2:eb:76:73:62:16:f2:da:6a:af:f0:
49:1c:af:a0:66:8a:f3:48:0c:36:c0:09:4f:3a:35:
82:12:bc:38:4f:1d:5a:29:ed:74:85:98:df:c9:e8:
ff:57:7a:f4:56:86:56:0d:fe:93:b7:c2:8d:e2:2f:
1a:76:1a:c9:89:5b:05:8d:ef:ea:63:3a:fc:af:5f:
34:70:ed:01:9b:4f:2c:b3:dc:80:5c:85:e4:2e:50:
fa:b3:97:e7:73:1d:a0:5d:8e:93:2e:13:1a:fc:52:
73:8f:82:fc:eb:ab:23:51:df:43:6d:ba:02:c8:8a:
2d:e0:a1:a1:e4:a6:63:57:f9:eb:aa:33:6a:48:f5:
a8:76:5a:8e:5c:4d:ec:18:91:be:6b:6f:d6:f7:85:
b7:d5:39:a3:be:75:ae:91:54:e0:21:be:aa:cd:b1:
37:fc:ef:9f:30:f7:ec:4b:13:e4:30:1e:fc:b4:1e:
24:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:68:4E:42:57:6F:F2:76:41:4D:0E:D1:36:A2:40:7C:7D:5B:B4:74
X509v3 Authority Key Identifier:
keyid:3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/6WhOQldv8nZBTQ7RNqJAfH1btHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.136.0/22
IPv6:
2a13:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
81:63:0e:1e:5d:b8:ed:15:89:08:08:c3:b0:2b:a8:4f:9c:7f:
c5:81:74:a3:37:a4:42:b0:c2:67:b3:0b:98:44:27:96:f4:01:
75:24:7a:9c:c7:15:60:7c:60:24:a1:5a:de:c6:b2:ef:1d:d0:
22:a6:34:78:56:e1:fe:af:8e:d5:ea:b0:04:bf:9b:80:69:88:
84:57:fd:bb:cc:98:b6:de:94:0a:dc:78:8d:13:b7:16:4a:47:
34:9b:42:01:7d:10:ea:3c:69:5b:56:c9:fa:1a:44:e9:49:74:
21:f5:87:03:7c:c5:8b:84:c9:16:3b:ab:8e:ce:82:d6:fa:ec:
5a:57:3a:6a:bb:af:6f:74:29:4e:36:6b:9e:6f:37:28:f7:16:
44:89:32:95:97:fe:06:6b:55:8b:1c:91:39:46:7b:9d:62:08:
7f:b0:b5:60:4d:73:9a:cd:cc:ad:3e:c1:b7:5b:ec:ec:02:0b:
b5:07:d2:d0:86:55:17:96:7b:2c:4b:6b:7d:94:b9:9a:29:d7:
f5:62:94:9d:6a:85:5e:c8:a3:9b:de:67:32:a3:be:f0:73:09:
0f:cb:fc:86:53:57:7a:48:27:f7:be:73:cf:ad:3c:32:e2:01:
79:59:aa:b8:6d:74:14:3d:c1:b0:aa:79:48:8c:7f:97:ac:7e:
4b:8d:15:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUV4SRcYITVaqETpLw390wqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZjQ2OGQxNTE1YWQ2ZjE0Y2E2OWNmOWM3NzJlNWNiNTdk
Mjc3ZDYwHhcNMjIxMjE1MTMwMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTY4NGU0MjU3NmZmMjc2NDE0ZDBlZDEzNmEyNDA3YzdkNWJiNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7vCJHyJE0hYXGBL6UXdKxeq7568
Yz/ukOZtOyf788UyvmGUAJbjh3dq3AIB8f3E5ErPeqDPQ7c7JK55PhBUgz0vm1lg
gOjdHqTOUxnY8ut2c2IW8tpqr/BJHK+gZorzSAw2wAlPOjWCErw4Tx1aKe10hZjf
yej/V3r0VoZWDf6Tt8KN4i8adhrJiVsFje/qYzr8r180cO0Bm08ss9yAXIXkLlD6
s5fncx2gXY6TLhMa/FJzj4L866sjUd9DbboCyIot4KGh5KZjV/nrqjNqSPWodlqO
XE3sGJG+a2/W94W31TmjvnWukVTgIb6qzbE3/O+fMPfsSxPkMB78tB4kYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOloTkJXb/J2QU0O0TaiQHx9W7R0MB8GA1UdIwQY
MBaAFDv0aNFRWtbxTKac+cdy5ctX0nfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAt
NDYxMTA0NmYxYTRlLzEvNldoT1FsZHY4blpCVFE3Uk5xSkFmSDFidEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAtNDYxMTA0NmYxYTRl
LzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW+mIMA0E
AgACMAcDBQAqE2DAMA0GCSqGSIb3DQEBCwUAA4IBAQCBYw4eXbjtFYkICMOwK6hP
nH/FgXSjN6RCsMJnswuYRCeW9AF1JHqcxxVgfGAkoVrexrLvHdAipjR4VuH+r47V
6rAEv5uAaYiEV/27zJi23pQK3HiNE7cWSkc0m0IBfRDqPGlbVsn6GkTpSXQh9YcD
fMWLhMkWO6uOzoLW+uxaVzpqu69vdClONmuebzco9xZEiTKVl/4Ga1WLHJE5Rnud
Ygh/sLVgTXOazcytPsG3W+zsAgu1B9LQhlUXlnssS2t9lLmaKdf1YpSdaoVeyKOb
3mcyo77wcwkPy/yGU1d6SCf3vnPPrTwy4gF5Waq4bXQUPcGwqnlIjH+XrH5LjRXA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:07 2024 by rpki-client on console-fra.rpki-client.org