Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/4XfJy1MptCRPGY8obtup4OxBziQ.roa
File: 4XfJy1MptCRPGY8obtup4OxBziQ.roa (raw, json)
Hash identifier: R5E4Pe1PiSOmDZOL2N7MrEZ4OHKLq6H5AXO7hQE4404=
Subject key identifier: E1:77:C9:CB:53:29:B4:24:4F:19:8F:28:6E:DB:A9:E0:EC:41:CE:24
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 04C42B3B
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/4XfJy1MptCRPGY8obtup4OxBziQ.roa
Signing time: Thu 14 Apr 2022 07:01:10 +0000
ROA not before: Thu 14 Apr 2022 07:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.213.186.0/24 maxlen: 24
91.213.189.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.104.0/24 maxlen: 24
91.216.215.0/24 maxlen: 24
91.208.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79964987 (0x4c42b3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Apr 14 07:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e177c9cb5329b4244f198f286edba9e0ec41ce24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:4e:e0:d8:88:a6:e8:1b:16:a6:bd:bc:82:
cb:e3:a9:60:7a:ac:13:a7:cd:6c:5e:2c:bd:b6:73:
ba:48:05:2b:2f:9a:6e:33:3a:dc:11:c4:9b:b1:e1:
4a:74:cd:00:03:8b:42:71:4c:45:cc:ec:03:17:e7:
49:df:a7:70:35:45:94:2e:8e:f6:ba:aa:28:0f:5c:
4a:4d:da:69:05:9b:c4:39:4c:d6:7d:40:f9:1f:35:
f1:22:25:63:ee:b6:59:ae:d4:76:a4:9e:af:f7:b1:
c4:e3:77:75:93:a3:90:d4:76:7c:2d:55:67:60:5d:
c9:09:59:03:b7:8d:4d:8c:7f:b1:4a:68:32:ac:24:
bf:05:24:ae:b6:d2:c6:c4:d2:79:c3:d1:f4:de:aa:
5c:a6:c7:f6:5d:a5:1b:38:cf:ab:76:3d:6f:40:d6:
71:89:db:ae:a5:c9:02:3f:de:63:d0:af:c9:d5:c2:
37:5d:03:48:f5:2a:7e:4a:62:e1:58:5c:48:6c:b8:
6c:cd:ad:8f:8a:d3:14:c1:ba:ac:35:aa:3d:5d:fb:
0a:0f:2f:0e:36:f9:fb:8f:54:07:7c:52:94:08:6a:
b6:89:1b:b8:2e:67:94:e0:47:fe:48:ed:c9:a3:b0:
3d:9a:a7:51:0c:ab:95:69:18:ca:d9:81:02:6c:78:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:77:C9:CB:53:29:B4:24:4F:19:8F:28:6E:DB:A9:E0:EC:41:CE:24
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/4XfJy1MptCRPGY8obtup4OxBziQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.104.0/24
91.208.109.0/24
91.213.186.0/24
91.213.189.0/24
91.213.200.0/24
91.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:cd:6f:95:5b:2d:7a:a4:c8:20:66:1a:db:de:db:a3:ec:37:
3d:33:f0:d8:f4:c7:81:ec:4e:ea:e3:03:7a:84:6e:7b:02:98:
cc:2e:95:af:8f:6d:63:d3:8c:fc:65:55:8f:76:e5:8f:ef:3e:
db:1a:19:b7:93:b8:da:85:8c:2a:07:84:ba:6b:21:fe:01:65:
d9:b9:dd:65:5c:92:fd:cb:59:1d:b9:32:f8:e5:2b:f3:32:e9:
9a:65:e7:0c:00:86:3c:97:09:a3:2a:35:31:8e:f2:33:03:94:
23:63:99:31:fa:42:90:b2:7f:d8:73:7f:01:2e:0f:12:24:90:
a0:c5:c7:f5:37:dc:24:2a:59:ee:1f:83:7d:e0:7e:a8:58:cc:
c1:1b:0e:ae:db:ca:8d:64:8c:be:d4:0a:71:4f:ab:87:72:8e:
43:5a:c0:61:7f:a8:c0:37:9c:40:ba:6d:1f:05:53:28:e9:dc:
aa:e9:dd:81:96:ec:cd:6c:1e:6d:69:6a:4b:ac:cc:55:89:6f:
a7:6d:d2:22:95:48:22:0a:66:7a:0c:9e:af:1c:0b:86:a7:e2:
22:42:94:ae:ed:23:2e:6d:87:21:d7:0b:53:21:30:91:ad:db:
0f:59:db:dc:3f:9c:1b:ad:df:14:39:b0:82:b2:43:a8:43:42:
8e:03:26:b7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBMQrOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDQx
NDA3MDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE3N2M5Y2I1MzI5
YjQyNDRmMTk4ZjI4NmVkYmE5ZTBlYzQxY2UyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgOTuDYiKboGxamvbyCy+OpYHqsE6fNbF4svbZzukgFKy+a
bjM63BHEm7HhSnTNAAOLQnFMRczsAxfnSd+ncDVFlC6O9rqqKA9cSk3aaQWbxDlM
1n1A+R818SIlY+62Wa7UdqSer/exxON3dZOjkNR2fC1VZ2BdyQlZA7eNTYx/sUpo
MqwkvwUkrrbSxsTSecPR9N6qXKbH9l2lGzjPq3Y9b0DWcYnbrqXJAj/eY9CvydXC
N10DSPUqfkpi4VhcSGy4bM2tj4rTFMG6rDWqPV37Cg8vDjb5+49UB3xSlAhqtokb
uC5nlOBH/kjtyaOwPZqnUQyrlWkYytmBAmx4lpsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBThd8nLUym0JE8Zjyhu26ng7EHOJDAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
LzRYZkp5MU1wdENSUEdZOG9idHVwNE94QnppUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFvQaAMEAFvQbQMEAFvVugMEAFvV
vQMEAFvVyAMEAFvY1zANBgkqhkiG9w0BAQsFAAOCAQEACs1vlVsteqTIIGYa297b
o+w3PTPw2PTHgexO6uMDeoRuewKYzC6Vr49tY9OM/GVVj3blj+8+2xoZt5O42oWM
KgeEumsh/gFl2bndZVyS/ctZHbky+OUr8zLpmmXnDACGPJcJoyo1MY7yMwOUI2OZ
MfpCkLJ/2HN/AS4PEiSQoMXH9TfcJCpZ7h+DfeB+qFjMwRsOrtvKjWSMvtQKcU+r
h3KOQ1rAYX+owDecQLptHwVTKOncqundgZbszWwebWlqS6zMVYlvp23SIpVIIgpm
egyerxwLhqfiIkKUru0jLm2HIdcLUyEwka3bD1nb3D+cG63fFDmwgrJDqENCjgMm
tw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:01 2023 by rpki-client on console-fra.rpki-client.org