Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/v-_Pq-55H6xIdPAmp4jxpourGy0.roa
File: v-_Pq-55H6xIdPAmp4jxpourGy0.roa (raw, json)
Hash identifier: ULouIG5pC+qzsjt9/rpP8aoxeGzVj1a7C58xiaMTGMM=
Subject key identifier: BF:EF:CF:AB:EE:79:1F:AC:48:74:F0:26:A7:88:F1:A6:8B:AB:1B:2D
Certificate issuer: /CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Certificate serial: D3EBE2
Authority key identifier: 35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/v-_Pq-55H6xIdPAmp4jxpourGy0.roa
Signing time: Sat 01 Jan 2022 05:54:38 +0000
ROA not before: Sat 01 Jan 2022 05:54:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24971
IP address blocks: 91.213.160.0/24 maxlen: 24
2001:67c:68::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13888482 (0xd3ebe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Validity
Not Before: Jan 1 05:54:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfefcfabee791fac4874f026a788f1a68bab1b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8c:d6:5f:3d:19:69:2f:b1:05:a2:e6:c7:e2:
76:04:1e:38:74:2b:11:e1:2b:6b:9f:89:10:d1:f4:
37:de:8c:ec:08:94:f6:92:32:f4:f3:14:db:ed:a6:
0a:68:4b:06:4c:d3:db:21:2a:25:62:3e:ff:70:a4:
cc:a7:55:7d:a3:47:33:79:8e:5e:95:66:4b:43:7f:
ea:e3:ad:02:5a:c5:d3:a4:a4:b0:39:14:1a:ca:ea:
3a:24:c8:cc:4a:eb:c2:87:5a:85:af:18:31:fa:1c:
38:7f:f7:bd:37:fd:96:15:1b:6f:7a:e0:2e:7b:29:
d6:17:96:b4:43:79:e2:81:f7:df:90:92:29:0a:dd:
66:9a:e1:10:27:6e:eb:1d:82:4a:d4:49:47:84:66:
26:81:a9:06:79:7a:2c:cb:fc:65:ae:05:3e:19:e2:
1a:a2:95:f4:d2:c9:e5:0a:75:e7:90:1c:91:d3:84:
35:72:26:01:a6:ba:73:bf:84:de:01:f6:7b:88:0b:
32:8f:48:79:df:f1:18:0e:fe:2c:e1:96:86:be:80:
94:81:21:60:45:9b:23:91:3f:58:a5:fb:d8:e2:b9:
50:db:d4:d0:65:01:97:ed:e8:c1:2a:44:cd:eb:0d:
64:53:28:a2:80:3e:4f:13:2c:ca:7e:d2:f8:a2:be:
55:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:EF:CF:AB:EE:79:1F:AC:48:74:F0:26:A7:88:F1:A6:8B:AB:1B:2D
X509v3 Authority Key Identifier:
keyid:35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/v-_Pq-55H6xIdPAmp4jxpourGy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.160.0/24
IPv6:
2001:67c:68::/48
Signature Algorithm: sha256WithRSAEncryption
73:5e:c3:80:a3:60:2a:96:ae:e9:1d:c2:1a:4f:25:20:8c:13:
1b:6c:74:5c:ac:cc:ef:61:23:f4:37:69:92:1a:04:33:dc:a3:
a2:20:fe:24:bc:4e:4e:45:87:91:57:de:06:6c:fa:2d:65:32:
7a:d5:72:3c:ac:e0:59:8f:8c:e4:ba:d1:68:7a:31:dc:a2:e8:
6c:69:ce:b1:63:d9:e6:af:ff:11:c1:50:43:e8:d1:c6:fe:a6:
38:2a:ee:bc:f2:bd:cb:5d:2f:9f:d2:dc:ff:6c:47:53:94:77:
97:43:8c:aa:c6:2b:91:a1:11:d7:ed:9b:50:44:2a:81:d2:19:
99:b5:8e:1e:7a:1b:80:f2:19:17:59:50:08:50:c6:7f:fd:37:
56:6d:62:df:2a:81:3a:d0:32:79:0b:78:35:d4:f9:70:76:88:
ae:60:e6:d1:0c:67:db:cb:66:0e:79:f6:73:52:29:67:2b:67:
7c:2e:b6:e7:7e:a0:02:04:5a:9b:ae:11:d5:86:a9:ca:09:86:
3f:b5:ec:9e:b3:04:8b:9a:2c:42:9a:c6:3e:44:99:0a:ea:e0:
de:76:1b:32:84:85:77:df:b3:31:b8:57:80:69:48:6c:a9:ba:
85:79:30:b9:9c:cf:93:88:d3:28:d8:ed:ec:2d:07:af:fc:82:
fd:53:83:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEANPr4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTE0ZmY2N2YzYjhkNGY2ZjZiZGEyM2VjYmJjN2IwZjA5ZmU2MDgwMB4XDTIyMDEw
MTA1NTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZlZmNmYWJlZTc5
MWZhYzQ4NzRmMDI2YTc4OGYxYTY4YmFiMWIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqM1l89GWkvsQWi5sfidgQeOHQrEeEra5+JENH0N96M7AiU
9pIy9PMU2+2mCmhLBkzT2yEqJWI+/3CkzKdVfaNHM3mOXpVmS0N/6uOtAlrF06Sk
sDkUGsrqOiTIzErrwodaha8YMfocOH/3vTf9lhUbb3rgLnsp1heWtEN54oH335CS
KQrdZprhECdu6x2CStRJR4RmJoGpBnl6LMv8Za4FPhniGqKV9NLJ5Qp155AckdOE
NXImAaa6c7+E3gH2e4gLMo9Ied/xGA7+LOGWhr6AlIEhYEWbI5E/WKX72OK5UNvU
0GUBl+3owSpEzesNZFMoooA+TxMsyn7S+KK+VY8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS/78+r7nkfrEh08CaniPGmi6sbLTAfBgNVHSMEGDAWgBQ1FP9n87jU9va9
oj7LvHsPCf5ggDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05SVF9aX080MVBiMnZhSS15N3g3RHduLVlJQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTgxNWIzLWM0OGMtNGZmOS05ODlkLTg4NTRjOTJkNDdiMS8x
L3YtX1BxLTU1SDZ4SWRQQW1wNGp4cG91ckd5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTgxNWIzLWM0OGMtNGZmOS05ODlkLTg4NTRjOTJkNDdiMS8xL05SVF9aX080MVBi
MnZhSS15N3g3RHduLVlJQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvVoDAPBAIAAjAJAwcAIAEGfABo
MA0GCSqGSIb3DQEBCwUAA4IBAQBzXsOAo2Aqlq7pHcIaTyUgjBMbbHRcrMzvYSP0
N2mSGgQz3KOiIP4kvE5ORYeRV94GbPotZTJ61XI8rOBZj4zkutFoejHcouhsac6x
Y9nmr/8RwVBD6NHG/qY4Ku688r3LXS+f0tz/bEdTlHeXQ4yqxiuRoRHX7ZtQRCqB
0hmZtY4eehuA8hkXWVAIUMZ//TdWbWLfKoE60DJ5C3g11PlwdoiuYObRDGfby2YO
efZzUilnK2d8LrbnfqACBFqbrhHVhqnKCYY/teyeswSLmixCmsY+RJkK6uDedhsy
hIV337MxuFeAaUhsqbqFeTC5nM+TiNMo2O3sLQev/IL9U4PO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org