Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/2oTt3Zv0yTK8JcU2XKCLIq2-eu4.roa
File: 2oTt3Zv0yTK8JcU2XKCLIq2-eu4.roa (raw, json)
Hash identifier: 0ZDgBAjT7PZbvxlLyqivS52fNB8vjv8uXctVarifuCU=
Subject key identifier: DA:84:ED:DD:9B:F4:C9:32:BC:25:C5:36:5C:A0:8B:22:AD:BE:7A:EE
Certificate issuer: /CN=8eb2f81b8c47c2b588f451d4037c6837870b397f
Certificate serial: 018475E4E56323BEB3C30B5DDA26F04BB77F
Authority key identifier: 8E:B2:F8:1B:8C:47:C2:B5:88:F4:51:D4:03:7C:68:37:87:0B:39:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/2oTt3Zv0yTK8JcU2XKCLIq2-eu4.roa
Signing time: Mon 14 Nov 2022 11:27:25 +0000
ROA not before: Mon 14 Nov 2022 11:27:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59639
IP address blocks: 91.199.199.0/24 maxlen: 24
2a11:1bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:e4:e5:63:23:be:b3:c3:0b:5d:da:26:f0:4b:b7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb2f81b8c47c2b588f451d4037c6837870b397f
Validity
Not Before: Nov 14 11:27:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da84eddd9bf4c932bc25c5365ca08b22adbe7aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8b:60:cb:49:b1:5e:96:d4:2c:45:3e:5c:aa:
c8:49:95:9e:aa:ed:3e:c2:4b:63:23:f3:77:dc:15:
21:11:a2:3d:da:a7:51:5e:dd:fa:fe:79:55:7c:6e:
bf:ce:a7:4f:26:74:56:f0:9e:44:96:df:78:1c:ee:
74:fa:00:61:05:42:b9:2e:61:55:61:58:60:bc:f5:
4c:3f:db:75:d0:24:94:54:8b:e7:68:4a:4e:f7:f7:
4d:53:46:66:05:86:52:fd:34:53:15:77:e0:b0:0b:
6d:6e:56:ea:87:98:97:57:fc:f7:85:eb:45:92:7e:
37:4d:cf:b8:d9:f5:59:1c:de:cf:40:17:c1:5d:56:
56:f8:0d:2d:43:13:32:b1:90:c4:56:07:8c:69:f6:
5f:a7:4d:b1:72:35:fa:5a:25:8c:44:f7:ca:06:11:
f1:a9:81:0f:e0:e9:3f:2d:63:a7:10:0e:c9:bc:65:
3c:1e:45:95:ac:40:48:78:4e:8c:3f:48:5b:5d:fc:
65:70:a5:0e:11:4e:73:61:13:2c:b2:00:e4:02:9d:
23:0c:fd:7d:55:91:73:bc:87:5a:55:a6:66:9d:15:
6e:1c:95:41:2f:82:81:ff:fc:73:3e:4c:52:bd:8e:
f8:1a:c6:06:75:95:da:71:6b:77:d6:be:bf:1e:7f:
aa:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:84:ED:DD:9B:F4:C9:32:BC:25:C5:36:5C:A0:8B:22:AD:BE:7A:EE
X509v3 Authority Key Identifier:
keyid:8E:B2:F8:1B:8C:47:C2:B5:88:F4:51:D4:03:7C:68:37:87:0B:39:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/2oTt3Zv0yTK8JcU2XKCLIq2-eu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/jrL4G4xHwrWI9FHUA3xoN4cLOX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.199.0/24
IPv6:
2a11:1bc0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:e8:59:0a:5b:26:af:5a:2a:28:c5:2b:3a:76:28:72:30:ab:
ff:3f:e4:f4:8b:49:7b:83:f1:0a:32:2c:5c:64:2e:82:83:98:
32:6c:d0:de:36:5b:73:86:80:32:f0:22:6f:45:7c:ea:0c:96:
74:05:1f:19:13:38:72:3f:d4:88:fc:d8:a3:4e:cc:a4:67:c2:
81:b2:8c:a8:73:42:c4:59:e4:b7:51:7c:94:b1:fd:c2:32:3f:
2e:79:62:e8:59:93:cd:af:fc:f1:24:11:fe:84:eb:05:2a:0f:
87:e0:70:a7:c3:ca:d5:41:cf:31:c3:77:e2:99:e4:32:02:47:
ac:bb:eb:99:d1:fa:2f:78:4c:7c:07:67:c6:52:e0:10:33:07:
de:16:d2:ab:79:a9:80:2e:21:70:3e:d4:7d:1c:ce:b4:43:55:
cd:d4:be:05:a0:b4:b6:0b:39:6d:75:98:5e:40:eb:b7:ef:f6:
27:d1:07:f3:84:99:9e:07:35:ce:4b:fa:78:24:00:17:04:0e:
29:43:28:f9:4b:a9:87:f5:01:f5:0e:8c:ef:dc:bd:9c:7b:06:
1e:7e:eb:76:c3:6c:5d:11:4e:55:88:f4:fb:d9:6f:94:cb:33:
76:c4:58:89:ac:a7:5d:92:a0:1d:db:69:12:86:31:7a:b3:70:
17:0a:a4:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYR15OVjI76zwwtd2ibwS7d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjJmODFiOGM0N2MyYjU4OGY0NTFkNDAzN2M2ODM3ODcw
YjM5N2YwHhcNMjIxMTE0MTEyNzI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg0ZWRkZDliZjRjOTMyYmMyNWM1MzY1Y2EwOGIyMmFkYmU3YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiotgy0mxXpbULEU+XKrISZWequ0+
wktjI/N33BUhEaI92qdRXt36/nlVfG6/zqdPJnRW8J5Elt94HO50+gBhBUK5LmFV
YVhgvPVMP9t10CSUVIvnaEpO9/dNU0ZmBYZS/TRTFXfgsAttblbqh5iXV/z3hetF
kn43Tc+42fVZHN7PQBfBXVZW+A0tQxMysZDEVgeMafZfp02xcjX6WiWMRPfKBhHx
qYEP4Ok/LWOnEA7JvGU8HkWVrEBIeE6MP0hbXfxlcKUOEU5zYRMssgDkAp0jDP19
VZFzvIdaVaZmnRVuHJVBL4KB//xzPkxSvY74GsYGdZXacWt31r6/Hn+qxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNqE7d2b9MkyvCXFNlygiyKtvnruMB8GA1UdIwQY
MBaAFI6y+BuMR8K1iPRR1AN8aDeHCzl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJMNEc0eEh3cldJOUZIVUEzeG9ONGNMT1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS85ZTFmNDYtODAyYi00OWQxLTkxYjgt
NDgzZmM5MDcwOGQ1LzEvMm9UdDNadjB5VEs4SmNVMlhLQ0xJcTItZXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS85ZTFmNDYtODAyYi00OWQxLTkxYjgtNDgzZmM5MDcwOGQ1
LzEvanJMNEc0eEh3cldJOUZIVUEzeG9ONGNMT1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8fHMA0E
AgACMAcDBQAqERvAMA0GCSqGSIb3DQEBCwUAA4IBAQCN6FkKWyavWiooxSs6dihy
MKv/P+T0i0l7g/EKMixcZC6Cg5gybNDeNltzhoAy8CJvRXzqDJZ0BR8ZEzhyP9SI
/NijTsykZ8KBsoyoc0LEWeS3UXyUsf3CMj8ueWLoWZPNr/zxJBH+hOsFKg+H4HCn
w8rVQc8xw3fimeQyAkesu+uZ0foveEx8B2fGUuAQMwfeFtKreamALiFwPtR9HM60
Q1XN1L4FoLS2CzltdZheQOu37/Yn0QfzhJmeBzXOS/p4JAAXBA4pQyj5S6mH9QH1
Dozv3L2cewYefut2w2xdEU5ViPT72W+UyzN2xFiJrKddkqAd22kShjF6s3AXCqQB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:19 2024 by rpki-client on console-ams.rpki-client.org