Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/r1JGz2qAgyriLBeap9o-I2uFDYQ.roa
File: r1JGz2qAgyriLBeap9o-I2uFDYQ.roa (raw, json)
Hash identifier: cAxJS3iRts5kC/Pvu3328TZeGBQ4bm5eFV8HKRHJp+I=
Subject key identifier: AF:52:46:CF:6A:80:83:2A:E2:2C:17:9A:A7:DA:3E:23:6B:85:0D:84
Certificate issuer: /CN=038af86795417a3584d616375209a72efee2462b
Certificate serial: 024885
Authority key identifier: 03:8A:F8:67:95:41:7A:35:84:D6:16:37:52:09:A7:2E:FE:E2:46:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4r4Z5VBejWE1hY3UgmnLv7iRis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/r1JGz2qAgyriLBeap9o-I2uFDYQ.roa
Signing time: Thu 03 Mar 2022 14:41:04 +0000
ROA not before: Thu 03 Mar 2022 14:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5400
IP address blocks: 91.142.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149637 (0x24885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=038af86795417a3584d616375209a72efee2462b
Validity
Not Before: Mar 3 14:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af5246cf6a80832ae22c179aa7da3e236b850d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:34:9e:6f:c0:57:a5:b0:c1:be:6f:d5:4f:04:
87:23:63:1d:dd:59:2d:de:09:d9:6a:6c:57:18:32:
23:7c:a6:1e:a8:98:68:75:4a:30:93:7f:d9:6b:73:
86:c9:c1:b0:c5:15:9e:a6:88:d3:e0:83:0c:69:0b:
c3:00:37:72:e5:2d:e0:c1:32:e8:5a:d4:fc:8b:3e:
cd:3c:4d:08:8f:95:e2:26:3f:ca:59:84:68:96:de:
d1:c9:02:ec:58:f7:30:a4:37:3c:a7:9d:ec:42:90:
0b:25:ba:ff:bb:a9:19:cb:38:f0:99:a6:d5:26:c2:
66:63:ec:e8:2a:3f:2c:ac:4f:d6:f8:44:6a:5c:94:
ad:5c:3e:03:c6:28:6b:c3:ab:d1:54:41:dc:fe:00:
3f:bf:9f:8c:f7:2c:b4:4a:14:5c:2a:fe:e2:19:b1:
c0:11:04:ae:fb:ef:79:0d:32:9d:d3:c1:9a:c3:36:
80:87:d2:d0:e2:9d:b2:c7:7e:fa:73:1a:d6:cb:5b:
ff:b5:d3:95:a5:92:03:b6:10:e0:d5:57:75:f0:93:
60:2c:a3:d2:c2:f7:b4:a6:a4:87:28:7e:9f:15:59:
dd:93:63:38:78:a6:b6:a1:6a:64:c6:5a:76:00:e4:
46:a0:1a:c2:29:d7:d1:ab:16:ae:5c:62:68:54:e8:
ea:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:52:46:CF:6A:80:83:2A:E2:2C:17:9A:A7:DA:3E:23:6B:85:0D:84
X509v3 Authority Key Identifier:
keyid:03:8A:F8:67:95:41:7A:35:84:D6:16:37:52:09:A7:2E:FE:E2:46:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4r4Z5VBejWE1hY3UgmnLv7iRis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/r1JGz2qAgyriLBeap9o-I2uFDYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/A4r4Z5VBejWE1hY3UgmnLv7iRis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.128.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:4b:39:4a:51:cf:98:c2:61:58:f0:7e:63:02:e3:1c:3a:8f:
56:50:19:8b:a9:49:2a:9b:dc:c0:d7:ee:73:41:63:48:f9:57:
af:12:ba:00:62:cd:a0:90:00:18:e3:08:1c:4f:9a:be:c1:2d:
63:85:9b:b7:85:dc:a3:0c:8b:d6:84:05:8d:d9:2b:a0:a6:6a:
2b:80:e0:6a:44:35:da:7e:a0:20:5f:b8:bc:91:81:dc:b1:04:
a5:ea:a7:99:d8:a1:0c:47:a7:30:c6:21:e6:65:62:b6:e3:1b:
94:d3:7a:e4:ca:5f:e4:62:da:d5:98:88:ee:f1:94:a1:bc:10:
37:32:e2:6a:c9:a4:bb:70:18:e1:19:ec:4b:54:ee:1e:76:79:
f5:f1:ea:59:f4:7c:05:17:6e:bb:27:2c:17:ee:9f:5d:14:fc:
97:a9:a3:ce:97:5a:0a:cb:2b:1f:23:24:10:bd:47:1c:48:a6:
4f:ba:5b:08:26:cc:c3:bb:4f:b0:b0:ac:85:5a:f8:05:3f:42:
16:b0:dc:5e:98:07:49:27:00:83:d8:a3:77:54:9e:4d:7a:5d:
f5:0b:ec:31:d4:4b:fe:16:0f:bd:d1:4d:04:33:da:38:a4:cf:
a1:84:ac:cb:10:b1:05:d6:31:fe:c9:07:79:0e:1d:b5:aa:5d:
07:0a:fa:ac
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAkiFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
OGFmODY3OTU0MTdhMzU4NGQ2MTYzNzUyMDlhNzJlZmVlMjQ2MmIwHhcNMjIwMzAz
MTQ0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZjUyNDZjZjZhODA4
MzJhZTIyYzE3OWFhN2RhM2UyMzZiODUwZDg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwTSeb8BXpbDBvm/VTwSHI2Md3Vkt3gnZamxXGDIjfKYeqJho
dUowk3/Za3OGycGwxRWepojT4IMMaQvDADdy5S3gwTLoWtT8iz7NPE0Ij5XiJj/K
WYRolt7RyQLsWPcwpDc8p53sQpALJbr/u6kZyzjwmabVJsJmY+zoKj8srE/W+ERq
XJStXD4Dxihrw6vRVEHc/gA/v5+M9yy0ShRcKv7iGbHAEQSu++95DTKd08GawzaA
h9LQ4p2yx376cxrWy1v/tdOVpZIDthDg1Vd18JNgLKPSwve0pqSHKH6fFVndk2M4
eKa2oWpkxlp2AORGoBrCKdfRqxauXGJoVOjqpQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFK9SRs9qgIMq4iwXmqfaPiNrhQ2EMB8GA1UdIwQYMBaAFAOK+GeVQXo1hNYW
N1IJpy7+4kYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QTRyNFo1VkJlaldFMWhZM1VnbW5MdjdpUmlzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Yi81N2U0MTktNDJmNC00ZDhjLWI2YjQtNDMxZjI3YTYyZWQ4LzEv
cjFKR3oycUFneXJpTEJlYXA5by1JMnVGRFlRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81
N2U0MTktNDJmNC00ZDhjLWI2YjQtNDMxZjI3YTYyZWQ4LzEvQTRyNFo1VkJlaldF
MWhZM1VnbW5MdjdpUmlzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW46AMA0GCSqGSIb3DQEBCwUAA4IB
AQB8SzlKUc+YwmFY8H5jAuMcOo9WUBmLqUkqm9zA1+5zQWNI+VevEroAYs2gkAAY
4wgcT5q+wS1jhZu3hdyjDIvWhAWN2SugpmorgOBqRDXafqAgX7i8kYHcsQSl6qeZ
2KEMR6cwxiHmZWK24xuU03rkyl/kYtrVmIju8ZShvBA3MuJqyaS7cBjhGexLVO4e
dnn18epZ9HwFF267JywX7p9dFPyXqaPOl1oKyysfIyQQvUccSKZPulsIJszDu0+w
sKyFWvgFP0IWsNxemAdJJwCD2KN3VJ5Nel31C+wx1Ev+Fg+90U0EM9o4pM+hhKzL
ELEF1jH+yQd5Dh21ql0HCvqs
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org