Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/hNof9P4PuB3q7O-Oo4HWXWLl028.roa
File: hNof9P4PuB3q7O-Oo4HWXWLl028.roa (raw, json)
Hash identifier: sRlc2dTiWOxAOfcy+NtQh5Z1EvpFcEVB+QgLRQs0LgI=
Subject key identifier: 84:DA:1F:F4:FE:0F:B8:1D:EA:EC:EF:8E:A3:81:D6:5D:62:E5:D3:6F
Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial: 042425B5
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/hNof9P4PuB3q7O-Oo4HWXWLl028.roa
Signing time: Wed 09 Mar 2022 15:44:03 +0000
ROA not before: Wed 09 Mar 2022 15:44:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 91.236.67.0/24 maxlen: 24
91.236.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69477813 (0x42425b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Validity
Not Before: Mar 9 15:44:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84da1ff4fe0fb81deaecef8ea381d65d62e5d36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:9b:0e:43:7e:fc:2b:30:15:60:68:9c:6c:63:
d8:0c:45:f0:8b:77:11:30:7e:bb:ea:c4:97:8d:47:
f0:f5:90:42:73:00:42:2f:0e:b6:24:38:1a:be:c7:
71:41:cc:98:d6:5e:29:09:af:5f:54:f0:a9:95:3d:
36:be:f6:bd:96:b9:7c:48:46:5f:fd:5c:6c:07:38:
cd:e6:11:9c:e6:59:73:ea:4d:f5:85:e9:ee:8a:b1:
1c:90:a3:1a:38:e8:93:ef:2f:7a:50:a3:2d:16:62:
5b:4d:78:d0:c0:e8:b2:e3:59:73:c3:a8:98:4f:f4:
5d:9c:69:20:c6:4a:de:e8:a1:66:06:3c:42:a4:34:
7b:24:81:f4:dd:65:c0:bf:a7:7d:1f:61:87:0f:c9:
51:96:57:47:7c:9a:fd:1c:f6:b5:5d:6d:36:86:09:
c1:a5:42:2a:8f:37:be:30:e5:a7:6d:1c:10:b7:38:
78:2c:d6:46:1c:7a:44:7f:1c:64:6c:e9:32:05:52:
5b:d5:48:de:2d:19:76:93:90:1e:76:9c:0a:03:67:
f7:33:5d:8c:62:8d:b4:bf:a4:62:bc:84:44:87:30:
8d:f7:51:0b:4f:c4:69:7e:52:78:e9:c3:cc:11:0c:
c9:f9:a7:93:a0:d3:7b:3d:7b:5a:76:63:1f:5c:56:
f4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DA:1F:F4:FE:0F:B8:1D:EA:EC:EF:8E:A3:81:D6:5D:62:E5:D3:6F
X509v3 Authority Key Identifier:
keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/hNof9P4PuB3q7O-Oo4HWXWLl028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.66.0/23
Signature Algorithm: sha256WithRSAEncryption
46:25:a9:55:11:39:f1:f3:6d:44:c9:7e:95:09:3f:fa:3b:5f:
cf:6a:a9:67:3f:82:75:96:7e:f8:bc:59:fa:67:08:92:c5:9b:
1b:e0:77:da:3a:de:fe:54:05:89:49:cb:25:f7:a8:da:0d:bd:
5a:1c:b4:df:39:5a:46:04:56:0f:1c:be:f0:c8:90:df:c9:f6:
fc:a7:92:41:68:4e:d8:76:f0:ed:d6:8e:e2:19:1e:cf:1e:32:
5c:e8:eb:6f:ce:05:24:67:6f:95:93:f3:fd:a7:84:26:3f:50:
66:c6:f4:8c:d9:7c:5f:15:ef:64:b4:99:71:da:17:1d:9c:76:
1b:6e:e1:e1:84:37:13:f8:78:4f:50:69:ff:c7:c4:de:62:05:
88:b7:bc:23:f6:f5:b0:ab:27:0b:ed:ca:ae:f7:55:49:d0:00:
c5:8b:2a:b8:6c:55:2d:47:cb:29:b9:ab:84:5a:87:50:eb:ba:
91:c3:b2:be:35:01:4d:ea:7d:0c:b3:27:07:1c:18:73:f3:5a:
18:81:bf:dd:69:e9:97:d3:7e:17:b1:f7:58:98:cb:b7:63:53:
58:6e:37:f7:f6:36:a3:bb:1e:46:bf:6a:d5:a4:8b:f1:e5:fb:
c5:21:3d:74:10:b2:17:45:f1:3b:e5:e2:1a:97:45:e5:5a:ba:
56:47:70:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCQltTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2ZhZTdkNGU2OWQ0MmU0ZjRjOTVkOTlmNDgyYjlhOTQ0ZGJlZmM4MB4XDTIyMDMw
OTE1NDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRkYTFmZjRmZTBm
YjgxZGVhZWNlZjhlYTM4MWQ2NWQ2MmU1ZDM2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO2bDkN+/CswFWBonGxj2AxF8It3ETB+u+rEl41H8PWQQnMA
Qi8OtiQ4Gr7HcUHMmNZeKQmvX1TwqZU9Nr72vZa5fEhGX/1cbAc4zeYRnOZZc+pN
9YXp7oqxHJCjGjjok+8velCjLRZiW0140MDosuNZc8OomE/0XZxpIMZK3uihZgY8
QqQ0eySB9N1lwL+nfR9hhw/JUZZXR3ya/Rz2tV1tNoYJwaVCKo83vjDlp20cELc4
eCzWRhx6RH8cZGzpMgVSW9VI3i0ZdpOQHnacCgNn9zNdjGKNtL+kYryERIcwjfdR
C0/EaX5SeOnDzBEMyfmnk6DTez17WnZjH1xW9HMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSE2h/0/g+4Hers746jgdZdYuXTbzAfBgNVHSMEGDAWgBTc+ufU5p1C5PTJ
XZn0grmpRNvvyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNQcm4xT2FkUXVUMHlWMlo5SUs1cVVUYjc4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvOTM0MmY4LWRmOWUtNDViYi05NzJmLTM3MjczZGYzOTAxYy8x
L2hOb2Y5UDRQdUIzcTdPLU9vNEhXWFdMbDAyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
OTM0MmY4LWRmOWUtNDViYi05NzJmLTM3MjczZGYzOTAxYy8xLzNQcm4xT2FkUXVU
MHlWMlo5SUs1cVVUYjc4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvsQjANBgkqhkiG9w0BAQsFAAOC
AQEARiWpVRE58fNtRMl+lQk/+jtfz2qpZz+CdZZ++LxZ+mcIksWbG+B32jre/lQF
iUnLJfeo2g29Why03zlaRgRWDxy+8MiQ38n2/KeSQWhO2Hbw7daO4hkezx4yXOjr
b84FJGdvlZPz/aeEJj9QZsb0jNl8XxXvZLSZcdoXHZx2G27h4YQ3E/h4T1Bp/8fE
3mIFiLe8I/b1sKsnC+3KrvdVSdAAxYsquGxVLUfLKbmrhFqHUOu6kcOyvjUBTep9
DLMnBxwYc/NaGIG/3Wnpl9N+F7H3WJjLt2NTWG439/Y2o7seRr9q1aSL8eX7xSE9
dBCyF0XxO+XiGpdF5Vq6VkdwJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-fra.rpki-client.org