Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/68cQc8QgcdvRYuttMab9cUWy8PI.roa
File: 68cQc8QgcdvRYuttMab9cUWy8PI.roa (raw, json)
Hash identifier: QtSZhxnC0NFozccSASJtUvLwjXYkNb1rd89z6mDbO8M=
Subject key identifier: EB:C7:10:73:C4:20:71:DB:D1:62:EB:6D:31:A6:FD:71:45:B2:F0:F2
Certificate issuer: /CN=d397dc0caa997d504b5a3f0eaf7b18ea730ce8a3
Certificate serial: 03058F
Authority key identifier: D3:97:DC:0C:AA:99:7D:50:4B:5A:3F:0E:AF:7B:18:EA:73:0C:E8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05fcDKqZfVBLWj8Or3sY6nMM6KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/68cQc8QgcdvRYuttMab9cUWy8PI.roa
Signing time: Wed 26 Jan 2022 08:17:33 +0000
ROA not before: Wed 26 Jan 2022 08:17:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41953
IP address blocks: 91.206.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198031 (0x3058f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d397dc0caa997d504b5a3f0eaf7b18ea730ce8a3
Validity
Not Before: Jan 26 08:17:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebc71073c42071dbd162eb6d31a6fd7145b2f0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9c:9b:44:37:c4:62:c9:1b:39:29:74:c6:a8:
02:e0:15:4d:10:ed:98:d3:88:90:bf:3a:53:61:d5:
d4:74:77:6a:4c:5f:18:d6:58:7c:2d:7c:9b:96:63:
0e:b6:38:c2:86:d9:77:8a:2f:b4:1b:c5:b5:a4:b9:
11:36:af:8c:e3:09:7e:43:4a:7b:d5:81:5a:a2:c9:
a5:11:4b:ad:27:e2:7a:6a:b7:f3:ce:0d:5c:ec:b6:
69:68:19:0d:59:9d:cb:6a:44:dc:85:1d:7e:ee:74:
0c:f2:2d:5f:b9:43:59:6d:3a:a9:81:02:df:ba:79:
c6:e2:4f:cd:2b:9b:4d:c3:33:6a:ac:95:50:e1:2e:
25:e2:80:24:99:38:77:99:eb:dc:7c:37:c4:a5:e2:
e2:21:8b:a3:ed:3b:02:f7:cc:99:8d:06:ba:34:7f:
53:86:1d:aa:13:c2:d2:ad:11:c8:39:2c:a6:c2:b7:
e6:1e:df:41:a1:e6:92:f0:b2:36:18:07:e4:d9:cd:
00:17:9c:a6:07:87:0f:50:c6:78:5f:ad:9f:27:37:
a6:c4:98:0a:0b:5f:b7:1b:cb:c0:5c:b9:a9:d2:b1:
51:82:77:77:4a:2f:c5:e8:cc:b0:99:69:9d:8f:81:
c3:ae:bc:f7:f7:2b:ac:7c:92:e0:b1:49:9f:be:45:
93:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C7:10:73:C4:20:71:DB:D1:62:EB:6D:31:A6:FD:71:45:B2:F0:F2
X509v3 Authority Key Identifier:
keyid:D3:97:DC:0C:AA:99:7D:50:4B:5A:3F:0E:AF:7B:18:EA:73:0C:E8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05fcDKqZfVBLWj8Or3sY6nMM6KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/68cQc8QgcdvRYuttMab9cUWy8PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/05fcDKqZfVBLWj8Or3sY6nMM6KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.123.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:4e:82:f4:7b:98:3c:75:42:a9:3a:99:d2:9d:61:ec:24:4c:
7b:fb:7a:e8:a1:f1:da:f6:4a:a5:8d:86:7c:ea:f7:2e:6c:1e:
0b:36:42:b4:30:a2:a8:ec:af:04:2b:0f:56:26:48:26:7b:fd:
b0:c0:e0:e7:d8:b7:a2:f8:11:0a:0e:37:fa:d3:ea:d7:30:75:
ef:8d:6b:51:25:b9:09:ba:fc:2c:ea:5d:21:b7:f5:0e:09:cb:
d8:0a:05:c0:e1:9c:e6:0a:29:a7:8c:26:4f:ec:eb:fe:f0:c2:
ee:a1:2c:65:52:f1:a5:94:a7:85:5e:f2:02:ca:24:e5:27:70:
78:57:a4:31:29:98:5f:6e:57:40:8e:2f:a9:6b:b2:f6:e2:60:
0c:ec:f4:a8:0c:79:b5:bb:a4:1f:d6:d1:95:10:25:b5:30:f3:
17:7e:40:bb:bb:a4:88:92:0d:41:20:ef:b4:4c:f7:d7:b5:b7:
ce:d3:7b:ba:d9:c9:b3:a6:ed:68:be:b3:6b:38:74:92:00:d0:
9a:09:3a:6c:7c:88:c2:e2:b6:53:33:41:1e:b9:9a:0c:fd:c5:
4d:9f:28:fc:ab:c9:14:95:38:3c:7e:55:e4:10:be:b8:d9:37:
47:ce:55:46:8b:0d:80:19:f5:f2:40:37:39:cc:73:53:68:30:
a7:16:08:61
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAwWPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQz
OTdkYzBjYWE5OTdkNTA0YjVhM2YwZWFmN2IxOGVhNzMwY2U4YTMwHhcNMjIwMTI2
MDgxNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlYmM3MTA3M2M0MjA3
MWRiZDE2MmViNmQzMWE2ZmQ3MTQ1YjJmMGYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvZybRDfEYskbOSl0xqgC4BVNEO2Y04iQvzpTYdXUdHdqTF8Y
1lh8LXyblmMOtjjChtl3ii+0G8W1pLkRNq+M4wl+Q0p71YFaosmlEUutJ+J6arfz
zg1c7LZpaBkNWZ3LakTchR1+7nQM8i1fuUNZbTqpgQLfunnG4k/NK5tNwzNqrJVQ
4S4l4oAkmTh3mevcfDfEpeLiIYuj7TsC98yZjQa6NH9Thh2qE8LSrRHIOSymwrfm
Ht9BoeaS8LI2GAfk2c0AF5ymB4cPUMZ4X62fJzemxJgKC1+3G8vAXLmp0rFRgnd3
Si/F6MywmWmdj4HDrrz39yusfJLgsUmfvkWT3wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOvHEHPEIHHb0WLrbTGm/XFFsvDyMB8GA1UdIwQYMBaAFNOX3AyqmX1QS1o/
Dq97GOpzDOijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MDVmY0RLcVpmVkJMV2o4T3Izc1k2bk1NNktNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84My8wZDQzZTMtM2U0NC00YTgyLTg5YjQtOGJhNDM4ZTc2YjUzLzEv
NjhjUWM4UWdjZHZSWXV0dE1hYjljVVd5OFBJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8w
ZDQzZTMtM2U0NC00YTgyLTg5YjQtOGJhNDM4ZTc2YjUzLzEvMDVmY0RLcVpmVkJM
V2o4T3Izc1k2bk1NNktNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW857MA0GCSqGSIb3DQEBCwUAA4IB
AQALToL0e5g8dUKpOpnSnWHsJEx7+3roofHa9kqljYZ86vcubB4LNkK0MKKo7K8E
Kw9WJkgme/2wwODn2Lei+BEKDjf60+rXMHXvjWtRJbkJuvws6l0ht/UOCcvYCgXA
4ZzmCimnjCZP7Ov+8MLuoSxlUvGllKeFXvICyiTlJ3B4V6QxKZhfbldAji+pa7L2
4mAM7PSoDHm1u6Qf1tGVECW1MPMXfkC7u6SIkg1BIO+0TPfXtbfO03u62cmzpu1o
vrNrOHSSANCaCTpsfIjC4rZTM0EeuZoM/cVNnyj8q8kUlTg8flXkEL642TdHzlVG
iw2AGfXyQDc5zHNTaDCnFghh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:00 2024 by rpki-client on console-ams.rpki-client.org