Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/cHF1NGcMQeAxQtbx5pWfm6ehEy8.roa
File: cHF1NGcMQeAxQtbx5pWfm6ehEy8.roa (raw, json)
Hash identifier: V5IFyXomly0soSk3j/Et7FEN7y7uqvQsPmhakC1TdIk=
Subject key identifier: 70:71:75:34:67:0C:41:E0:31:42:D6:F1:E6:95:9F:9B:A7:A1:13:2F
Certificate issuer: /CN=e68ce86d409e824376560fe3b1a168f2ba0082e3
Certificate serial: 01831CB02C540A77A5A152F89C88CEA823D9
Authority key identifier: E6:8C:E8:6D:40:9E:82:43:76:56:0F:E3:B1:A1:68:F2:BA:00:82:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ozobUCegkN2Vg_jsaFo8roAguM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/cHF1NGcMQeAxQtbx5pWfm6ehEy8.roa
Signing time: Thu 08 Sep 2022 10:40:51 +0000
ROA not before: Thu 08 Sep 2022 10:40:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42475
IP address blocks: 91.207.34.0/24 maxlen: 24
185.82.55.0/24 maxlen: 24
185.82.52.0/24 maxlen: 24
185.82.53.0/24 maxlen: 24
185.82.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:b0:2c:54:0a:77:a5:a1:52:f8:9c:88:ce:a8:23:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e68ce86d409e824376560fe3b1a168f2ba0082e3
Validity
Not Before: Sep 8 10:40:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70717534670c41e03142d6f1e6959f9ba7a1132f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:b9:f2:ac:23:04:20:4f:5b:25:4b:aa:da:
f6:f0:41:e9:a1:80:b9:9c:02:9f:ae:1a:f3:b6:6e:
0d:f0:3b:e8:d4:1d:4f:17:47:43:11:6a:d6:80:79:
3e:e5:fd:5e:84:d3:9a:59:38:24:8b:20:60:c6:72:
4a:c1:69:03:e5:da:39:ce:ae:5e:66:79:ab:4e:89:
5c:bb:82:8e:fb:35:9e:ff:ac:73:1f:e1:5c:12:8f:
aa:d8:0e:47:cf:f3:fd:b7:a3:68:cd:64:7f:44:a0:
2e:f5:25:36:a1:92:a1:51:87:bf:fe:47:45:f2:6b:
28:8c:1f:61:ac:ff:91:9b:a9:97:21:70:51:9a:07:
ce:a6:36:c5:e4:7f:4e:b7:13:d8:a5:9c:0d:0d:64:
62:ae:bf:71:d4:05:72:44:3b:c0:3e:f5:ec:55:30:
3c:00:4f:e5:5b:66:ca:da:f7:af:fc:e1:cd:29:e4:
63:b8:f4:7f:38:9f:c0:26:26:9a:d3:e7:75:6d:72:
d8:30:6c:58:91:42:20:e5:a9:50:18:f0:ba:cd:45:
08:cb:72:6f:30:25:5d:b9:48:88:f1:eb:9a:22:da:
25:a2:0e:86:78:dc:25:e1:e4:ee:e4:3d:48:d9:49:
da:70:65:74:61:2f:af:2b:b2:65:2b:76:d4:0b:63:
41:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:71:75:34:67:0C:41:E0:31:42:D6:F1:E6:95:9F:9B:A7:A1:13:2F
X509v3 Authority Key Identifier:
keyid:E6:8C:E8:6D:40:9E:82:43:76:56:0F:E3:B1:A1:68:F2:BA:00:82:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ozobUCegkN2Vg_jsaFo8roAguM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/cHF1NGcMQeAxQtbx5pWfm6ehEy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/5ozobUCegkN2Vg_jsaFo8roAguM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.34.0/24
185.82.52.0/22
Signature Algorithm: sha256WithRSAEncryption
22:bd:e1:84:96:29:18:5b:1e:1f:52:ec:89:13:62:3b:2a:ed:
94:2c:a0:3d:a5:de:ef:2e:01:86:00:45:12:09:d7:cd:b6:54:
be:e9:78:c0:20:df:89:e0:4f:e3:3f:55:aa:b7:53:3b:69:51:
c8:80:34:c3:db:b2:3f:31:df:a4:03:63:c0:67:95:8d:5d:66:
ae:01:0b:63:a3:30:0f:1b:74:83:f7:6f:4c:5a:c9:e7:aa:f7:
5b:97:e0:89:5a:8f:42:e6:15:47:30:f3:9f:b8:ad:2a:d0:65:
86:dd:18:60:fc:b8:d8:a5:45:e0:03:f3:09:40:5c:6d:31:37:
be:d3:3c:6d:34:ae:c6:dc:6c:43:bd:79:8b:0f:f4:f9:c3:7e:
c9:ef:7e:c8:63:c3:67:e6:0d:f4:6d:b6:28:db:90:9d:07:d1:
cc:96:68:4e:64:a3:96:e4:1b:c6:4b:b8:f0:9f:95:01:08:d4:
24:91:86:7d:f4:29:8b:80:f1:b7:0d:13:bf:1a:56:2d:c9:80:
14:7d:35:8c:82:5f:8e:e5:51:b2:97:e8:52:d4:fa:f8:a9:fd:
46:50:37:31:e1:89:62:05:2e:89:db:11:8e:cb:fa:22:97:51:
3d:49:6f:17:bd:c2:ea:e6:bb:51:72:ea:eb:16:69:c5:06:fa:
1e:92:7f:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMcsCxUCneloVL4nIjOqCPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OGNlODZkNDA5ZTgyNDM3NjU2MGZlM2IxYTE2OGYyYmEw
MDgyZTMwHhcNMjIwOTA4MTA0MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDcxNzUzNDY3MGM0MWUwMzE0MmQ2ZjFlNjk1OWY5YmE3YTExMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+258qwjBCBPWyVLqtr28EHpoYC5
nAKfrhrztm4N8Dvo1B1PF0dDEWrWgHk+5f1ehNOaWTgkiyBgxnJKwWkD5do5zq5e
ZnmrTolcu4KO+zWe/6xzH+FcEo+q2A5Hz/P9t6NozWR/RKAu9SU2oZKhUYe//kdF
8msojB9hrP+Rm6mXIXBRmgfOpjbF5H9OtxPYpZwNDWRirr9x1AVyRDvAPvXsVTA8
AE/lW2bK2vev/OHNKeRjuPR/OJ/AJiaa0+d1bXLYMGxYkUIg5alQGPC6zUUIy3Jv
MCVduUiI8euaItolog6GeNwl4eTu5D1I2UnacGV0YS+vK7JlK3bUC2NBbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHBxdTRnDEHgMULW8eaVn5unoRMvMB8GA1UdIwQY
MBaAFOaM6G1AnoJDdlYP47GhaPK6AILjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW96b2JVQ2Vna04yVmdfanNhRm84cm9BZ3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yMzVlNjEtNDJlNC00MjI1LThmYTYt
MGNhZGQ4NDc0NDhiLzEvY0hGMU5HY01RZUF4UXRieDVwV2ZtNmVoRXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yMzVlNjEtNDJlNC00MjI1LThmYTYtMGNhZGQ4NDc0NDhi
LzEvNW96b2JVQ2Vna04yVmdfanNhRm84cm9BZ3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW88iAwQC
uVI0MA0GCSqGSIb3DQEBCwUAA4IBAQAiveGElikYWx4fUuyJE2I7Ku2ULKA9pd7v
LgGGAEUSCdfNtlS+6XjAIN+J4E/jP1Wqt1M7aVHIgDTD27I/Md+kA2PAZ5WNXWau
AQtjozAPG3SD929MWsnnqvdbl+CJWo9C5hVHMPOfuK0q0GWG3Rhg/LjYpUXgA/MJ
QFxtMTe+0zxtNK7G3GxDvXmLD/T5w37J737IY8Nn5g30bbYo25CdB9HMlmhOZKOW
5BvGS7jwn5UBCNQkkYZ99CmLgPG3DRO/GlYtyYAUfTWMgl+O5VGyl+hS1Pr4qf1G
UDcx4YliBS6J2xGOy/oil1E9SW8XvcLq5rtRcurrFmnFBvoekn/R
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-ams.rpki-client.org