Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/91d6ce-1a6a-4d13-a2e2-a7eb46b37d72/1/JclbE8hzF3thSFEXSSO1QeULx1M.roa
File: JclbE8hzF3thSFEXSSO1QeULx1M.roa (raw, json)
Hash identifier: GQsMZ+JELRx07nVr7dSRIDXN6NMXNhd9u3sqVDQlipE=
Subject key identifier: 25:C9:5B:13:C8:73:17:7B:61:48:51:17:49:23:B5:41:E5:0B:C7:53
Certificate issuer: /CN=d45473d1e8cdf49e3d98f8d770aac148d2f28b23
Certificate serial: F3A4AD
Authority key identifier: D4:54:73:D1:E8:CD:F4:9E:3D:98:F8:D7:70:AA:C1:48:D2:F2:8B:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FRz0ejN9J49mPjXcKrBSNLyiyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/91d6ce-1a6a-4d13-a2e2-a7eb46b37d72/1/JclbE8hzF3thSFEXSSO1QeULx1M.roa
Signing time: Sat 01 Jan 2022 05:56:06 +0000
ROA not before: Sat 01 Jan 2022 05:56:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48189
IP address blocks: 91.209.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15967405 (0xf3a4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45473d1e8cdf49e3d98f8d770aac148d2f28b23
Validity
Not Before: Jan 1 05:56:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25c95b13c873177b614851174923b541e50bc753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5c:0f:57:05:77:13:59:07:16:a3:5c:2f:54:
39:bb:51:b2:2d:9f:f9:80:f4:de:21:fe:9f:60:94:
3e:6d:d8:40:8d:5f:b9:a7:d1:03:d7:78:00:7f:69:
5f:27:2a:f8:65:45:e5:22:d3:75:62:ff:bf:a1:db:
69:86:78:1a:98:0c:1c:53:09:bf:a3:3b:08:a1:21:
fe:b7:dd:f7:c6:d6:92:d5:78:d8:9a:f8:d9:14:75:
ac:0b:80:81:ee:50:6c:a3:43:b9:03:79:45:6d:58:
c2:16:51:2f:f1:40:2b:b7:79:f5:23:21:29:d7:62:
6f:3a:8c:ef:46:d6:cf:fd:2e:57:1f:86:2d:f0:7a:
11:2e:28:8e:20:be:c2:be:94:52:56:8c:4c:a9:51:
7a:e2:4e:9a:4a:49:ff:8a:67:bc:dc:9d:43:d5:46:
f2:2c:c1:e7:9a:c8:04:06:e1:46:dc:16:ea:0d:38:
2a:75:e2:59:f2:92:03:de:36:36:f3:fd:aa:29:c0:
7c:c0:b3:85:e2:00:27:42:32:b4:77:4f:e1:f4:3a:
aa:33:5e:39:f7:cd:ad:e9:1b:f5:bc:90:04:ba:a2:
c7:c6:2c:f5:0d:b0:92:45:19:27:3c:7a:38:61:08:
fa:21:68:cc:d2:e6:2a:c0:67:8b:bb:ca:94:69:57:
e0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C9:5B:13:C8:73:17:7B:61:48:51:17:49:23:B5:41:E5:0B:C7:53
X509v3 Authority Key Identifier:
keyid:D4:54:73:D1:E8:CD:F4:9E:3D:98:F8:D7:70:AA:C1:48:D2:F2:8B:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FRz0ejN9J49mPjXcKrBSNLyiyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/91d6ce-1a6a-4d13-a2e2-a7eb46b37d72/1/JclbE8hzF3thSFEXSSO1QeULx1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/91d6ce-1a6a-4d13-a2e2-a7eb46b37d72/1/1FRz0ejN9J49mPjXcKrBSNLyiyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.27.0/24
Signature Algorithm: sha256WithRSAEncryption
89:14:c9:4f:4f:8e:20:91:15:5e:a3:33:3e:3d:82:4a:79:95:
2c:bd:73:98:61:59:94:62:99:9d:6d:9d:60:b1:7d:ad:e3:de:
30:c8:30:7c:25:c0:49:c9:cf:ea:40:bb:00:d4:1f:13:38:f4:
55:d5:ba:96:0e:94:fe:97:ae:5d:59:a7:c3:4b:e7:01:fc:80:
23:14:e1:a6:cc:c6:76:e7:0f:2d:bf:a8:a5:3d:4c:a3:92:da:
6c:e4:75:ae:c3:fb:23:e6:6a:a1:7e:8c:7a:7a:f1:6e:8f:67:
d8:47:c4:ef:42:61:a3:4e:3b:e9:68:78:ff:67:95:1c:aa:2f:
42:54:e6:67:0d:f3:ad:50:45:b9:63:28:80:b7:44:9f:c8:7f:
8a:88:89:a0:56:dd:23:d5:da:28:23:90:f3:f7:5b:6e:66:2e:
9c:7d:43:ea:d1:3a:96:4e:96:24:6b:b3:a6:5c:40:40:26:b7:
fc:c4:32:86:f4:79:98:ba:a7:c3:08:51:6a:77:de:f5:62:33:
72:81:ad:13:25:bf:59:70:6b:b8:b4:8b:e7:26:47:6b:49:3b:
9d:05:72:71:34:fd:7d:af:40:37:5e:95:5d:b3:23:7e:03:1f:
a8:40:6f:c6:32:69:aa:82:76:a0:96:dd:37:b2:b8:9f:57:94:
d4:65:0a:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPOkrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDU0NzNkMWU4Y2RmNDllM2Q5OGY4ZDc3MGFhYzE0OGQyZjI4YjIzMB4XDTIyMDEw
MTA1NTYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVjOTViMTNjODcz
MTc3YjYxNDg1MTE3NDkyM2I1NDFlNTBiYzc1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9cD1cFdxNZBxajXC9UObtRsi2f+YD03iH+n2CUPm3YQI1f
uafRA9d4AH9pXycq+GVF5SLTdWL/v6HbaYZ4GpgMHFMJv6M7CKEh/rfd98bWktV4
2Jr42RR1rAuAge5QbKNDuQN5RW1YwhZRL/FAK7d59SMhKddibzqM70bWz/0uVx+G
LfB6ES4ojiC+wr6UUlaMTKlReuJOmkpJ/4pnvNydQ9VG8izB55rIBAbhRtwW6g04
KnXiWfKSA942NvP9qinAfMCzheIAJ0IytHdP4fQ6qjNeOffNrekb9byQBLqix8Ys
9Q2wkkUZJzx6OGEI+iFozNLmKsBni7vKlGlX4JECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlyVsTyHMXe2FIURdJI7VB5QvHUzAfBgNVHSMEGDAWgBTUVHPR6M30nj2Y
+NdwqsFI0vKLIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGUnowZWpOOUo0OW1QalhjS3JCU05MeWl5TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTFkNmNlLTFhNmEtNGQxMy1hMmUyLWE3ZWI0NmIzN2Q3Mi8x
L0pjbGJFOGh6RjN0aFNGRVhTU08xUWVVTHgxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTFkNmNlLTFhNmEtNGQxMy1hMmUyLWE3ZWI0NmIzN2Q3Mi8xLzFGUnowZWpOOUo0
OW1QalhjS3JCU05MeWl5TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvRGzANBgkqhkiG9w0BAQsFAAOC
AQEAiRTJT0+OIJEVXqMzPj2CSnmVLL1zmGFZlGKZnW2dYLF9rePeMMgwfCXAScnP
6kC7ANQfEzj0VdW6lg6U/peuXVmnw0vnAfyAIxThpszGducPLb+opT1Mo5LabOR1
rsP7I+ZqoX6Menrxbo9n2EfE70Jho0476Wh4/2eVHKovQlTmZw3zrVBFuWMogLdE
n8h/ioiJoFbdI9XaKCOQ8/dbbmYunH1D6tE6lk6WJGuzplxAQCa3/MQyhvR5mLqn
wwhRanfe9WIzcoGtEyW/WXBruLSL5yZHa0k7nQVycTT9fa9AN16VXbMjfgMfqEBv
xjJpqoJ2oJbdN7K4n1eU1GUKwA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-ams.rpki-client.org