Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/YWdHqxrjnrGRqNcF6H9DtlwpZ2o.roa
File: YWdHqxrjnrGRqNcF6H9DtlwpZ2o.roa (raw, json)
Hash identifier: iBHCkyexLLpa/vxOYOAkQALSkF7f9THbf7IkYYeZAaU=
Subject key identifier: 61:67:47:AB:1A:E3:9E:B1:91:A8:D7:05:E8:7F:43:B6:5C:29:67:6A
Certificate issuer: /CN=fc05169be4c74952672597df103eeb1b47bb68a3
Certificate serial: 05B5AD78
Authority key identifier: FC:05:16:9B:E4:C7:49:52:67:25:97:DF:10:3E:EB:1B:47:BB:68:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/YWdHqxrjnrGRqNcF6H9DtlwpZ2o.roa
Signing time: Sat 01 Jan 2022 13:01:49 +0000
ROA not before: Sat 01 Jan 2022 13:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57998
IP address blocks: 91.237.156.0/24 maxlen: 24
91.237.155.0/24 maxlen: 24
91.237.156.0/22 maxlen: 22
91.237.159.0/24 maxlen: 24
91.237.154.0/23 maxlen: 23
91.237.154.0/24 maxlen: 24
91.237.158.0/24 maxlen: 24
91.237.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95792504 (0x5b5ad78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc05169be4c74952672597df103eeb1b47bb68a3
Validity
Not Before: Jan 1 13:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=616747ab1ae39eb191a8d705e87f43b65c29676a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7f:93:9b:8d:59:bc:40:e4:3a:be:7a:04:5b:
12:3f:9b:f0:b8:f1:42:83:6d:bc:35:a8:93:64:46:
26:c2:bb:c1:3d:26:bb:f3:d0:2c:84:d1:bc:38:20:
55:f7:0c:14:5c:6e:ae:fa:24:72:64:6e:cd:9a:df:
dd:43:42:eb:bd:1e:50:9c:40:14:7a:96:df:26:4d:
d6:37:e0:02:8d:eb:5a:2f:57:1a:ca:47:a6:17:b5:
e1:16:a6:3f:c3:4b:c8:92:98:64:2e:d7:3a:8f:7c:
f0:2f:1f:70:8d:df:a0:0e:de:22:2f:c6:9b:6b:81:
f0:e5:c1:4f:46:64:70:75:24:f0:cf:3d:16:22:82:
e8:20:09:ef:5b:2e:2a:58:10:cf:11:2b:e1:96:1b:
70:cd:eb:f2:48:f1:81:94:3a:e2:c7:04:39:8b:08:
74:41:ed:d4:dc:4f:00:04:d0:c3:be:47:10:a2:ad:
87:48:b0:e8:f8:86:b3:b6:b1:a1:7f:b5:21:86:c5:
e7:6e:9a:ba:e8:c7:28:6a:6c:50:fb:8a:5f:42:4c:
8c:98:e8:21:d4:7d:1a:dc:fc:e1:ab:07:5b:8a:1f:
b8:b9:75:cc:bc:fb:63:fd:fe:24:00:8f:82:b0:1c:
1d:15:8f:95:98:e1:a9:cd:17:f2:f8:4e:d8:80:24:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:67:47:AB:1A:E3:9E:B1:91:A8:D7:05:E8:7F:43:B6:5C:29:67:6A
X509v3 Authority Key Identifier:
keyid:FC:05:16:9B:E4:C7:49:52:67:25:97:DF:10:3E:EB:1B:47:BB:68:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/YWdHqxrjnrGRqNcF6H9DtlwpZ2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.154.0-91.237.159.255
Signature Algorithm: sha256WithRSAEncryption
32:04:07:cd:62:44:99:f3:59:49:1e:f2:d4:f2:0c:90:90:fb:
d7:86:a8:9c:a4:5c:74:2c:8b:e3:00:31:6e:2b:ba:6f:77:d4:
bd:6f:de:dc:14:71:4e:b3:07:e2:04:7f:50:14:57:81:5a:b1:
12:49:fb:58:15:31:56:72:28:29:2c:ac:0a:f9:b9:fe:47:89:
8d:a2:76:09:07:9d:27:3c:dc:e3:c7:9e:d2:d5:5e:c9:ed:fa:
de:2c:ee:8a:04:cc:45:3d:e9:ec:10:89:f6:42:d9:08:62:db:
44:88:d0:06:8d:d2:87:54:b4:df:4d:c5:3b:a2:53:ca:82:eb:
cc:d7:cd:d0:f1:05:de:54:c8:5b:5a:ce:c0:a2:d3:a5:a7:67:
3d:2c:7c:9a:a9:2f:74:5d:c0:40:c9:d4:97:79:11:99:ea:08:
2e:69:60:98:ed:8f:b7:de:03:01:43:9a:28:4b:35:f3:35:93:
7f:06:bc:5d:35:25:57:ec:05:9f:a6:85:21:45:15:e0:03:40:
c6:84:cd:6b:af:50:6e:3a:97:62:cf:cc:bd:d1:0f:cd:4f:8e:
2e:04:a4:8c:3a:8f:5a:40:dc:86:ff:00:2b:55:58:6e:14:6e:
93:fa:5c:90:34:e2:92:47:37:3e:96:b2:30:d7:bc:c6:17:a3:
9b:27:65:c4
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBbWteDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzA1MTY5YmU0Yzc0OTUyNjcyNTk3ZGYxMDNlZWIxYjQ3YmI2OGEzMB4XDTIyMDEw
MTEzMDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE2NzQ3YWIxYWUz
OWViMTkxYThkNzA1ZTg3ZjQzYjY1YzI5Njc2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMx/k5uNWbxA5Dq+egRbEj+b8LjxQoNtvDWok2RGJsK7wT0m
u/PQLITRvDggVfcMFFxurvokcmRuzZrf3UNC670eUJxAFHqW3yZN1jfgAo3rWi9X
GspHphe14RamP8NLyJKYZC7XOo988C8fcI3foA7eIi/Gm2uB8OXBT0ZkcHUk8M89
FiKC6CAJ71suKlgQzxEr4ZYbcM3r8kjxgZQ64scEOYsIdEHt1NxPAATQw75HEKKt
h0iw6PiGs7axoX+1IYbF526auujHKGpsUPuKX0JMjJjoIdR9Gtz84asHW4ofuLl1
zLz7Y/3+JACPgrAcHRWPlZjhqc0X8vhO2IAk8TMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRhZ0erGuOesZGo1wXof0O2XClnajAfBgNVHSMEGDAWgBT8BRab5MdJUmcl
l98QPusbR7toozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19BVVdtLVRIU1ZKbkpaZmZFRDdyRzBlN2FLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvYjU5YmFmLTExM2UtNDYwYi05M2U3LTMzOGE5OGExZDljYi8x
L1lXZEhxeHJqbnJHUnFOY0Y2SDlEdGx3cFoyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
YjU5YmFmLTExM2UtNDYwYi05M2U3LTMzOGE5OGExZDljYi8xL19BVVdtLVRIU1ZK
bkpaZmZFRDdyRzBlN2FLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBW+2aAwQFW+2AMA0GCSqGSIb3
DQEBCwUAA4IBAQAyBAfNYkSZ81lJHvLU8gyQkPvXhqicpFx0LIvjADFuK7pvd9S9
b97cFHFOswfiBH9QFFeBWrESSftYFTFWcigpLKwK+bn+R4mNonYJB50nPNzjx57S
1V7J7freLO6KBMxFPensEIn2QtkIYttEiNAGjdKHVLTfTcU7olPKguvM183Q8QXe
VMhbWs7AotOlp2c9LHyaqS90XcBAydSXeRGZ6gguaWCY7Y+33gMBQ5ooSzXzNZN/
BrxdNSVX7AWfpoUhRRXgA0DGhM1rr1BuOpdiz8y90Q/NT44uBKSMOo9aQNyG/wAr
VVhuFG6T+lyQNOKSRzc+lrIw17zGF6ObJ2XE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:24 2024 by rpki-client on console-ams.rpki-client.org