Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/CshY5SEL60ULTabg65Cheki9efU.roa
File: CshY5SEL60ULTabg65Cheki9efU.roa (raw, json)
Hash identifier: NUw3GOyeJUcLp0s5x1pBLsYHV1ipJIfoDCPCcHaeZ4s=
Subject key identifier: 0A:C8:58:E5:21:0B:EB:45:0B:4D:A6:E0:EB:90:A1:7A:48:BD:79:F5
Certificate issuer: /CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Certificate serial: 0604AD84
Authority key identifier: 3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/CshY5SEL60ULTabg65Cheki9efU.roa
Signing time: Sat 01 Jan 2022 05:55:49 +0000
ROA not before: Sat 01 Jan 2022 05:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8454
IP address blocks: 91.213.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100969860 (0x604ad84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Validity
Not Before: Jan 1 05:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ac858e5210beb450b4da6e0eb90a17a48bd79f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c8:ed:f6:ec:4b:7e:84:62:9f:45:28:a4:4b:
e5:79:89:4d:eb:62:3b:8f:3e:2d:1b:e9:d3:26:8d:
92:19:b0:75:b9:12:09:53:08:62:00:fa:fb:45:1f:
92:36:1a:1d:e8:9c:c0:8e:4c:04:fd:24:b7:94:43:
75:a8:fb:ba:cf:81:9e:6b:9d:f9:8d:7b:5b:87:9d:
88:e8:be:c3:41:2b:cc:8a:61:f2:35:c8:8c:76:4a:
cc:2d:15:30:70:88:70:b1:ef:35:5b:0c:76:92:eb:
85:1c:27:0f:03:71:d6:bd:1d:fe:5b:c0:96:d8:99:
42:17:7e:fa:70:74:99:0f:ea:df:ad:3a:d1:19:41:
74:2c:6e:99:82:16:71:d7:3b:1f:c9:f8:0a:54:5a:
7f:36:81:03:34:7c:26:e7:19:c2:cc:ba:e0:df:c0:
b2:94:bf:0c:48:cf:77:27:76:99:3a:1e:5e:d5:33:
1f:12:e1:bf:09:e2:70:f9:ed:39:b1:bc:36:81:18:
46:77:40:79:8e:6b:5c:6d:90:8a:5e:f4:0d:ed:91:
eb:85:b0:b6:0c:6e:39:49:fd:bf:c7:60:13:50:90:
8d:38:2f:5f:27:b1:53:04:ae:8d:0a:d4:e9:49:bd:
54:42:14:c1:61:6b:26:6a:7f:01:81:69:ef:53:4c:
e1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C8:58:E5:21:0B:EB:45:0B:4D:A6:E0:EB:90:A1:7A:48:BD:79:F5
X509v3 Authority Key Identifier:
keyid:3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/CshY5SEL60ULTabg65Cheki9efU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.98.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a4:a6:be:c2:fd:59:85:21:94:e3:e3:ef:dd:22:c2:42:0d:
d7:07:53:c5:de:44:80:c9:ca:c4:d9:c4:da:b8:05:fd:70:5f:
9f:94:fd:45:51:86:c7:b0:c9:49:85:19:60:41:b1:9a:52:40:
aa:63:78:ac:3d:ac:e4:81:75:6e:1c:b9:c2:4f:fb:7d:b3:00:
59:5b:fe:f8:a6:24:75:36:e6:e5:95:84:96:34:43:ae:ab:5f:
08:44:a2:41:05:5e:95:b3:fa:14:27:6d:0c:30:0a:8e:fb:65:
1e:fc:88:51:91:1b:5d:24:f4:d6:16:40:57:9a:e2:99:10:e9:
b8:3a:90:a3:81:7a:11:96:d8:7a:bd:da:bb:7e:5e:6b:aa:04:
16:64:53:a7:f4:0c:9f:12:9f:c9:c6:54:07:79:ea:db:5b:82:
1e:26:a3:cb:4d:ca:6a:7b:32:ab:f8:9d:d2:c3:bc:b5:8c:8e:
fc:0e:c0:69:43:d8:da:45:53:48:e5:91:f1:fc:57:b5:63:39:
17:f3:43:a0:6d:b5:e5:95:7b:4b:27:be:81:e1:ce:1f:da:13:
53:63:c2:35:b3:f5:20:bc:5c:46:2a:71:58:4b:2f:da:4e:49:
ef:dd:b8:d4:23:be:d2:02:d5:30:34:2e:f8:11:2a:79:3f:5e:
77:51:6e:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBgSthDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmZjY2Q0YTAwNDIyYzg2NWY1MDkzYjg1YmI4NjhjMmJiMzBjNDY5MB4XDTIyMDEw
MTA1NTU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFjODU4ZTUyMTBi
ZWI0NTBiNGRhNmUwZWI5MGExN2E0OGJkNzlmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/I7fbsS36EYp9FKKRL5XmJTetiO48+LRvp0yaNkhmwdbkS
CVMIYgD6+0UfkjYaHeicwI5MBP0kt5RDdaj7us+Bnmud+Y17W4ediOi+w0ErzIph
8jXIjHZKzC0VMHCIcLHvNVsMdpLrhRwnDwNx1r0d/lvAltiZQhd++nB0mQ/q3606
0RlBdCxumYIWcdc7H8n4ClRafzaBAzR8JucZwsy64N/AspS/DEjPdyd2mToeXtUz
HxLhvwnicPntObG8NoEYRndAeY5rXG2Qil70De2R64WwtgxuOUn9v8dgE1CQjTgv
XyexUwSujQrU6Um9VEIUwWFrJmp/AYFp71NM4U0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKyFjlIQvrRQtNpuDrkKF6SL159TAfBgNVHSMEGDAWgBQ7/M1KAEIshl9Q
k7hbuGjCuzDEaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09fek5TZ0JDTElaZlVKTzRXN2hvd3Jzd3hHay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmE3MGYyLWI3YWMtNDM0Ni05ZDA4LTYzYWUwYmZjMTY5Zi8x
L0NzaFk1U0VMNjBVTFRhYmc2NUNoZWtpOWVmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmE3MGYyLWI3YWMtNDM0Ni05ZDA4LTYzYWUwYmZjMTY5Zi8xL09fek5TZ0JDTEla
ZlVKTzRXN2hvd3Jzd3hHay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvVYjANBgkqhkiG9w0BAQsFAAOC
AQEAhqSmvsL9WYUhlOPj790iwkIN1wdTxd5EgMnKxNnE2rgF/XBfn5T9RVGGx7DJ
SYUZYEGxmlJAqmN4rD2s5IF1bhy5wk/7fbMAWVv++KYkdTbm5ZWEljRDrqtfCESi
QQVelbP6FCdtDDAKjvtlHvyIUZEbXST01hZAV5rimRDpuDqQo4F6EZbYer3au35e
a6oEFmRTp/QMnxKfycZUB3nq21uCHiajy03Kansyq/id0sO8tYyO/A7AaUPY2kVT
SOWR8fxXtWM5F/NDoG215ZV7Sye+geHOH9oTU2PCNbP1ILxcRipxWEsv2k5J7924
1CO+0gLVMDQu+BEqeT9ed1Fufg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:54 2024 by rpki-client on console-fra.rpki-client.org