Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/DL6VAx_Du75Qo2-6vCyvyqaflkY.roa
File: DL6VAx_Du75Qo2-6vCyvyqaflkY.roa (raw, json)
Hash identifier: gNQTQ31eqWsuabdxxrkiN7evj4BWV7CENBTd5dNXpRY=
Subject key identifier: 0C:BE:95:03:1F:C3:BB:BE:50:A3:6F:BA:BC:2C:AF:CA:A6:9F:96:46
Certificate issuer: /CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Certificate serial: 0182E85A04FF6F6993B11FC9CAF0F187FFEE
Authority key identifier: 9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/DL6VAx_Du75Qo2-6vCyvyqaflkY.roa
Signing time: Mon 29 Aug 2022 06:46:29 +0000
ROA not before: Mon 29 Aug 2022 06:46:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34773
IP address blocks: 91.233.121.0/24 maxlen: 24
2a0a:1b84::/32 maxlen: 32
2a0a:1b82::/32 maxlen: 32
2a0a:1b80::/32 maxlen: 32
2a0a:1b86::/32 maxlen: 32
2a0a:1b85::/32 maxlen: 32
2a0a:1b83::/32 maxlen: 32
2a0a:1b87::/32 maxlen: 32
2a0a:1b81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:5a:04:ff:6f:69:93:b1:1f:c9:ca:f0:f1:87:ff:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Validity
Not Before: Aug 29 06:46:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cbe95031fc3bbbe50a36fbabc2cafcaa69f9646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d7:69:89:58:44:dc:71:3e:d6:44:e6:70:1c:
e2:93:f2:da:19:aa:3e:c5:9f:86:f9:97:af:ec:00:
2a:b7:ad:20:c7:fb:32:2d:a6:b8:69:09:9a:ee:0f:
c1:2a:c2:a8:55:96:3c:39:7a:b9:f1:16:ad:26:d9:
9c:e1:9b:74:78:b5:53:9e:8c:82:2a:4d:02:fd:d0:
ec:e7:16:45:cb:01:a4:98:c2:b5:76:18:28:02:3d:
8e:47:de:a8:88:33:9f:61:b6:e9:c1:08:7c:3f:11:
d7:34:0c:25:57:97:72:83:11:27:6c:0d:dc:07:6f:
d9:95:c4:0a:5a:a0:ea:91:54:cb:36:e5:d4:df:86:
a4:29:9f:b9:f2:7a:5a:cd:92:b5:f2:7d:3c:a9:c2:
c3:88:c5:39:0c:01:73:c4:8b:41:27:91:2d:77:f1:
b1:61:c9:5c:38:c2:f3:a0:3b:52:91:75:e6:9c:45:
c7:ca:32:f8:76:72:03:28:39:7d:2c:6f:e5:46:94:
1c:ac:99:7c:c9:7e:d5:ee:15:90:da:db:d8:6d:81:
ba:94:a9:e6:a1:01:37:96:fc:f8:4f:29:00:0c:d5:
f5:19:d3:4a:84:c4:5e:8c:a4:62:21:b5:a5:05:6e:
97:5a:a7:d7:af:e1:44:26:1b:ab:97:25:6e:85:a6:
d8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:BE:95:03:1F:C3:BB:BE:50:A3:6F:BA:BC:2C:AF:CA:A6:9F:96:46
X509v3 Authority Key Identifier:
keyid:9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/DL6VAx_Du75Qo2-6vCyvyqaflkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.121.0/24
IPv6:
2a0a:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
8a:8e:88:d0:a3:2c:a9:f2:70:5b:a0:e6:78:38:eb:97:d3:8c:
91:78:5b:db:7d:99:b7:3c:30:26:ad:56:ab:61:68:e2:98:96:
27:d3:3a:78:de:5b:6e:d5:05:be:4b:47:e7:54:80:2a:a6:b1:
1a:a9:f8:de:b1:e7:71:7c:0e:53:c8:0f:3b:24:ea:2f:2d:41:
72:98:a6:8b:60:f5:d9:b9:f2:4e:c0:27:38:15:f1:32:15:e4:
08:64:cf:ed:7f:d2:ba:58:40:b5:ef:ff:c5:73:55:4e:79:01:
0a:1d:ae:9b:db:5c:34:2c:ec:b0:81:53:ec:d1:b0:6e:2e:06:
6b:fd:40:eb:de:ac:45:1b:76:92:19:10:95:dd:02:55:fe:26:
68:4e:5a:86:53:c1:41:72:cd:73:8a:5e:91:14:77:1c:b7:55:
19:53:39:d9:aa:8c:b8:a6:07:48:be:5f:98:ce:73:28:73:6e:
de:83:2e:7d:13:f7:a7:4a:46:14:d9:b7:f9:d5:d0:eb:44:89:
2c:c3:dc:f1:36:a7:d6:d5:54:ec:57:19:f8:70:dd:a0:26:d5:
aa:7b:a9:6d:e4:7f:b1:2e:f2:5e:d4:b7:8d:e1:9a:60:e5:a2:
d6:03:52:50:dc:d9:66:c6:35:44:61:46:a9:32:04:bc:b8:e5:
d9:8b:29:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLoWgT/b2mTsR/JyvDxh//uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWFlZDk5MTNmODg4MGFmNzU1N2VlZjNlZjAyZDZlMGZm
M2ZkNDkwHhcNMjIwODI5MDY0NjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2JlOTUwMzFmYzNiYmJlNTBhMzZmYmFiYzJjYWZjYWE2OWY5NjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9dpiVhE3HE+1kTmcBzik/LaGao+
xZ+G+Zev7AAqt60gx/syLaa4aQma7g/BKsKoVZY8OXq58RatJtmc4Zt0eLVTnoyC
Kk0C/dDs5xZFywGkmMK1dhgoAj2OR96oiDOfYbbpwQh8PxHXNAwlV5dygxEnbA3c
B2/ZlcQKWqDqkVTLNuXU34akKZ+58npazZK18n08qcLDiMU5DAFzxItBJ5Etd/Gx
YclcOMLzoDtSkXXmnEXHyjL4dnIDKDl9LG/lRpQcrJl8yX7V7hWQ2tvYbYG6lKnm
oQE3lvz4TykADNX1GdNKhMRejKRiIbWlBW6XWqfXr+FEJhurlyVuhabYXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAy+lQMfw7u+UKNvurwsr8qmn5ZGMB8GA1UdIwQY
MBaAFJwa7ZkT+IgK91V+7z7wLW4P8/1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2Et
NWU2MjRhMzAzOGNmLzEvREw2VkF4X0R1NzVRbzItNnZDeXZ5cWFmbGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2EtNWU2MjRhMzAzOGNm
LzEvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l5MA0E
AgACMAcDBQMqChuAMA0GCSqGSIb3DQEBCwUAA4IBAQCKjojQoyyp8nBboOZ4OOuX
04yReFvbfZm3PDAmrVarYWjimJYn0zp43ltu1QW+S0fnVIAqprEaqfjesedxfA5T
yA87JOovLUFymKaLYPXZufJOwCc4FfEyFeQIZM/tf9K6WEC17//Fc1VOeQEKHa6b
21w0LOywgVPs0bBuLgZr/UDr3qxFG3aSGRCV3QJV/iZoTlqGU8FBcs1zil6RFHcc
t1UZUznZqoy4pgdIvl+YznMoc27egy59E/enSkYU2bf51dDrRIksw9zxNqfW1VTs
Vxn4cN2gJtWqe6lt5H+xLvJe1LeN4Zpg5aLWA1JQ3NlmxjVEYUapMgS8uOXZiykJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:06 2024 by rpki-client on console-fra.rpki-client.org