Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/kYks2Xi7EiNECcrgOB1jtwck7ks.roa
File: kYks2Xi7EiNECcrgOB1jtwck7ks.roa (raw, json)
Hash identifier: 5sTtCYg3JmldKnlHKhhM8kdI6tCMBnk9d4UsKNCjPWM=
Subject key identifier: 91:89:2C:D9:78:BB:12:23:44:09:CA:E0:38:1D:63:B7:07:24:EE:4B
Certificate issuer: /CN=8796b1c31fdde2bd5e98f8fbb7798abc47493cf2
Certificate serial: 0183EB8DF4CD5559CC24B8360E76336F97C5
Authority key identifier: 87:96:B1:C3:1F:DD:E2:BD:5E:98:F8:FB:B7:79:8A:BC:47:49:3C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5axwx_d4r1emPj7t3mKvEdJPPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/kYks2Xi7EiNECcrgOB1jtwck7ks.roa
Signing time: Tue 18 Oct 2022 14:44:52 +0000
ROA not before: Tue 18 Oct 2022 14:44:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8792
IP address blocks: 91.220.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:8d:f4:cd:55:59:cc:24:b8:36:0e:76:33:6f:97:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8796b1c31fdde2bd5e98f8fbb7798abc47493cf2
Validity
Not Before: Oct 18 14:44:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91892cd978bb12234409cae0381d63b70724ee4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:14:aa:c5:c2:c4:e2:50:0a:75:e6:c2:f7:7f:
9c:56:3c:6b:0e:32:4a:31:db:4e:d4:04:1b:c6:e5:
c7:65:af:47:99:a1:19:82:42:03:f9:0c:f1:95:c1:
d3:20:09:f4:2c:e2:79:11:e0:9a:61:18:1b:9f:43:
33:8e:a1:c4:e4:98:dc:53:4e:f0:1b:1d:0a:e8:58:
eb:0e:29:75:8a:4a:7b:47:ca:08:70:20:47:b9:fd:
c1:7a:c7:82:89:39:ab:35:37:cc:8b:53:d8:3b:79:
59:3f:c7:4e:da:91:57:40:b4:50:f4:d1:a8:77:bc:
dd:6c:2e:95:89:4a:20:73:b4:ae:f2:f7:17:15:b7:
77:3c:aa:9d:94:9c:5e:63:b2:da:bc:c1:eb:81:cb:
86:0a:d2:89:ad:5a:e3:9e:e0:28:10:b4:ab:56:c5:
f1:73:22:50:d8:bb:cb:55:1a:62:34:fc:1f:79:87:
8f:66:34:5a:d3:43:42:2e:33:1d:4f:a8:fb:1e:97:
cf:ef:47:fc:51:96:58:2d:15:a8:6b:79:c8:59:9e:
a1:a8:b5:db:40:02:40:87:7a:ed:ab:47:fb:b2:67:
25:e2:93:63:7e:5e:87:02:ba:16:dd:92:c7:d3:27:
3b:fc:b0:d0:df:fd:9c:47:26:12:88:61:71:1c:c3:
84:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:89:2C:D9:78:BB:12:23:44:09:CA:E0:38:1D:63:B7:07:24:EE:4B
X509v3 Authority Key Identifier:
keyid:87:96:B1:C3:1F:DD:E2:BD:5E:98:F8:FB:B7:79:8A:BC:47:49:3C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5axwx_d4r1emPj7t3mKvEdJPPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/kYks2Xi7EiNECcrgOB1jtwck7ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/h5axwx_d4r1emPj7t3mKvEdJPPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.134.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:aa:d6:d4:a7:1e:ce:48:89:93:32:b3:04:b2:d3:01:1d:8a:
3b:49:39:64:39:3b:cb:d6:5f:25:79:cc:7e:af:b8:7d:0a:49:
d5:8a:6c:66:12:73:42:64:0e:d0:61:95:2d:38:49:ee:d3:6b:
cd:bf:3d:ad:95:a0:a2:33:9d:4a:0c:70:81:ef:27:22:7e:14:
4b:82:53:63:e7:7a:39:38:fc:1f:79:1a:8c:fc:e2:e2:3c:c3:
31:d2:67:f5:5b:7f:88:dd:bf:25:c9:15:f1:19:0b:83:d2:12:
d2:fc:49:ba:cd:d9:5f:04:1d:6c:df:e6:08:e6:ef:cb:f6:65:
2d:aa:a1:a4:c3:14:a1:07:d8:32:f6:82:cc:ef:11:48:16:18:
c3:6a:08:b6:79:73:a2:2b:0a:fc:b8:26:d2:34:46:6f:3c:12:
e8:2a:85:90:20:ec:22:fc:30:e7:48:d3:85:76:e7:44:b3:5b:
bf:bd:b4:ea:2e:74:65:43:d2:d0:01:7e:11:77:25:67:7c:87:
99:dc:6e:1c:4c:1c:dc:09:a5:5c:72:4b:79:ac:aa:27:41:0c:
0d:47:47:8d:7b:f8:d8:c5:ac:1e:e4:08:1d:50:e7:11:ae:55:
17:24:4f:93:37:e4:10:4b:28:be:1a:29:73:80:53:41:9d:89:
5d:05:da:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPrjfTNVVnMJLg2DnYzb5fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTZiMWMzMWZkZGUyYmQ1ZTk4ZjhmYmI3Nzk4YWJjNDc0
OTNjZjIwHhcNMjIxMDE4MTQ0NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTg5MmNkOTc4YmIxMjIzNDQwOWNhZTAzODFkNjNiNzA3MjRlZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRSqxcLE4lAKdebC93+cVjxrDjJK
MdtO1AQbxuXHZa9HmaEZgkID+QzxlcHTIAn0LOJ5EeCaYRgbn0MzjqHE5JjcU07w
Gx0K6FjrDil1ikp7R8oIcCBHuf3BeseCiTmrNTfMi1PYO3lZP8dO2pFXQLRQ9NGo
d7zdbC6ViUogc7Su8vcXFbd3PKqdlJxeY7LavMHrgcuGCtKJrVrjnuAoELSrVsXx
cyJQ2LvLVRpiNPwfeYePZjRa00NCLjMdT6j7HpfP70f8UZZYLRWoa3nIWZ6hqLXb
QAJAh3rtq0f7smcl4pNjfl6HAroW3ZLH0yc7/LDQ3/2cRyYSiGFxHMOEtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGJLNl4uxIjRAnK4DgdY7cHJO5LMB8GA1UdIwQY
MBaAFIeWscMf3eK9Xpj4+7d5irxHSTzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVheHd4X2Q0cjFlbVBqN3QzbUt2RWRKUFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8yMzQzYTMtZDBmMi00ZThhLTg3ZDQt
NGFlMzMwNmRhNzkzLzEva1lrczJYaTdFaU5FQ2NyZ09CMWp0d2NrN2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8yMzQzYTMtZDBmMi00ZThhLTg3ZDQtNGFlMzMwNmRhNzkz
LzEvaDVheHd4X2Q0cjFlbVBqN3QzbUt2RWRKUFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yGMA0G
CSqGSIb3DQEBCwUAA4IBAQALqtbUpx7OSImTMrMEstMBHYo7STlkOTvL1l8lecx+
r7h9CknVimxmEnNCZA7QYZUtOEnu02vNvz2tlaCiM51KDHCB7ycifhRLglNj53o5
OPwfeRqM/OLiPMMx0mf1W3+I3b8lyRXxGQuD0hLS/Em6zdlfBB1s3+YI5u/L9mUt
qqGkwxShB9gy9oLM7xFIFhjDagi2eXOiKwr8uCbSNEZvPBLoKoWQIOwi/DDnSNOF
dudEs1u/vbTqLnRlQ9LQAX4RdyVnfIeZ3G4cTBzcCaVcckt5rKonQQwNR0eNe/jY
xawe5AgdUOcRrlUXJE+TN+QQSyi+GilzgFNBnYldBdp+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:44 2024 by rpki-client on console-ams.rpki-client.org