Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/DdQV_xdHnVN58Z5kbaMjYUVl-Yc.roa
File: DdQV_xdHnVN58Z5kbaMjYUVl-Yc.roa (raw, json)
Hash identifier: MNCY4eYJO2cmnBvLyRehYkZcJcHz2TwHJhRnjWqpVXU=
Subject key identifier: 0D:D4:15:FF:17:47:9D:53:79:F1:9E:64:6D:A3:23:61:45:65:F9:87
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0184A05D8C0D64B9259A63B10CC9CB9A822B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/DdQV_xdHnVN58Z5kbaMjYUVl-Yc.roa
Signing time: Tue 22 Nov 2022 17:23:16 +0000
ROA not before: Tue 22 Nov 2022 17:23:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133296
IP address blocks: 91.225.14.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.136.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a0:5d:8c:0d:64:b9:25:9a:63:b1:0c:c9:cb:9a:82:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Nov 22 17:23:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dd415ff17479d5379f19e646da323614565f987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:26:43:8c:1d:fc:02:ce:e6:b4:a5:32:69:ef:
48:3a:aa:fa:77:d0:34:1c:fd:61:79:f0:f7:d7:16:
1f:6c:41:ad:96:62:f8:69:e9:8a:10:ba:22:82:7b:
18:23:2d:1c:0f:0b:ae:e3:03:94:68:00:2b:70:8b:
f8:54:dd:87:f7:29:79:76:71:ca:fc:2c:d7:8f:97:
85:5e:40:f5:57:70:83:ea:19:0a:c7:d0:14:6d:ed:
6a:58:a8:ce:c9:ea:ec:18:6d:6f:10:e5:fe:95:c8:
58:1b:3e:e5:0c:7a:d8:40:fb:ec:6b:0a:c8:d4:98:
9a:33:8e:c2:28:bc:e0:47:7e:03:b4:11:41:1e:14:
5f:28:76:f4:bd:fb:f4:3c:3b:a7:9f:d4:dd:7f:98:
c6:e3:aa:39:bc:96:cd:54:33:62:7d:35:07:20:f2:
ec:65:de:cc:44:09:3c:58:50:01:e6:6a:b2:00:f3:
1a:86:8a:52:40:0b:78:19:0c:31:66:df:4b:23:29:
a0:1f:ae:d2:8f:3d:a2:55:1b:b3:76:fd:68:53:f6:
b9:2f:04:9a:c1:f3:e6:9f:a5:b2:31:9e:10:48:cd:
c4:75:16:d0:58:97:af:e2:77:85:ce:46:c8:60:b8:
4e:7d:34:7d:f5:0c:63:3d:16:35:7d:df:00:e1:7e:
96:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D4:15:FF:17:47:9D:53:79:F1:9E:64:6D:A3:23:61:45:65:F9:87
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/DdQV_xdHnVN58Z5kbaMjYUVl-Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
91.225.14.0/24
91.235.123.0/24
178.157.76.0/24
178.157.108.0/24
185.76.60.0/24
185.76.62.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:da:61:5e:6c:6c:4e:c7:12:5e:67:80:20:7b:61:71:f3:b4:
27:1c:ac:01:2c:cd:79:25:c3:c8:a4:1a:9a:49:6e:7a:12:83:
bb:7c:fc:09:7d:63:ec:c7:94:39:b6:99:ca:b2:76:a9:ba:55:
d4:10:22:68:16:2f:ef:6f:a8:78:c7:69:74:57:01:1e:64:9e:
cc:63:11:b2:4d:a5:b0:ec:e3:fe:67:95:4c:2f:e1:30:f0:9c:
0a:cd:db:64:30:3f:11:d2:2e:c9:e3:30:b0:cd:45:f9:59:43:
09:81:c3:bf:46:96:01:00:5a:1e:8a:93:ec:34:4f:00:23:82:
c7:c6:9d:0f:5a:88:dc:61:37:75:16:5f:77:7a:84:b1:71:66:
d0:cd:83:e1:b1:22:c4:37:45:02:fc:df:95:4c:01:41:29:e8:
ba:22:a7:9b:14:f3:cb:c1:da:d9:c0:37:16:a7:13:35:ad:58:
22:2a:1c:0a:5a:2d:1c:0e:e2:8e:da:ed:1d:d4:79:97:a5:53:
34:01:22:38:7f:d9:41:f2:42:98:53:54:11:b5:87:7a:29:6f:
4f:58:05:b8:6c:17:ad:7f:b2:ba:37:dd:78:c7:e4:c8:34:85:
c1:cc:5b:94:1f:3c:02:70:26:ff:45:06:03:a7:f0:2f:b7:14:
b8:52:32:8c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYSgXYwNZLklmmOxDMnLmoIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIxMTIyMTcyMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ0MTVmZjE3NDc5ZDUzNzlmMTllNjQ2ZGEzMjM2MTQ1NjVmOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCZDjB38As7mtKUyae9IOqr6d9A0
HP1hefD31xYfbEGtlmL4aemKELoignsYIy0cDwuu4wOUaAArcIv4VN2H9yl5dnHK
/CzXj5eFXkD1V3CD6hkKx9AUbe1qWKjOyersGG1vEOX+lchYGz7lDHrYQPvsawrI
1JiaM47CKLzgR34DtBFBHhRfKHb0vfv0PDunn9Tdf5jG46o5vJbNVDNifTUHIPLs
Zd7MRAk8WFAB5mqyAPMahopSQAt4GQwxZt9LIymgH67Sjz2iVRuzdv1oU/a5LwSa
wfPmn6WyMZ4QSM3EdRbQWJev4neFzkbIYLhOfTR99QxjPRY1fd8A4X6WQwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFA3UFf8XR51TefGeZG2jI2FFZfmHMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvRGRRVl94ZEhuVk41OFo1a2JhTWpZVVZsLVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABZ2IAwQA
BZ2LAwQAW+EOAwQAW+t7AwQAsp1MAwQAsp1sAwQAuUw8AwQAuUw+MA0GCSqGSIb3
DQEBCwUAA4IBAQCa2mFebGxOxxJeZ4Age2Fx87QnHKwBLM15JcPIpBqaSW56EoO7
fPwJfWPsx5Q5tpnKsnapulXUECJoFi/vb6h4x2l0VwEeZJ7MYxGyTaWw7OP+Z5VM
L+Ew8JwKzdtkMD8R0i7J4zCwzUX5WUMJgcO/RpYBAFoeipPsNE8AI4LHxp0PWojc
YTd1Fl93eoSxcWbQzYPhsSLEN0UC/N+VTAFBKei6IqebFPPLwdrZwDcWpxM1rVgi
KhwKWi0cDuKO2u0d1HmXpVM0ASI4f9lB8kKYU1QRtYd6KW9PWAW4bBetf7K6N914
x+TINIXBzFuUHzwCcCb/RQYDp/AvtxS4UjKM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org