Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/gxv84kdQfE6QqjlDF_PxanbMkyQ.roa
File: gxv84kdQfE6QqjlDF_PxanbMkyQ.roa (raw, json)
Hash identifier: TK1WYhDsl7rpHHDEH0wyrW+SUZmrkv/GCZCOsOp7Hcg=
Subject key identifier: 83:1B:FC:E2:47:50:7C:4E:90:AA:39:43:17:F3:F1:6A:76:CC:93:24
Certificate issuer: /CN=a8707679223c883fed7f7c79ff2f293bff8730b5
Certificate serial: 018ACB946F62B2ACD0E24FCD225B241052CB
Authority key identifier: A8:70:76:79:22:3C:88:3F:ED:7F:7C:79:FF:2F:29:3B:FF:87:30:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHB2eSI8iD_tf3x5_y8pO_-HMLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/gxv84kdQfE6QqjlDF_PxanbMkyQ.roa
Signing time: Mon 25 Sep 2023 09:03:37 +0000
ROA not before: Mon 25 Sep 2023 09:03:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51752
IP address blocks: 91.220.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:94:6f:62:b2:ac:d0:e2:4f:cd:22:5b:24:10:52:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8707679223c883fed7f7c79ff2f293bff8730b5
Validity
Not Before: Sep 25 09:03:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=831bfce247507c4e90aa394317f3f16a76cc9324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e2:7d:14:a0:de:b4:22:e5:13:86:c3:c0:12:
35:13:cf:7e:c5:ef:a1:7e:ec:b2:ec:18:79:a1:95:
4e:a5:71:4e:c9:8f:30:21:ac:f0:0f:fe:a1:91:cf:
3c:92:a1:3b:42:54:c7:b4:9b:8e:2f:df:88:44:11:
ed:9d:c0:3a:63:55:7a:45:28:ad:51:e0:0b:6b:07:
ef:9f:de:76:12:77:3b:6d:62:f0:dc:24:f8:09:d8:
46:cf:bb:50:d3:5e:f3:a5:62:91:14:f5:63:96:5f:
89:66:34:5b:16:08:50:42:ac:83:d1:39:51:d6:15:
ee:dc:28:5e:71:64:a4:e3:89:b0:18:c8:46:26:24:
f2:3e:60:19:26:f2:2c:59:fd:b9:29:0d:a6:ed:b1:
42:74:75:5f:09:8d:e5:f0:91:43:7d:50:b1:b9:d8:
f1:e5:0e:99:97:83:d3:eb:18:38:7b:63:d8:c5:b8:
e5:26:6f:02:14:8c:48:e5:8a:f4:fe:6e:8a:f3:27:
bd:dd:ff:37:86:46:61:e1:ed:8f:ae:2b:c2:b7:ba:
fd:59:e3:f2:6b:15:af:90:51:c3:43:3c:79:60:8b:
d1:84:db:e3:77:b5:72:f0:80:96:a1:02:72:4f:5c:
cb:7e:49:8d:65:d8:27:20:07:94:20:b0:52:f3:ac:
0e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1B:FC:E2:47:50:7C:4E:90:AA:39:43:17:F3:F1:6A:76:CC:93:24
X509v3 Authority Key Identifier:
keyid:A8:70:76:79:22:3C:88:3F:ED:7F:7C:79:FF:2F:29:3B:FF:87:30:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHB2eSI8iD_tf3x5_y8pO_-HMLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/gxv84kdQfE6QqjlDF_PxanbMkyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/qHB2eSI8iD_tf3x5_y8pO_-HMLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.88.0/24
Signature Algorithm: sha256WithRSAEncryption
57:aa:d6:1d:ff:0d:f2:ff:7f:11:fc:a1:fc:1c:4f:40:53:6a:
55:e9:2a:49:78:a2:e6:97:54:9b:12:4f:b5:ee:a7:e9:ca:a3:
6f:46:e0:04:b7:2b:0e:07:38:8a:b9:2c:fc:ac:07:eb:41:d8:
6f:8b:f0:98:92:f3:4b:0e:83:73:ce:9c:70:97:a9:9e:7e:b9:
4c:7e:38:fa:e5:ca:a8:b5:b2:54:6a:5d:6e:ff:4f:21:99:ad:
6b:ef:ec:ee:b0:ae:eb:2a:c4:8b:a6:ef:6a:20:90:8b:07:ad:
38:14:3b:cd:b2:f0:b6:61:81:f4:63:d7:4c:5e:3a:61:ef:a3:
81:09:e0:c7:3d:47:a6:c4:16:f0:db:19:d1:83:00:30:ff:53:
c0:99:b0:f7:78:b3:92:e6:7c:85:21:61:8c:73:33:ac:25:e8:
91:aa:e3:c1:cf:ed:9b:85:c1:e7:67:b1:57:e5:cc:aa:74:36:
d9:85:11:d0:f7:c7:21:be:fb:6c:22:3e:de:81:e0:de:19:4e:
35:a1:79:3b:05:5c:f8:7a:24:bf:44:85:f9:d7:14:71:84:a8:
58:ba:29:2f:b0:25:b9:7e:ea:4e:fe:90:15:ba:cd:1a:8b:61:
6c:d8:e8:f8:7b:85:ad:28:8e:5c:88:2a:49:85:58:5a:93:51:
28:a2:81:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrLlG9isqzQ4k/NIlskEFLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA3Njc5MjIzYzg4M2ZlZDdmN2M3OWZmMmYyOTNiZmY4
NzMwYjUwHhcNMjMwOTI1MDkwMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFiZmNlMjQ3NTA3YzRlOTBhYTM5NDMxN2YzZjE2YTc2Y2M5MzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuJ9FKDetCLlE4bDwBI1E89+xe+h
fuyy7Bh5oZVOpXFOyY8wIazwD/6hkc88kqE7QlTHtJuOL9+IRBHtncA6Y1V6RSit
UeALawfvn952Enc7bWLw3CT4CdhGz7tQ017zpWKRFPVjll+JZjRbFghQQqyD0TlR
1hXu3ChecWSk44mwGMhGJiTyPmAZJvIsWf25KQ2m7bFCdHVfCY3l8JFDfVCxudjx
5Q6Zl4PT6xg4e2PYxbjlJm8CFIxI5Yr0/m6K8ye93f83hkZh4e2PrivCt7r9WePy
axWvkFHDQzx5YIvRhNvjd7Vy8ICWoQJyT1zLfkmNZdgnIAeUILBS86wOBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMb/OJHUHxOkKo5Qxfz8Wp2zJMkMB8GA1UdIwQY
MBaAFKhwdnkiPIg/7X98ef8vKTv/hzC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhCMmVTSThpRF90ZjN4NV95OHBPXy1ITUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9kYjk4NjYtZGJmNi00Mjk0LTk0Yjkt
NDA3ZmVmNjljZmI4LzEvZ3h2ODRrZFFmRTZRcWpsREZfUHhhbmJNa3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9kYjk4NjYtZGJmNi00Mjk0LTk0YjktNDA3ZmVmNjljZmI4
LzEvcUhCMmVTSThpRF90ZjN4NV95OHBPXy1ITUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xYMA0G
CSqGSIb3DQEBCwUAA4IBAQBXqtYd/w3y/38R/KH8HE9AU2pV6SpJeKLml1SbEk+1
7qfpyqNvRuAEtysOBziKuSz8rAfrQdhvi/CYkvNLDoNzzpxwl6mefrlMfjj65cqo
tbJUal1u/08hma1r7+zusK7rKsSLpu9qIJCLB604FDvNsvC2YYH0Y9dMXjph76OB
CeDHPUemxBbw2xnRgwAw/1PAmbD3eLOS5nyFIWGMczOsJeiRquPBz+2bhcHnZ7FX
5cyqdDbZhRHQ98chvvtsIj7egeDeGU41oXk7BVz4eiS/RIX51xRxhKhYuikvsCW5
fupO/pAVus0ai2Fs2Oj4e4WtKI5ciCpJhVhak1EoooGK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:43 2025 by rpki-client