Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/lqeutvtiLlgzZMXRpMtA-vnsyUY.roa
File: lqeutvtiLlgzZMXRpMtA-vnsyUY.roa (raw, json)
Hash identifier: l6gMUi3YFLTJxb7Ctp5nYc/IzyMaT/FuJ9Qjm1FA3y8=
Subject key identifier: 96:A7:AE:B6:FB:62:2E:58:33:64:C5:D1:A4:CB:40:FA:F9:EC:C9:46
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 018460CD64FB7C539D51EBC9422D826E1A12
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/lqeutvtiLlgzZMXRpMtA-vnsyUY.roa
Signing time: Thu 10 Nov 2022 09:09:44 +0000
ROA not before: Thu 10 Nov 2022 09:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59729
IP address blocks: 91.232.8.0/22 maxlen: 24
91.218.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:cd:64:fb:7c:53:9d:51:eb:c9:42:2d:82:6e:1a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Nov 10 09:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96a7aeb6fb622e583364c5d1a4cb40faf9ecc946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e2:d8:cd:04:4b:35:4b:16:8b:c6:01:ea:7c:
85:62:f3:31:1f:64:d0:2e:97:80:1d:f8:6b:91:51:
1c:19:fc:60:48:df:b0:8f:7b:28:7b:f4:4a:1a:2f:
8c:72:1a:55:51:4d:a4:f9:93:49:51:df:42:c3:09:
39:03:ec:38:4e:f3:45:21:ff:4e:0b:51:ff:38:ea:
26:ae:fd:09:d8:52:a1:f5:49:2d:da:b8:7e:16:92:
01:ed:5c:9d:4b:11:58:38:26:0e:fa:a8:e4:9f:28:
31:6f:54:04:1c:50:36:ea:01:87:97:1a:2e:15:40:
02:76:20:7d:28:af:49:52:f3:94:79:f7:0e:c7:77:
2b:2b:27:b9:30:1b:c8:c1:9c:d1:ef:ee:af:54:44:
a6:56:bc:b7:1e:d3:37:98:43:d1:3a:70:30:c4:ff:
0b:68:c3:27:dc:0c:26:05:c5:3a:d7:5c:ba:26:95:
67:d3:6b:bc:ff:b5:a3:b3:dd:9d:8f:d9:b9:52:54:
44:7c:c1:2f:bd:1d:28:eb:84:8f:74:29:c1:a9:04:
4b:e4:c2:6d:37:72:b1:4c:47:89:13:6f:8b:e2:c5:
f1:3d:54:d4:e5:a7:90:dc:39:2a:83:03:9c:e8:15:
f4:d2:54:d1:28:fc:65:0f:5b:aa:b0:d6:af:43:93:
4a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A7:AE:B6:FB:62:2E:58:33:64:C5:D1:A4:CB:40:FA:F9:EC:C9:46
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/lqeutvtiLlgzZMXRpMtA-vnsyUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.176.0/22
91.232.8.0/22
Signature Algorithm: sha256WithRSAEncryption
32:3a:da:27:a0:66:01:f3:ab:08:31:28:2e:65:80:14:8e:cb:
20:bd:29:a0:65:3a:51:41:f6:30:2a:fa:b0:0e:08:d0:42:c1:
01:0a:82:76:76:ac:fe:b4:b8:20:2b:2c:c9:c2:18:1f:e3:66:
f9:be:fb:f9:9a:62:18:f2:27:88:38:79:dc:20:e3:15:7f:6a:
fc:1f:8f:66:ba:60:5f:6d:32:f5:3b:1d:a4:1c:ee:38:ab:9d:
51:95:b8:87:1d:dd:27:95:9c:f2:5b:60:60:c1:d1:12:55:21:
b9:86:1e:e7:57:c7:60:da:0c:1d:dc:2b:22:93:75:6c:32:c6:
66:94:1f:6b:f9:08:c8:93:1f:90:e3:f5:ee:c9:36:63:63:62:
10:aa:11:ae:a3:00:81:32:5f:13:41:84:8a:fb:64:ad:79:99:
b2:c8:a3:27:72:1f:6b:ce:25:09:e8:d9:9b:96:39:eb:02:4a:
81:2c:f1:20:4b:71:d6:72:ae:6f:b1:a5:9e:2a:00:cf:7b:20:
b7:4b:01:61:72:68:44:44:2c:cf:57:e5:fd:43:2e:db:ed:71:
85:c1:25:ab:3b:24:9b:59:53:90:0e:e4:ad:da:60:e6:00:90:
28:42:19:33:56:3f:04:f2:9c:c4:9f:34:43:86:b4:c7:fc:ae:
53:59:db:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRgzWT7fFOdUevJQi2CbhoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjIxMTEwMDkwOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmE3YWViNmZiNjIyZTU4MzM2NGM1ZDFhNGNiNDBmYWY5ZWNjOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguLYzQRLNUsWi8YB6nyFYvMxH2TQ
LpeAHfhrkVEcGfxgSN+wj3soe/RKGi+MchpVUU2k+ZNJUd9Cwwk5A+w4TvNFIf9O
C1H/OOomrv0J2FKh9Ukt2rh+FpIB7VydSxFYOCYO+qjknygxb1QEHFA26gGHlxou
FUACdiB9KK9JUvOUefcOx3crKye5MBvIwZzR7+6vVESmVry3HtM3mEPROnAwxP8L
aMMn3AwmBcU611y6JpVn02u8/7Wjs92dj9m5UlREfMEvvR0o64SPdCnBqQRL5MJt
N3KxTEeJE2+L4sXxPVTU5aeQ3DkqgwOc6BX00lTRKPxlD1uqsNavQ5NKDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJanrrb7Yi5YM2TF0aTLQPr57MlGMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvbHFldXR2dGlMbGd6Wk1YUnBNdEEtdm5zeVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9qwAwQC
W+gIMA0GCSqGSIb3DQEBCwUAA4IBAQAyOtonoGYB86sIMSguZYAUjssgvSmgZTpR
QfYwKvqwDgjQQsEBCoJ2dqz+tLggKyzJwhgf42b5vvv5mmIY8ieIOHncIOMVf2r8
H49mumBfbTL1Ox2kHO44q51RlbiHHd0nlZzyW2BgwdESVSG5hh7nV8dg2gwd3Csi
k3VsMsZmlB9r+QjIkx+Q4/XuyTZjY2IQqhGuowCBMl8TQYSK+2SteZmyyKMnch9r
ziUJ6NmbljnrAkqBLPEgS3HWcq5vsaWeKgDPeyC3SwFhcmhERCzPV+X9Qy7b7XGF
wSWrOySbWVOQDuSt2mDmAJAoQhkzVj8E8pzEnzRDhrTH/K5TWdu4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:47 2023 by rpki-client on console-fra.rpki-client.org