Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/4923e9-4764-411c-8596-9f4429f3381e/1/cGUPXu6dm1qxxpvsXlyOjCtgfn4.roa
File: cGUPXu6dm1qxxpvsXlyOjCtgfn4.roa (raw, json)
Hash identifier: UVPtUfmZVuenHd/rnUlFBUyn1+Wvx2jFRfyCL3FQVtQ=
Subject key identifier: 70:65:0F:5E:EE:9D:9B:5A:B1:C6:9B:EC:5E:5C:8E:8C:2B:60:7E:7E
Certificate issuer: /CN=39ce4c0abe2785d46a5571852170370423b5c59a
Certificate serial: AB333D
Authority key identifier: 39:CE:4C:0A:BE:27:85:D4:6A:55:71:85:21:70:37:04:23:B5:C5:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oc5MCr4nhdRqVXGFIXA3BCO1xZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/4923e9-4764-411c-8596-9f4429f3381e/1/cGUPXu6dm1qxxpvsXlyOjCtgfn4.roa
Signing time: Thu 24 Mar 2022 09:29:38 +0000
ROA not before: Thu 24 Mar 2022 09:29:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204062
IP address blocks: 91.103.149.0/24 maxlen: 24
91.103.148.0/24 maxlen: 24
91.103.150.0/24 maxlen: 24
185.115.232.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11219773 (0xab333d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39ce4c0abe2785d46a5571852170370423b5c59a
Validity
Not Before: Mar 24 09:29:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70650f5eee9d9b5ab1c69bec5e5c8e8c2b607e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e8:60:80:94:a7:2f:60:d5:98:ae:52:5d:e1:
40:4e:86:fd:b1:58:e8:5c:83:16:9c:99:d5:09:ae:
9a:33:59:66:dc:ea:e6:77:6c:85:95:e8:38:9a:61:
90:94:c8:72:52:bf:cb:e1:00:2f:67:77:ed:a8:e3:
f0:de:14:ac:5c:3f:d4:d3:53:0d:8a:e0:f2:78:75:
86:90:65:86:de:c8:03:f9:f8:01:27:9b:e4:cd:65:
b8:b4:c7:bf:13:af:9d:e9:8d:24:0d:e3:44:c6:11:
8f:3a:3c:40:58:17:ac:a5:9c:fc:28:e8:64:07:63:
9b:1a:ae:09:9c:2d:24:5c:fe:57:d0:0e:f2:9a:89:
d8:2f:40:11:5d:5f:7d:7a:7e:cb:6d:e5:d4:fe:47:
bf:74:24:5a:92:b4:f3:62:06:2b:d0:74:0d:3f:f9:
a3:27:2f:51:11:f8:8a:cd:cd:d1:b3:fa:64:31:2f:
1e:ae:2b:62:f9:b3:46:71:8c:11:f8:36:d1:7c:1c:
33:30:d5:8b:34:1a:22:3d:f3:50:53:27:47:5c:aa:
b8:bc:13:e6:d5:ca:98:e1:8b:0b:2c:b7:cf:83:8b:
fb:1e:61:4a:63:c0:d0:a1:02:e3:eb:b4:7a:cd:2f:
58:48:18:3e:b0:f3:22:6f:31:52:e1:81:08:9d:fc:
84:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:65:0F:5E:EE:9D:9B:5A:B1:C6:9B:EC:5E:5C:8E:8C:2B:60:7E:7E
X509v3 Authority Key Identifier:
keyid:39:CE:4C:0A:BE:27:85:D4:6A:55:71:85:21:70:37:04:23:B5:C5:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oc5MCr4nhdRqVXGFIXA3BCO1xZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/4923e9-4764-411c-8596-9f4429f3381e/1/cGUPXu6dm1qxxpvsXlyOjCtgfn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/4923e9-4764-411c-8596-9f4429f3381e/1/Oc5MCr4nhdRqVXGFIXA3BCO1xZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.148.0-91.103.150.255
185.115.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:b0:c7:da:61:b7:2b:e8:99:2b:94:5f:30:c5:2e:5f:2b:61:
c2:90:34:da:b3:bf:e5:55:b2:18:e5:d7:1c:bb:2e:7f:41:50:
7b:1e:54:c6:47:36:5f:ec:3d:30:c5:26:0b:56:f0:b1:d8:75:
c3:81:83:20:df:65:87:76:fb:99:25:03:2d:e0:28:79:fc:9b:
50:40:5d:31:7c:70:4b:42:f4:7a:f0:28:0d:86:ed:d5:d8:0c:
8a:48:82:1e:36:a6:ce:49:2a:76:4b:12:96:22:01:8a:5f:27:
8f:47:e5:c8:7b:6f:e0:bb:1c:41:cf:73:c8:23:09:8e:31:c0:
b0:8d:91:13:66:21:23:aa:40:0d:a4:42:6a:08:6f:36:6e:54:
ac:98:25:11:67:04:36:ea:f1:61:a9:1a:8a:cd:e5:8d:66:de:
c9:a8:1e:99:33:4e:30:bf:71:6e:99:14:c9:34:91:d0:1a:5a:
09:3c:fe:c0:1a:df:48:27:1a:e5:77:24:65:aa:e9:9d:b0:1d:
47:fc:57:a3:9b:d2:a2:7f:56:07:6f:72:28:65:aa:42:af:9c:
cb:1a:08:44:b1:73:86:ef:f4:38:94:32:cf:29:51:2b:c7:85:
5f:4d:60:49:fb:5c:f3:fb:ff:2a:77:a5:c9:f0:d1:d2:20:7b:
81:f9:fc:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEAKszPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OWNlNGMwYWJlMjc4NWQ0NmE1NTcxODUyMTcwMzcwNDIzYjVjNTlhMB4XDTIyMDMy
NDA5MjkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA2NTBmNWVlZTlk
OWI1YWIxYzY5YmVjNWU1YzhlOGMyYjYwN2U3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKroYICUpy9g1ZiuUl3hQE6G/bFY6FyDFpyZ1QmumjNZZtzq
5ndshZXoOJphkJTIclK/y+EAL2d37ajj8N4UrFw/1NNTDYrg8nh1hpBlht7IA/n4
ASeb5M1luLTHvxOvnemNJA3jRMYRjzo8QFgXrKWc/CjoZAdjmxquCZwtJFz+V9AO
8pqJ2C9AEV1ffXp+y23l1P5Hv3QkWpK082IGK9B0DT/5oycvURH4is3N0bP6ZDEv
Hq4rYvmzRnGMEfg20XwcMzDVizQaIj3zUFMnR1yquLwT5tXKmOGLCyy3z4OL+x5h
SmPA0KEC4+u0es0vWEgYPrDzIm8xUuGBCJ38hHsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRwZQ9e7p2bWrHGm+xeXI6MK2B+fjAfBgNVHSMEGDAWgBQ5zkwKvieF1GpV
cYUhcDcEI7XFmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09jNU1DcjRuaGRScVZYR0ZJWEEzQkNPMXhaby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvNDkyM2U5LTQ3NjQtNDExYy04NTk2LTlmNDQyOWYzMzgxZS8x
L2NHVVBYdTZkbTFxeHhwdnNYbHlPakN0Z2ZuNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
NDkyM2U5LTQ3NjQtNDExYy04NTk2LTlmNDQyOWYzMzgxZS8xL09jNU1DcjRuaGRS
cVZYR0ZJWEEzQkNPMXhaby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQCW2eUAwQAW2eWAwQCuXPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCksMfaYbcr6JkrlF8wxS5fK2HCkDTas7/lVbIY5dcc
uy5/QVB7HlTGRzZf7D0wxSYLVvCx2HXDgYMg32WHdvuZJQMt4Ch5/JtQQF0xfHBL
QvR68CgNhu3V2AyKSIIeNqbOSSp2SxKWIgGKXyePR+XIe2/guxxBz3PIIwmOMcCw
jZETZiEjqkANpEJqCG82blSsmCURZwQ26vFhqRqKzeWNZt7JqB6ZM04wv3FumRTJ
NJHQGloJPP7AGt9IJxrldyRlqumdsB1H/Fejm9Kif1YHb3IoZapCr5zLGghEsXOG
7/Q4lDLPKVErx4VfTWBJ+1zz+/8qd6XJ8NHSIHuB+fyD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org