Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/66908c-d5cb-47c8-bfce-c9c12b866078/1/xPA2w9VdPiyMOG8NDiTqVAc7Rko.roa
File: xPA2w9VdPiyMOG8NDiTqVAc7Rko.roa (raw, json)
Hash identifier: BXgNgD+fq9AJIvvFwnsTfyeK0LGfZHpsOySqQPecj/0=
Subject key identifier: C4:F0:36:C3:D5:5D:3E:2C:8C:38:6F:0D:0E:24:EA:54:07:3B:46:4A
Certificate issuer: /CN=98fd440cbbb04b969b92bb6b39c0bbb41634cd12
Certificate serial: 18D18C95
Authority key identifier: 98:FD:44:0C:BB:B0:4B:96:9B:92:BB:6B:39:C0:BB:B4:16:34:CD:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mP1EDLuwS5abkrtrOcC7tBY0zRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/66908c-d5cb-47c8-bfce-c9c12b866078/1/xPA2w9VdPiyMOG8NDiTqVAc7Rko.roa
Signing time: Sat 01 Jan 2022 05:04:38 +0000
ROA not before: Sat 01 Jan 2022 05:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15547
IP address blocks: 91.212.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416386197 (0x18d18c95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98fd440cbbb04b969b92bb6b39c0bbb41634cd12
Validity
Not Before: Jan 1 05:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4f036c3d55d3e2c8c386f0d0e24ea54073b464a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:7e:48:01:f2:c4:8d:7e:d3:58:9e:3c:29:
17:b2:4c:29:a7:86:85:86:12:1f:f4:08:bd:ab:39:
27:3b:7c:87:9f:8b:fc:d0:9b:6a:f0:38:47:ee:7f:
05:71:10:5c:85:3e:7b:9a:cf:c8:dc:2c:54:15:ea:
4b:ac:4e:31:ad:fd:50:af:1b:e0:ee:06:f2:76:4d:
7f:3c:c1:42:7f:cb:2e:c1:9c:3b:34:55:3e:a0:00:
f3:16:cb:a8:b5:ca:d7:88:d8:08:e1:f3:8c:4e:d5:
c4:2b:3a:a7:74:3b:65:73:08:24:c6:8b:c0:92:8e:
80:fd:0d:05:31:05:28:27:b1:e0:96:40:f7:0e:fb:
36:43:99:aa:d6:dc:11:07:a5:f3:38:c6:7a:3e:4a:
bf:3d:e2:b9:d9:73:07:15:84:62:fb:89:f3:e4:6e:
60:c4:b1:ab:97:54:84:80:cb:d2:03:df:1f:4c:bd:
ec:2d:c6:ef:1b:80:50:2f:9e:d6:1e:66:b2:42:8a:
aa:ee:56:78:0a:c9:49:e9:93:41:3c:93:fe:84:c9:
c2:6e:09:23:53:f9:36:3a:bd:ec:37:e4:db:ae:33:
57:d8:22:12:fb:10:06:97:bd:c6:0f:e9:f2:32:bc:
2a:f2:a2:79:85:3c:89:f6:97:2a:74:06:ed:70:83:
fc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F0:36:C3:D5:5D:3E:2C:8C:38:6F:0D:0E:24:EA:54:07:3B:46:4A
X509v3 Authority Key Identifier:
keyid:98:FD:44:0C:BB:B0:4B:96:9B:92:BB:6B:39:C0:BB:B4:16:34:CD:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mP1EDLuwS5abkrtrOcC7tBY0zRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/66908c-d5cb-47c8-bfce-c9c12b866078/1/xPA2w9VdPiyMOG8NDiTqVAc7Rko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/66908c-d5cb-47c8-bfce-c9c12b866078/1/mP1EDLuwS5abkrtrOcC7tBY0zRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.152.0/24
Signature Algorithm: sha256WithRSAEncryption
69:f4:c7:fa:5b:53:f0:3c:03:0e:69:f7:cb:33:cd:58:e8:47:
01:3e:33:43:f6:d8:fd:07:d3:3c:75:04:91:2f:76:19:2f:64:
ba:6e:ae:16:b8:7c:0d:92:2a:ea:ab:aa:14:55:a6:04:bd:32:
80:0e:b1:f8:57:ec:e9:0f:92:59:8e:56:61:57:94:b0:d2:42:
f1:9b:7e:67:32:1f:f2:b4:eb:4b:26:36:b0:6e:2f:cf:d5:c3:
a6:3a:91:3a:55:8e:c0:e8:60:da:65:e5:ec:37:00:ac:ea:c5:
3d:ba:56:7b:b0:59:ef:5f:8d:cf:6a:6e:6a:b6:dd:1d:da:55:
e0:4b:32:fc:4a:3b:ae:c2:99:bf:23:c4:ff:61:87:d6:aa:9f:
42:b3:58:42:a3:52:3a:39:ca:a3:e5:7d:04:1b:8b:90:5f:06:
b5:bc:c0:3c:e3:6a:9d:b3:28:a0:dd:43:2d:79:27:84:3f:79:
74:6a:cb:fa:5b:85:27:8f:65:7c:1e:f8:3e:d2:cf:77:3f:92:
67:ca:38:d8:b0:c7:66:72:4f:4e:d2:14:78:99:f0:1b:c4:3e:
66:75:86:58:c5:a9:1e:5e:4f:d3:f4:a9:d8:de:ae:72:c8:a6:
39:e8:81:cd:c7:55:51:13:28:56:8f:1d:59:5f:f2:18:8e:d5:
2f:23:e1:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGNGMlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OGZkNDQwY2JiYjA0Yjk2OWI5MmJiNmIzOWMwYmJiNDE2MzRjZDEyMB4XDTIyMDEw
MTA1MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRmMDM2YzNkNTVk
M2UyYzhjMzg2ZjBkMGUyNGVhNTQwNzNiNDY0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEvfkgB8sSNftNYnjwpF7JMKaeGhYYSH/QIvas5Jzt8h5+L
/NCbavA4R+5/BXEQXIU+e5rPyNwsVBXqS6xOMa39UK8b4O4G8nZNfzzBQn/LLsGc
OzRVPqAA8xbLqLXK14jYCOHzjE7VxCs6p3Q7ZXMIJMaLwJKOgP0NBTEFKCex4JZA
9w77NkOZqtbcEQel8zjGej5Kvz3iudlzBxWEYvuJ8+RuYMSxq5dUhIDL0gPfH0y9
7C3G7xuAUC+e1h5mskKKqu5WeArJSemTQTyT/oTJwm4JI1P5Njq97Dfk264zV9gi
EvsQBpe9xg/p8jK8KvKieYU8ifaXKnQG7XCD/EkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTE8DbD1V0+LIw4bw0OJOpUBztGSjAfBgNVHSMEGDAWgBSY/UQMu7BLlpuS
u2s5wLu0FjTNEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21QMUVETHV3UzVhYmtydHJPY0M3dEJZMHpSSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvNjY5MDhjLWQ1Y2ItNDdjOC1iZmNlLWM5YzEyYjg2NjA3OC8x
L3hQQTJ3OVZkUGl5TU9HOE5EaVRxVkFjN1Jrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
NjY5MDhjLWQ1Y2ItNDdjOC1iZmNlLWM5YzEyYjg2NjA3OC8xL21QMUVETHV3UzVh
YmtydHJPY0M3dEJZMHpSSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvUmDANBgkqhkiG9w0BAQsFAAOC
AQEAafTH+ltT8DwDDmn3yzPNWOhHAT4zQ/bY/QfTPHUEkS92GS9kum6uFrh8DZIq
6quqFFWmBL0ygA6x+Ffs6Q+SWY5WYVeUsNJC8Zt+ZzIf8rTrSyY2sG4vz9XDpjqR
OlWOwOhg2mXl7DcArOrFPbpWe7BZ71+Nz2puarbdHdpV4Esy/Eo7rsKZvyPE/2GH
1qqfQrNYQqNSOjnKo+V9BBuLkF8GtbzAPONqnbMooN1DLXknhD95dGrL+luFJ49l
fB74PtLPdz+SZ8o42LDHZnJPTtIUeJnwG8Q+ZnWGWMWpHl5P0/Sp2N6ucsimOeiB
zcdVURMoVo8dWV/yGI7VLyPhgQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:50 2023 by rpki-client on console-fra.rpki-client.org