Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Z2-e8-gMGduBw9su1IBp8Klgn0Y.roa
File: Z2-e8-gMGduBw9su1IBp8Klgn0Y.roa (raw, json)
Hash identifier: nvO5lUXPl23Qc7Wh+bd1iJynrwtAQQq3rlfcWZnl9Gs=
Subject key identifier: 67:6F:9E:F3:E8:0C:19:DB:81:C3:DB:2E:D4:80:69:F0:A9:60:9F:46
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01853AEEE13A6D1EAD362260FFD9DBFC1CFA
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Z2-e8-gMGduBw9su1IBp8Klgn0Y.roa
Signing time: Thu 22 Dec 2022 17:43:31 +0000
ROA not before: Thu 22 Dec 2022 17:43:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 91.149.200.0/24 maxlen: 24
91.149.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:ee:e1:3a:6d:1e:ad:36:22:60:ff:d9:db:fc:1c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Dec 22 17:43:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=676f9ef3e80c19db81c3db2ed48069f0a9609f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c4:46:36:d1:23:00:48:1d:22:b7:c0:1c:bd:
d9:1e:0d:11:28:1b:fe:6c:dc:df:47:25:1e:f7:a3:
e5:2e:b7:3b:5d:3d:e0:41:94:7d:ae:01:10:02:ac:
86:d4:2a:e2:38:98:07:30:f2:3d:ec:89:8a:61:bc:
aa:43:0c:80:bc:ab:08:61:a8:86:05:32:41:a3:68:
8a:53:37:0b:ad:06:56:76:14:82:11:67:57:cf:02:
d3:85:32:b1:c0:42:df:f3:7f:5c:46:c6:cb:71:69:
7e:95:6f:96:00:db:f9:ea:de:82:f2:2f:fb:cf:cd:
31:4f:51:a0:a9:e7:5d:97:38:8d:3a:47:ac:91:db:
f5:ad:6c:1f:2b:c6:ec:ae:21:7d:d8:69:39:66:42:
eb:d9:0b:04:8e:e0:a2:69:f0:89:fc:69:5f:7c:0d:
7e:cb:49:34:d3:e5:5c:3c:75:32:b3:f6:ae:db:79:
37:e0:1d:a9:a3:52:0f:e7:73:69:3c:26:a4:16:0d:
40:b7:22:b5:3e:99:66:46:ba:76:25:7a:a1:26:c0:
75:77:1f:04:c9:e3:d5:b4:8a:e3:10:f7:5f:e9:a5:
0b:7e:b7:23:c4:37:da:11:b3:0e:43:ed:f3:5e:7c:
66:32:3f:48:20:b7:ee:29:29:f7:78:ed:ff:a0:cb:
cc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6F:9E:F3:E8:0C:19:DB:81:C3:DB:2E:D4:80:69:F0:A9:60:9F:46
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Z2-e8-gMGduBw9su1IBp8Klgn0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.200.0/24
91.149.235.0/24
Signature Algorithm: sha256WithRSAEncryption
98:f2:c8:4d:79:e0:bd:23:bb:43:df:b9:14:f0:3d:a7:7f:fe:
7b:2b:f8:50:7f:57:a6:d6:dc:2f:b6:b3:6d:79:40:bd:8c:82:
ae:f2:8e:55:a1:45:aa:a1:83:c6:82:d5:34:c6:de:2a:de:cb:
ec:25:51:09:71:f1:d0:2a:29:58:6f:e7:9e:eb:7d:51:99:6b:
06:25:ee:e7:23:9e:a5:86:ed:5a:3a:7f:34:2d:8e:d0:22:02:
22:93:ef:e1:8e:bd:d9:c6:ce:9c:c1:28:e7:95:23:5c:5f:c2:
e7:d0:9f:f8:fc:00:39:88:6e:73:76:5b:e9:fd:57:f1:5d:5e:
69:9c:7a:ef:90:3e:4d:d1:9b:01:d7:23:3c:1c:50:1c:79:ef:
06:15:72:1c:ca:9b:34:83:cc:af:cf:dc:18:2e:59:79:58:25:
6f:6a:11:63:94:46:f5:cf:36:e9:07:d9:bc:5c:46:41:15:54:
a4:8c:f3:04:83:26:71:8c:82:18:be:7a:87:90:26:2a:52:f4:
22:20:7c:4a:55:57:f2:fc:29:ec:64:45:a3:fe:b3:57:c6:96:
e0:20:c9:9a:ed:b9:cc:d7:ea:c8:1b:c7:92:67:ca:b2:8d:bf:
dc:fd:83:39:75:2e:ce:0e:73:3b:b9:74:2e:c1:bc:54:21:c5:
ec:3b:8d:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU67uE6bR6tNiJg/9nb/Bz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjIxMjIyMTc0MzMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZmOWVmM2U4MGMxOWRiODFjM2RiMmVkNDgwNjlmMGE5NjA5ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMRGNtEjAEgdIrfAHL3ZHg0RKBv+
bNzfRyUe96PlLrc7XT3gQZR9rgEQAqyG1CriOJgHMPI97ImKYbyqQwyAvKsIYaiG
BTJBo2iKUzcLrQZWdhSCEWdXzwLThTKxwELf839cRsbLcWl+lW+WANv56t6C8i/7
z80xT1GgqeddlziNOkeskdv1rWwfK8bsriF92Gk5ZkLr2QsEjuCiafCJ/GlffA1+
y0k00+VcPHUys/au23k34B2po1IP53NpPCakFg1AtyK1PplmRrp2JXqhJsB1dx8E
yePVtIrjEPdf6aULfrcjxDfaEbMOQ+3zXnxmMj9IILfuKSn3eO3/oMvMswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGdvnvPoDBnbgcPbLtSAafCpYJ9GMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvWjItZTgtZ01HZHVCdzlzdTFJQnA4S2xnbjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5XIAwQA
W5XrMA0GCSqGSIb3DQEBCwUAA4IBAQCY8shNeeC9I7tD37kU8D2nf/57K/hQf1em
1twvtrNteUC9jIKu8o5VoUWqoYPGgtU0xt4q3svsJVEJcfHQKilYb+ee631RmWsG
Je7nI56lhu1aOn80LY7QIgIik+/hjr3Zxs6cwSjnlSNcX8Ln0J/4/AA5iG5zdlvp
/VfxXV5pnHrvkD5N0ZsB1yM8HFAcee8GFXIcyps0g8yvz9wYLll5WCVvahFjlEb1
zzbpB9m8XEZBFVSkjPMEgyZxjIIYvnqHkCYqUvQiIHxKVVfy/CnsZEWj/rNXxpbg
IMma7bnM1+rIG8eSZ8qyjb/c/YM5dS7ODnM7uXQuwbxUIcXsO436
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:16 2024 by rpki-client on console-ams.rpki-client.org