Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2hkvjvkyHY_kBUHs1BlyXE7Tagk.roa
File: 2hkvjvkyHY_kBUHs1BlyXE7Tagk.roa (raw, json)
Hash identifier: Ikr+3tyU9zqfsIyu1FHDT0Tgp5cSkjxW1+8DDk5V8jM=
Subject key identifier: DA:19:2F:8E:F9:32:1D:8F:E4:05:41:EC:D4:19:72:5C:4E:D3:6A:09
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 085A1EF9
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2hkvjvkyHY_kBUHs1BlyXE7Tagk.roa
Signing time: Wed 09 Feb 2022 13:54:40 +0000
ROA not before: Wed 09 Feb 2022 13:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211439
IP address blocks: 91.132.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140123897 (0x85a1ef9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 9 13:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da192f8ef9321d8fe40541ecd419725c4ed36a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:4f:4d:b9:fb:33:38:63:b1:72:7a:bc:d3:
1b:0d:ed:58:d7:a0:ca:f0:56:42:c6:05:49:37:8c:
33:0e:90:49:c2:11:ad:f6:5d:c8:ae:98:67:b1:a5:
d1:2a:32:b3:f1:f0:3c:6c:8e:bf:ad:f1:74:20:46:
28:73:27:48:9c:c0:d2:8b:1a:db:03:ad:a4:0e:24:
5c:92:88:32:df:12:c6:6f:bf:9b:08:85:50:90:59:
17:8e:13:ad:11:ee:02:36:06:7c:f6:b7:0f:e9:a9:
cc:1a:45:97:ad:75:9c:b1:70:df:2c:a1:1d:bb:2a:
d3:19:a3:db:6b:4c:8c:82:ce:ca:19:68:76:c9:b4:
69:88:44:25:1e:a5:49:17:d7:37:0f:7e:bd:63:bb:
ca:25:e0:fb:7c:44:65:b8:63:2c:1c:d4:43:54:cf:
06:bf:ff:d8:de:07:0f:11:30:fc:19:eb:40:f8:2b:
52:a6:d5:58:c3:79:6c:30:5a:d7:08:47:dc:a0:0e:
29:a9:82:01:4b:9b:0d:bd:a9:b8:5f:0c:f5:a8:04:
a2:2d:04:b4:cd:a5:fe:0f:eb:cf:f6:5d:88:84:7e:
19:ec:c2:c3:7c:1b:b1:5a:bb:e0:40:0f:1b:98:4f:
8a:43:e2:e4:b2:8a:94:f6:82:ca:27:69:d5:eb:36:
f2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:19:2F:8E:F9:32:1D:8F:E4:05:41:EC:D4:19:72:5C:4E:D3:6A:09
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2hkvjvkyHY_kBUHs1BlyXE7Tagk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.12.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:15:7e:a5:32:a4:40:47:0f:93:dc:c6:3d:4d:c0:f6:9b:4f:
02:3d:f3:d7:53:9a:9a:2f:5d:b8:49:c7:b7:38:ff:d8:d5:7f:
15:65:fe:e3:d3:3b:02:20:d9:4e:e5:76:4d:ee:52:f7:4b:aa:
49:4a:31:3d:34:e7:a3:04:c1:35:11:55:a9:6c:a5:e6:63:93:
11:b6:f3:a3:86:da:d0:54:41:d1:8c:c4:c4:60:6e:34:53:ca:
0e:9d:ea:81:25:81:58:61:e8:63:56:56:3d:b8:fa:25:1e:bc:
85:8c:a9:73:cd:16:5c:10:d5:34:dd:eb:14:ce:d5:e9:8c:3f:
90:c7:c4:2a:7f:81:e3:b5:0a:f2:a8:73:98:b2:3b:61:66:46:
de:0b:df:0d:a5:e2:b2:d2:04:e9:8f:2a:b8:f7:77:c4:5b:4f:
57:65:de:bd:6f:43:c6:e9:91:b8:f2:e8:7a:66:5a:b7:f9:6a:
fe:98:52:a8:8d:17:78:e2:23:c9:66:6a:00:fc:f6:e6:85:6e:
e6:c8:65:54:66:25:72:67:91:da:2d:7b:e5:ef:27:fa:9e:53:
46:de:91:34:42:d2:30:48:fb:46:fe:d2:38:2d:7a:45:6a:47:
c9:c1:64:3c:81:45:67:2b:23:bc:50:f2:e6:b2:92:b1:7b:31:
48:f6:25:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECFoe+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIw
OTEzNTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGExOTJmOGVmOTMy
MWQ4ZmU0MDU0MWVjZDQxOTcyNWM0ZWQzNmEwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC1T025+zM4Y7FyerzTGw3tWNegyvBWQsYFSTeMMw6QScIR
rfZdyK6YZ7Gl0Soys/HwPGyOv63xdCBGKHMnSJzA0osa2wOtpA4kXJKIMt8Sxm+/
mwiFUJBZF44TrRHuAjYGfPa3D+mpzBpFl611nLFw3yyhHbsq0xmj22tMjILOyhlo
dsm0aYhEJR6lSRfXNw9+vWO7yiXg+3xEZbhjLBzUQ1TPBr//2N4HDxEw/BnrQPgr
UqbVWMN5bDBa1whH3KAOKamCAUubDb2puF8M9agEoi0EtM2l/g/rz/ZdiIR+GezC
w3wbsVq74EAPG5hPikPi5LKKlPaCyidp1es28ksCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaGS+O+TIdj+QFQezUGXJcTtNqCTAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
LzJoa3Zqdmt5SFlfa0JVSHMxQmx5WEU3VGFnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAluEDDANBgkqhkiG9w0BAQsFAAOC
AQEAWxV+pTKkQEcPk9zGPU3A9ptPAj3z11Oami9duEnHtzj/2NV/FWX+49M7AiDZ
TuV2Te5S90uqSUoxPTTnowTBNRFVqWyl5mOTEbbzo4ba0FRB0YzExGBuNFPKDp3q
gSWBWGHoY1ZWPbj6JR68hYypc80WXBDVNN3rFM7V6Yw/kMfEKn+B47UK8qhzmLI7
YWZG3gvfDaXistIE6Y8quPd3xFtPV2XevW9DxumRuPLoemZat/lq/phSqI0XeOIj
yWZqAPz25oVu5shlVGYlcmeR2i175e8n+p5TRt6RNELSMEj7Rv7SOC16RWpHycFk
PIFFZysjvFDy5rKSsXsxSPYljA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org