Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/st9lMY7_mjCDoIFChdo6FaEeabA.roa
File: st9lMY7_mjCDoIFChdo6FaEeabA.roa (raw, json)
Hash identifier: UBfy7cuekpK+JyvlcW0wXqcaNuUef9nV5HzjZBs5LeA=
Subject key identifier: B2:DF:65:31:8E:FF:9A:30:83:A0:81:42:85:DA:3A:15:A1:1E:69:B0
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 07F5074D
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/st9lMY7_mjCDoIFChdo6FaEeabA.roa
Signing time: Sat 01 Jan 2022 01:01:38 +0000
ROA not before: Sat 01 Jan 2022 01:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211439
IP address blocks: 91.132.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133498701 (0x7f5074d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 01:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2df65318eff9a3083a0814285da3a15a11e69b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:63:80:35:07:e8:86:70:46:76:3f:5c:98:81:
63:2a:57:08:c6:9f:b7:be:d9:90:a3:6b:84:c4:4b:
25:21:50:db:1a:2b:f8:f7:36:51:f6:4f:c7:4c:7f:
3a:42:88:9b:c9:db:42:c1:c5:5d:4e:ef:37:99:14:
eb:20:3c:93:bc:df:d0:32:b7:2e:90:ce:c8:2c:2a:
72:ad:f4:0a:90:80:22:64:ae:95:2c:6d:7d:15:84:
49:4e:54:23:61:b7:34:ac:5a:bc:80:fd:be:32:7d:
22:b2:28:5b:11:63:7c:d1:3b:59:14:cb:9d:f7:7c:
92:17:f9:ce:7f:a1:0d:dc:cf:68:09:b7:08:20:fd:
c2:84:f1:ba:01:42:34:03:eb:c5:b9:de:3e:6c:82:
f5:e6:b5:d5:9a:8b:5c:31:6b:17:72:45:49:61:66:
17:63:3c:31:ff:a6:cd:4d:f2:f4:94:e9:92:65:4b:
3b:f4:ee:9e:72:6c:79:de:bb:2b:e1:b7:7d:dc:95:
5c:56:d9:b0:33:81:98:a7:0e:c2:76:6f:56:ab:d4:
38:03:f3:c3:62:83:38:f9:f9:40:0d:cb:ea:b3:df:
64:c8:50:03:b7:09:18:67:5b:d4:15:cd:0a:60:aa:
9c:0f:6b:dc:7f:7c:82:f1:25:71:86:b6:f7:eb:3e:
bf:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DF:65:31:8E:FF:9A:30:83:A0:81:42:85:DA:3A:15:A1:1E:69:B0
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/st9lMY7_mjCDoIFChdo6FaEeabA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.12.0/22
Signature Algorithm: sha256WithRSAEncryption
31:c8:ab:7b:ff:3b:43:e5:70:68:36:9e:3d:b6:07:d5:da:1d:
05:63:75:11:29:22:5e:83:c3:dc:be:36:12:12:88:f2:d9:aa:
79:ae:e4:c2:75:a8:9b:ae:c9:82:a5:e1:a1:e8:ae:88:62:30:
f5:2e:67:e8:38:7c:46:85:51:a2:c3:96:bb:ab:f8:fd:b1:5c:
5b:9e:4c:6a:af:58:eb:7b:fc:4a:2d:4d:6d:d8:87:95:e1:a3:
3c:86:4b:c6:6c:9e:e4:c4:b4:32:89:6f:9c:c7:8c:b4:19:78:
3d:ba:d0:64:4e:c8:c0:44:ff:3c:88:10:c9:78:89:62:0e:68:
3f:a1:33:37:76:d8:10:cf:3a:42:7d:52:5b:bc:bb:79:e2:f9:
35:a0:aa:6e:31:e9:37:de:84:d5:2d:a4:4b:c6:d0:fb:b1:41:
48:9c:8c:46:75:2e:56:16:2a:ec:85:e8:58:a3:22:b8:9f:e9:
77:38:c6:ba:e4:65:7b:c8:15:cf:38:f2:e1:0f:c9:de:26:6f:
74:42:53:e9:9f:c1:b8:47:23:3e:bf:af:73:77:1c:c8:fd:96:
3a:d5:1d:ce:88:57:2e:1f:23:e6:64:62:eb:c8:f4:ec:3f:7c:
b0:23:0c:94:64:c9:f6:94:67:2b:43:ab:7b:c8:24:c4:28:63:
34:ef:06:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/UHTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDEw
MTAxMDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJkZjY1MzE4ZWZm
OWEzMDgzYTA4MTQyODVkYTNhMTVhMTFlNjliMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNjgDUH6IZwRnY/XJiBYypXCMaft77ZkKNrhMRLJSFQ2xor
+Pc2UfZPx0x/OkKIm8nbQsHFXU7vN5kU6yA8k7zf0DK3LpDOyCwqcq30CpCAImSu
lSxtfRWESU5UI2G3NKxavID9vjJ9IrIoWxFjfNE7WRTLnfd8khf5zn+hDdzPaAm3
CCD9woTxugFCNAPrxbnePmyC9ea11ZqLXDFrF3JFSWFmF2M8Mf+mzU3y9JTpkmVL
O/TunnJsed67K+G3fdyVXFbZsDOBmKcOwnZvVqvUOAPzw2KDOPn5QA3L6rPfZMhQ
A7cJGGdb1BXNCmCqnA9r3H98gvElcYa29+s+vxcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSy32Uxjv+aMIOggUKF2joVoR5psDAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L3N0OWxNWTdfbWpDRG9JRkNoZG82RmFFZWFiQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAluEDDANBgkqhkiG9w0BAQsFAAOC
AQEAMcire/87Q+VwaDaePbYH1dodBWN1ESkiXoPD3L42EhKI8tmqea7kwnWom67J
gqXhoeiuiGIw9S5n6Dh8RoVRosOWu6v4/bFcW55Maq9Y63v8Si1NbdiHleGjPIZL
xmye5MS0MolvnMeMtBl4PbrQZE7IwET/PIgQyXiJYg5oP6EzN3bYEM86Qn1SW7y7
eeL5NaCqbjHpN96E1S2kS8bQ+7FBSJyMRnUuVhYq7IXoWKMiuJ/pdzjGuuRle8gV
zzjy4Q/J3iZvdEJT6Z/BuEcjPr+vc3ccyP2WOtUdzohXLh8j5mRi68j07D98sCMM
lGTJ9pRnK0Ore8gkxChjNO8GsA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org