Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/Bf8QZyqPhfoZ_FvuxvG23f3h7v0.roa
File: Bf8QZyqPhfoZ_FvuxvG23f3h7v0.roa (raw, json)
Hash identifier: FiIg10c9NgduedIv8KpA8MD4e2wWFz8tLY/jdDNqDQU=
Subject key identifier: 05:FF:10:67:2A:8F:85:FA:19:FC:5B:EE:C6:F1:B6:DD:FD:E1:EE:FD
Certificate issuer: /CN=291d83c3f4b877cf7d084cb530c4a9e36fcf7ad0
Certificate serial: 03C70AE5
Authority key identifier: 29:1D:83:C3:F4:B8:77:CF:7D:08:4C:B5:30:C4:A9:E3:6F:CF:7A:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR2Dw_S4d899CEy1MMSp42_PetA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/Bf8QZyqPhfoZ_FvuxvG23f3h7v0.roa
Signing time: Sat 01 Jan 2022 14:05:23 +0000
ROA not before: Sat 01 Jan 2022 14:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30367
IP address blocks: 91.213.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63376101 (0x3c70ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291d83c3f4b877cf7d084cb530c4a9e36fcf7ad0
Validity
Not Before: Jan 1 14:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05ff10672a8f85fa19fc5beec6f1b6ddfde1eefd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:91:da:3c:67:c0:26:4a:da:a0:30:a9:95:
1e:ab:0e:1d:ae:66:cb:1e:34:af:72:66:f4:e7:17:
c8:9f:95:93:9e:e4:3d:c7:11:db:9a:ec:23:0a:89:
9c:c8:74:3e:4b:3c:cd:28:a1:71:23:e2:40:44:08:
7c:4f:0d:94:e4:82:93:1f:83:f7:51:bf:05:dc:3e:
ae:f9:f7:9c:ef:43:e0:f6:c7:96:cb:a1:90:d0:76:
30:9c:2d:9e:2b:b9:ce:44:28:84:23:2b:2b:ad:cc:
e6:6a:d3:8c:7b:12:10:09:52:c5:4f:2d:52:ef:2b:
e0:ca:87:25:ee:47:81:b4:62:29:a6:f7:5a:ed:80:
c9:02:e3:eb:02:35:ea:20:e4:7a:49:66:94:e2:f2:
8b:71:f6:84:61:92:cb:c9:7d:f0:01:6e:bb:98:f8:
83:f1:c9:a5:90:ad:d4:5e:fd:31:7c:30:37:8f:be:
1d:2e:df:12:2f:49:3e:e0:2e:02:80:cc:f9:56:8e:
8c:46:6f:88:3e:ba:93:08:7e:98:31:9b:2b:c0:80:
a7:69:f6:d4:20:4e:73:6e:66:01:5c:d2:85:5b:c0:
37:c2:e0:a8:fe:65:ea:3f:0c:b8:11:fb:19:3c:1b:
89:a6:b9:2d:02:75:3a:82:10:a7:41:80:ca:54:98:
6a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FF:10:67:2A:8F:85:FA:19:FC:5B:EE:C6:F1:B6:DD:FD:E1:EE:FD
X509v3 Authority Key Identifier:
keyid:29:1D:83:C3:F4:B8:77:CF:7D:08:4C:B5:30:C4:A9:E3:6F:CF:7A:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR2Dw_S4d899CEy1MMSp42_PetA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/Bf8QZyqPhfoZ_FvuxvG23f3h7v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/KR2Dw_S4d899CEy1MMSp42_PetA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.3.0/24
Signature Algorithm: sha256WithRSAEncryption
34:46:9a:a6:b4:ad:ee:fd:ac:55:ad:42:da:5d:e8:10:79:f0:
da:9d:04:10:7f:c2:80:8e:d5:8e:bd:56:ef:59:1a:4e:2a:d3:
75:7a:d6:00:b6:05:ae:ae:bf:78:72:a2:9c:16:e2:e0:7f:58:
28:0a:74:8e:28:bc:af:ab:b1:27:fd:22:f0:fc:ec:2b:ec:95:
2a:6e:f6:ef:09:f9:e9:2d:4b:38:74:b2:d7:41:7f:31:fb:40:
e5:20:27:57:4c:ae:f1:c5:40:30:aa:ad:3d:d9:b6:ec:17:87:
6a:70:d7:db:89:0d:b8:3a:ec:44:e8:39:0e:66:f2:6a:2a:7c:
2e:78:b9:d2:a0:4a:98:b8:6f:d6:f0:02:7a:ae:83:24:48:56:
e6:b8:e7:bf:26:d0:69:ee:5e:3a:89:f9:26:7b:5f:45:54:90:
21:40:1f:4f:97:ec:c5:0f:f9:20:a8:7f:f9:d7:f8:02:0a:ca:
a4:2e:26:c4:3b:62:73:de:d6:0d:12:21:9f:e2:db:12:90:5f:
72:98:4a:ab:b3:13:6c:dd:fa:3b:51:8e:53:a8:e2:af:64:b6:
e8:9e:71:97:ef:b2:1f:f9:e6:ac:34:3a:86:c0:a1:88:f3:11:
03:ef:19:a0:80:dc:78:3c:0b:6e:c6:10:df:8a:96:d9:04:b1:
03:47:73:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8cK5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTFkODNjM2Y0Yjg3N2NmN2QwODRjYjUzMGM0YTllMzZmY2Y3YWQwMB4XDTIyMDEw
MTE0MDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVmZjEwNjcyYThm
ODVmYTE5ZmM1YmVlYzZmMWI2ZGRmZGUxZWVmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+Kkdo8Z8AmStqgMKmVHqsOHa5myx40r3Jm9OcXyJ+Vk57k
PccR25rsIwqJnMh0Pks8zSihcSPiQEQIfE8NlOSCkx+D91G/Bdw+rvn3nO9D4PbH
lsuhkNB2MJwtniu5zkQohCMrK63M5mrTjHsSEAlSxU8tUu8r4MqHJe5HgbRiKab3
Wu2AyQLj6wI16iDkeklmlOLyi3H2hGGSy8l98AFuu5j4g/HJpZCt1F79MXwwN4++
HS7fEi9JPuAuAoDM+VaOjEZviD66kwh+mDGbK8CAp2n21CBOc25mAVzShVvAN8Lg
qP5l6j8MuBH7GTwbiaa5LQJ1OoIQp0GAylSYarUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQF/xBnKo+F+hn8W+7G8bbd/eHu/TAfBgNVHSMEGDAWgBQpHYPD9Lh3z30I
TLUwxKnjb8960DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSMkR3X1M0ZDg5OUNFeTFNTVNwNDJfUGV0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvNTk0NTY5LTZmMTgtNDYwYS1hMTk2LWZmY2Q0NzczNDlmYy8x
L0JmOFFaeXFQaGZvWl9GdnV4dkcyM2YzaDd2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
NTk0NTY5LTZmMTgtNDYwYS1hMTk2LWZmY2Q0NzczNDlmYy8xL0tSMkR3X1M0ZDg5
OUNFeTFNTVNwNDJfUGV0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvVAzANBgkqhkiG9w0BAQsFAAOC
AQEANEaaprSt7v2sVa1C2l3oEHnw2p0EEH/CgI7Vjr1W71kaTirTdXrWALYFrq6/
eHKinBbi4H9YKAp0jii8r6uxJ/0i8PzsK+yVKm727wn56S1LOHSy10F/MftA5SAn
V0yu8cVAMKqtPdm27BeHanDX24kNuDrsROg5Dmbyaip8Lni50qBKmLhv1vACeq6D
JEhW5rjnvybQae5eOon5JntfRVSQIUAfT5fsxQ/5IKh/+df4AgrKpC4mxDtic97W
DRIhn+LbEpBfcphKq7MTbN36O1GOU6jir2S26J5xl++yH/nmrDQ6hsChiPMRA+8Z
oIDceDwLbsYQ34qW2QSxA0dzdQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:51 2023 by rpki-client on console-ams.rpki-client.org