Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4c1642-80f3-4523-974d-4fc1cad8ab22/1/3gcsiywvMG9UKg0ZordW-7w1ZlI.roa
File: 3gcsiywvMG9UKg0ZordW-7w1ZlI.roa (raw, json)
Hash identifier: d0pPN9Tb2lh8KGBtdeSyEeJnZnJzctmUD9PQhDbfUJE=
Subject key identifier: DE:07:2C:8B:2C:2F:30:6F:54:2A:0D:19:A2:B7:56:FB:BC:35:66:52
Certificate issuer: /CN=9c78efbe6786f9e202c42788e1bbf71781ca8c47
Certificate serial: 06287413
Authority key identifier: 9C:78:EF:BE:67:86:F9:E2:02:C4:27:88:E1:BB:F7:17:81:CA:8C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHjvvmeG-eICxCeI4bv3F4HKjEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/4c1642-80f3-4523-974d-4fc1cad8ab22/1/3gcsiywvMG9UKg0ZordW-7w1ZlI.roa
Signing time: Sat 01 Jan 2022 03:54:33 +0000
ROA not before: Sat 01 Jan 2022 03:54:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57692
IP address blocks: 194.146.111.0/24 maxlen: 24
91.232.154.0/24 maxlen: 24
91.232.155.0/24 maxlen: 24
91.232.156.0/24 maxlen: 24
2001:67c:1be8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103314451 (0x6287413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c78efbe6786f9e202c42788e1bbf71781ca8c47
Validity
Not Before: Jan 1 03:54:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de072c8b2c2f306f542a0d19a2b756fbbc356652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a1:e5:6b:b9:7e:b7:cb:ba:65:3b:fa:59:dc:
ca:d2:f3:99:77:4f:4e:c3:e6:ad:13:b7:2d:45:1b:
36:a8:5b:f4:73:49:3e:3e:b6:23:4a:48:84:b3:eb:
60:21:ed:2d:ff:d6:4f:f5:3c:d0:6b:98:ec:fc:6c:
61:f4:29:14:b1:d8:b4:be:54:60:86:72:43:f2:7a:
35:ab:8a:e1:19:29:4a:27:ac:2a:5e:1b:ba:b7:dc:
26:5c:79:a4:70:99:b7:68:94:f2:7e:87:ae:f2:b9:
c6:60:dc:46:a6:1d:1d:94:b6:e5:b3:0a:b9:49:cb:
99:40:45:6a:d4:a4:f4:c6:2f:b9:70:3f:1a:e4:c6:
02:dc:3d:75:5f:44:52:54:f6:55:32:33:f0:a8:b7:
7e:7d:75:6f:2c:36:cf:d5:72:67:63:2f:32:61:9e:
3d:17:55:9e:13:37:16:26:a7:ca:41:bf:a7:58:65:
4e:9b:ba:a4:39:b5:cf:70:2a:3b:c4:f8:21:36:3a:
7c:e9:a8:17:ba:54:f2:33:a1:f8:3d:e0:93:9e:65:
d4:8b:ee:2d:53:95:4e:8b:d3:12:8f:e3:14:4f:a0:
1a:97:21:21:b4:19:b7:5b:39:81:cd:b6:f5:2f:41:
22:c0:56:fe:7d:43:04:27:a0:a7:e7:9a:5c:45:cc:
4d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:07:2C:8B:2C:2F:30:6F:54:2A:0D:19:A2:B7:56:FB:BC:35:66:52
X509v3 Authority Key Identifier:
keyid:9C:78:EF:BE:67:86:F9:E2:02:C4:27:88:E1:BB:F7:17:81:CA:8C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHjvvmeG-eICxCeI4bv3F4HKjEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4c1642-80f3-4523-974d-4fc1cad8ab22/1/3gcsiywvMG9UKg0ZordW-7w1ZlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4c1642-80f3-4523-974d-4fc1cad8ab22/1/nHjvvmeG-eICxCeI4bv3F4HKjEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.154.0-91.232.156.255
194.146.111.0/24
IPv6:
2001:67c:1be8::/48
Signature Algorithm: sha256WithRSAEncryption
28:83:84:72:9e:68:99:b8:41:92:75:f6:2b:68:eb:80:85:23:
95:e2:11:ff:e1:ac:db:e5:6a:ee:b3:b5:df:18:be:a2:9d:38:
0d:b4:04:ca:15:07:6d:85:e7:21:e6:93:68:f6:6c:45:eb:f2:
3f:d1:44:d8:30:8c:f9:fe:e9:0a:34:a0:f2:95:f0:b4:ab:79:
0a:7a:de:b8:82:fa:29:b3:3b:22:96:0a:f9:7f:05:ba:ef:81:
5e:a9:53:4f:d3:c1:5e:77:5f:1d:48:7e:78:65:72:e6:30:e2:
d2:62:0f:b3:56:b3:86:c3:27:c2:f2:17:09:d5:c5:c9:a5:a3:
0d:f9:b4:18:ec:7b:23:82:f6:45:32:a4:e0:21:fa:d2:a0:f1:
9c:29:e5:fb:03:41:d0:2a:03:bf:f7:79:79:7d:86:06:f3:68:
f0:40:70:d6:48:63:61:7e:6c:47:11:2b:77:a9:5a:cb:6c:4b:
2c:1d:18:f3:18:02:91:5c:f5:88:f8:7a:4a:b5:47:14:54:ef:
5d:b0:8f:0e:a1:3e:92:f0:cf:8c:aa:c0:f9:e7:9e:86:47:9b:
9e:2b:36:95:b3:06:72:33:ff:58:a9:57:ea:54:37:ae:a6:56:
99:b0:40:35:00:70:68:62:26:57:98:b5:16:38:79:8c:72:1a:
ef:29:2a:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEBih0EzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Yzc4ZWZiZTY3ODZmOWUyMDJjNDI3ODhlMWJiZjcxNzgxY2E4YzQ3MB4XDTIyMDEw
MTAzNTQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUwNzJjOGIyYzJm
MzA2ZjU0MmEwZDE5YTJiNzU2ZmJiYzM1NjY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2h5Wu5frfLumU7+lncytLzmXdPTsPmrRO3LUUbNqhb9HNJ
Pj62I0pIhLPrYCHtLf/WT/U80GuY7PxsYfQpFLHYtL5UYIZyQ/J6NauK4RkpSies
Kl4burfcJlx5pHCZt2iU8n6HrvK5xmDcRqYdHZS25bMKuUnLmUBFatSk9MYvuXA/
GuTGAtw9dV9EUlT2VTIz8Ki3fn11byw2z9VyZ2MvMmGePRdVnhM3FianykG/p1hl
Tpu6pDm1z3AqO8T4ITY6fOmoF7pU8jOh+D3gk55l1IvuLVOVTovTEo/jFE+gGpch
IbQZt1s5gc229S9BIsBW/n1DBCegp+eaXEXMTQsCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBTeByyLLC8wb1QqDRmit1b7vDVmUjAfBgNVHSMEGDAWgBSceO++Z4b54gLE
J4jhu/cXgcqMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25IanZ2bWVHLWVJQ3hDZUk0YnYzRjRIS2pFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvNGMxNjQyLTgwZjMtNDUyMy05NzRkLTRmYzFjYWQ4YWIyMi8x
LzNnY3NpeXd2TUc5VUtnMFpvcmRXLTd3MVpsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
NGMxNjQyLTgwZjMtNDUyMy05NzRkLTRmYzFjYWQ4YWIyMi8xL25IanZ2bWVHLWVJ
Q3hDZUk0YnYzRjRIS2pFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFDAMAwQBW+iaAwQAW+icAwQAwpJvMA8E
AgACMAkDBwAgAQZ8G+gwDQYJKoZIhvcNAQELBQADggEBACiDhHKeaJm4QZJ19ito
64CFI5XiEf/hrNvlau6ztd8YvqKdOA20BMoVB22F5yHmk2j2bEXr8j/RRNgwjPn+
6Qo0oPKV8LSreQp63riC+imzOyKWCvl/BbrvgV6pU0/TwV53Xx1IfnhlcuYw4tJi
D7NWs4bDJ8LyFwnVxcmlow35tBjseyOC9kUypOAh+tKg8Zwp5fsDQdAqA7/3eXl9
hgbzaPBAcNZIY2F+bEcRK3epWstsSywdGPMYApFc9Yj4ekq1RxRU712wjw6hPpLw
z4yqwPnnnoZHm54rNpWzBnIz/1ipV+pUN66mVpmwQDUAcGhiJleYtRY4eYxyGu8p
KpI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:44 2024 by rpki-client on console-ams.rpki-client.org