Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/172cf6-3c86-434f-baa5-7f7201c9c05f/1/4wjhx8rvyHbNFSUaQMoN4UqRE1U.roa
File: 4wjhx8rvyHbNFSUaQMoN4UqRE1U.roa (raw, json)
Hash identifier: iHHRc4wCNamfpggJ8MwftALoP0So+tIwnlnoJqACKXY=
Subject key identifier: E3:08:E1:C7:CA:EF:C8:76:CD:15:25:1A:40:CA:0D:E1:4A:91:13:55
Certificate issuer: /CN=da79b2d92c19cedaa2db42357f854da6588e1993
Certificate serial: AA5956
Authority key identifier: DA:79:B2:D9:2C:19:CE:DA:A2:DB:42:35:7F:85:4D:A6:58:8E:19:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nmy2SwZztqi20I1f4VNpliOGZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/172cf6-3c86-434f-baa5-7f7201c9c05f/1/4wjhx8rvyHbNFSUaQMoN4UqRE1U.roa
Signing time: Sat 01 Jan 2022 02:00:28 +0000
ROA not before: Sat 01 Jan 2022 02:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48031
IP address blocks: 91.247.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11163990 (0xaa5956)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da79b2d92c19cedaa2db42357f854da6588e1993
Validity
Not Before: Jan 1 02:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e308e1c7caefc876cd15251a40ca0de14a911355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:21:e6:a0:1c:40:ba:50:8c:19:a2:66:f9:d0:
28:e3:0c:f9:89:65:b7:fc:47:30:da:b3:5e:3d:4d:
21:45:72:8b:1d:71:dd:6e:62:29:c3:92:d0:71:83:
3d:bc:4e:bc:e8:52:8e:0e:e6:86:fa:ae:83:09:a3:
62:b6:e6:04:07:78:23:f3:e3:b0:72:d7:c8:3c:2e:
c7:56:e8:cc:1c:f1:f1:07:11:8c:44:88:2d:af:3c:
61:9a:ad:b7:db:07:c9:03:ea:4f:64:33:de:59:fb:
3a:f9:11:aa:4c:db:64:1a:0f:9d:ab:e0:72:31:0f:
1e:ed:78:8a:e0:24:a5:4c:f3:38:6c:6b:26:29:0d:
bf:87:05:34:4b:b1:32:d8:a0:27:bf:01:b8:48:35:
56:3a:93:80:4b:18:83:7f:73:32:27:ae:2d:34:74:
0e:d5:be:53:06:43:be:76:5c:8a:86:12:d9:44:96:
b6:6a:c4:1d:bc:84:4f:98:cd:ac:4f:d1:5a:5e:ae:
5e:7b:60:f2:47:37:d0:b7:d2:3e:9e:cb:59:d4:8c:
a0:57:8f:a1:6e:b6:0c:f7:7e:8a:82:73:97:43:b0:
79:75:19:50:f1:c8:04:84:59:60:94:0f:30:93:cc:
e0:79:82:c6:4e:45:4e:ae:cb:15:89:f6:b3:28:c6:
9c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:08:E1:C7:CA:EF:C8:76:CD:15:25:1A:40:CA:0D:E1:4A:91:13:55
X509v3 Authority Key Identifier:
keyid:DA:79:B2:D9:2C:19:CE:DA:A2:DB:42:35:7F:85:4D:A6:58:8E:19:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nmy2SwZztqi20I1f4VNpliOGZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/172cf6-3c86-434f-baa5-7f7201c9c05f/1/4wjhx8rvyHbNFSUaQMoN4UqRE1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/172cf6-3c86-434f-baa5-7f7201c9c05f/1/2nmy2SwZztqi20I1f4VNpliOGZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.173.0/24
Signature Algorithm: sha256WithRSAEncryption
91:12:b9:0d:4e:79:86:08:5b:ec:35:a5:fd:84:23:90:6a:d4:
50:ed:75:dc:f0:b9:dc:5e:da:20:ad:76:ad:26:20:98:5f:61:
88:a3:d2:60:44:15:19:87:17:a1:8c:46:45:ee:ef:7c:dc:e8:
31:65:34:36:4f:47:28:c1:1a:72:f4:59:5c:c5:f6:7e:1f:97:
cd:5b:8a:dc:fd:77:93:90:a8:a8:54:9b:46:47:d0:05:23:2f:
05:a6:19:fa:37:a9:a8:d4:f7:bd:2a:cd:01:71:fc:12:3d:e1:
5d:1b:bc:74:fd:da:84:b3:43:62:bb:4f:d8:6b:bd:0f:b8:7e:
77:34:77:b3:65:6d:96:ea:34:87:44:e6:6f:68:55:03:11:62:
4c:2a:7b:31:8c:5f:c1:f3:7f:06:ea:17:35:07:fe:44:ca:92:
f7:b2:ed:b3:9e:ae:8e:85:35:e5:3c:c4:11:79:24:0e:ef:d3:
0a:7f:64:1c:7e:cd:3e:27:71:93:8f:78:af:4e:77:6f:0c:87:
99:74:57:63:6c:f5:e8:7c:8d:a2:fa:6d:c6:da:a5:e1:a8:2b:
74:f2:b3:68:4f:69:7e:be:9a:38:a9:91:91:dc:10:48:7a:46:
dc:f4:97:31:ca:fb:9b:a1:1e:a9:26:3e:49:ee:0c:db:d7:a6:
f2:37:ce:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKpZVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTc5YjJkOTJjMTljZWRhYTJkYjQyMzU3Zjg1NGRhNjU4OGUxOTkzMB4XDTIyMDEw
MTAyMDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMwOGUxYzdjYWVm
Yzg3NmNkMTUyNTFhNDBjYTBkZTE0YTkxMTM1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMch5qAcQLpQjBmiZvnQKOMM+Yllt/xHMNqzXj1NIUVyix1x
3W5iKcOS0HGDPbxOvOhSjg7mhvqugwmjYrbmBAd4I/PjsHLXyDwux1bozBzx8QcR
jESILa88YZqtt9sHyQPqT2Qz3ln7OvkRqkzbZBoPnavgcjEPHu14iuAkpUzzOGxr
JikNv4cFNEuxMtigJ78BuEg1VjqTgEsYg39zMieuLTR0DtW+UwZDvnZcioYS2USW
tmrEHbyET5jNrE/RWl6uXntg8kc30LfSPp7LWdSMoFePoW62DPd+ioJzl0OweXUZ
UPHIBIRZYJQPMJPM4HmCxk5FTq7LFYn2syjGnO8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjCOHHyu/Ids0VJRpAyg3hSpETVTAfBgNVHSMEGDAWgBTaebLZLBnO2qLb
QjV/hU2mWI4ZkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJubXkyU3daenRxaTIwSTFmNFZOcGxpT0daTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvMTcyY2Y2LTNjODYtNDM0Zi1iYWE1LTdmNzIwMWM5YzA1Zi8x
LzR3amh4OHJ2eUhiTkZTVWFRTW9ONFVxUkUxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
MTcyY2Y2LTNjODYtNDM0Zi1iYWE1LTdmNzIwMWM5YzA1Zi8xLzJubXkyU3daenRx
aTIwSTFmNFZOcGxpT0daTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv3rTANBgkqhkiG9w0BAQsFAAOC
AQEAkRK5DU55hghb7DWl/YQjkGrUUO113PC53F7aIK12rSYgmF9hiKPSYEQVGYcX
oYxGRe7vfNzoMWU0Nk9HKMEacvRZXMX2fh+XzVuK3P13k5CoqFSbRkfQBSMvBaYZ
+jepqNT3vSrNAXH8Ej3hXRu8dP3ahLNDYrtP2Gu9D7h+dzR3s2Vtluo0h0Tmb2hV
AxFiTCp7MYxfwfN/BuoXNQf+RMqS97Lts56ujoU15TzEEXkkDu/TCn9kHH7NPidx
k494r053bwyHmXRXY2z16HyNovptxtql4agrdPKzaE9pfr6aOKmRkdwQSHpG3PSX
Mcr7m6EeqSY+Se4M29em8jfOzQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-fra.rpki-client.org