Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/87e940-e2a1-436e-aa73-d3f6cd8e4444/1/x5a2_qXC_3trxCo2xEwk6vpBPlk.roa
File: x5a2_qXC_3trxCo2xEwk6vpBPlk.roa (raw, json)
Hash identifier: uMW7bNqg6M22WPVXRP5AnfrZcUW1yEiktlyY7PNeEgg=
Subject key identifier: C7:96:B6:FE:A5:C2:FF:7B:6B:C4:2A:36:C4:4C:24:EA:FA:41:3E:59
Certificate issuer: /CN=ec6b71c67e1cc28078697952ad3f4f355f4e1341
Certificate serial: 0C4B0F57
Authority key identifier: EC:6B:71:C6:7E:1C:C2:80:78:69:79:52:AD:3F:4F:35:5F:4E:13:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Gtxxn4cwoB4aXlSrT9PNV9OE0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/87e940-e2a1-436e-aa73-d3f6cd8e4444/1/x5a2_qXC_3trxCo2xEwk6vpBPlk.roa
Signing time: Sat 01 Jan 2022 13:05:47 +0000
ROA not before: Sat 01 Jan 2022 13:05:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.237.101.0/24 maxlen: 24
91.237.100.0/24 maxlen: 24
91.237.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206245719 (0xc4b0f57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b71c67e1cc28078697952ad3f4f355f4e1341
Validity
Not Before: Jan 1 13:05:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c796b6fea5c2ff7b6bc42a36c44c24eafa413e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:35:39:7f:db:a3:f0:c2:a2:9c:a3:c0:89:61:
34:37:c6:fe:31:c8:38:19:50:76:2a:5c:79:cb:32:
76:ba:26:17:19:ad:5b:7b:ad:20:4e:5c:77:75:6f:
45:64:6d:c2:9e:e9:2d:ed:f5:64:4a:c5:f1:b0:43:
fb:e9:14:f1:b9:4c:96:ae:f4:e9:78:f6:cc:65:db:
82:f4:3e:97:e6:04:f2:31:21:1b:75:1c:58:cf:21:
f7:ee:ed:cf:83:0f:6f:6f:ed:fa:f8:3d:8d:6d:d2:
95:f1:be:37:c7:56:e6:65:10:bf:cb:79:fe:c3:f6:
d9:0c:3e:14:88:31:8f:bb:50:5e:6c:6c:f1:0d:fb:
29:d2:ac:94:30:ff:19:f0:12:11:95:0d:b3:68:64:
4a:f8:48:dc:d8:f4:9a:3d:24:bc:79:e7:60:a9:7c:
be:41:a3:c4:88:20:a4:e8:04:82:cc:d5:7e:85:c4:
74:fb:30:43:68:6a:62:c5:2a:5a:71:7f:44:fa:7c:
e8:a5:ab:50:1e:fc:fe:00:3a:05:a3:3c:72:5c:79:
f6:89:03:dc:c2:50:02:f1:54:b3:35:d4:09:64:39:
56:d5:a3:8e:6b:fa:9e:75:a7:0d:5c:b6:61:28:24:
b0:b7:d2:26:6c:3b:9a:0d:2b:8d:a5:d8:8b:b3:73:
8f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:96:B6:FE:A5:C2:FF:7B:6B:C4:2A:36:C4:4C:24:EA:FA:41:3E:59
X509v3 Authority Key Identifier:
keyid:EC:6B:71:C6:7E:1C:C2:80:78:69:79:52:AD:3F:4F:35:5F:4E:13:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Gtxxn4cwoB4aXlSrT9PNV9OE0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/87e940-e2a1-436e-aa73-d3f6cd8e4444/1/x5a2_qXC_3trxCo2xEwk6vpBPlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/87e940-e2a1-436e-aa73-d3f6cd8e4444/1/7Gtxxn4cwoB4aXlSrT9PNV9OE0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.100.0/23
Signature Algorithm: sha256WithRSAEncryption
60:cc:a8:9c:f7:54:0e:3b:50:6b:0c:93:68:b3:47:ca:10:af:
f9:42:b4:21:50:67:dc:18:3a:2f:83:bb:d1:5b:89:cf:e5:78:
6c:a9:ae:08:7e:cf:1c:6d:b5:13:01:cf:23:85:d4:95:9a:30:
4f:e8:2d:18:f0:f7:52:c9:05:39:5e:70:58:6d:28:3e:04:84:
c4:d5:ec:15:7b:db:4b:19:65:c0:7d:7b:51:95:d9:55:01:53:
c1:ef:22:97:25:d1:a6:91:15:10:ac:b7:7a:f8:35:dc:55:8e:
82:b3:7a:ec:32:e9:61:db:97:38:a7:6f:bf:62:e7:e7:df:d6:
3f:fe:a8:49:19:0e:03:39:90:10:71:0b:0a:11:dc:57:d9:31:
6b:1d:0a:ce:42:26:e5:3b:f3:e0:33:4c:4a:b2:0d:50:1d:2b:
b2:fc:d4:f1:e7:68:68:f5:6e:d2:c8:6a:a2:c5:98:6f:bb:c3:
83:bc:9d:b0:9e:6e:57:09:bc:f1:7a:5d:c0:ab:bc:d4:23:6a:
79:ab:51:6d:22:48:dd:18:72:1e:b4:05:3f:d0:08:6c:92:b1:
9d:76:74:a0:12:bb:a5:6f:d0:65:17:14:46:ce:7f:f4:a7:da:
71:82:45:58:1f:e6:6e:ee:97:dc:32:b5:b5:68:91:70:d4:9f:
17:75:86:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDEsPVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzZiNzFjNjdlMWNjMjgwNzg2OTc5NTJhZDNmNGYzNTVmNGUxMzQxMB4XDTIyMDEw
MTEzMDU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc5NmI2ZmVhNWMy
ZmY3YjZiYzQyYTM2YzQ0YzI0ZWFmYTQxM2U1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQ1OX/bo/DCopyjwIlhNDfG/jHIOBlQdipcecsydromFxmt
W3utIE5cd3VvRWRtwp7pLe31ZErF8bBD++kU8blMlq706Xj2zGXbgvQ+l+YE8jEh
G3UcWM8h9+7tz4MPb2/t+vg9jW3SlfG+N8dW5mUQv8t5/sP22Qw+FIgxj7tQXmxs
8Q37KdKslDD/GfASEZUNs2hkSvhI3Nj0mj0kvHnnYKl8vkGjxIggpOgEgszVfoXE
dPswQ2hqYsUqWnF/RPp86KWrUB78/gA6BaM8clx59okD3MJQAvFUszXUCWQ5VtWj
jmv6nnWnDVy2YSgksLfSJmw7mg0rjaXYi7Nzj4kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTHlrb+pcL/e2vEKjbETCTq+kE+WTAfBgNVHSMEGDAWgBTsa3HGfhzCgHhp
eVKtP081X04TQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdHdHh4bjRjd29CNGFYbFNyVDlQTlY5T0UwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvODdlOTQwLWUyYTEtNDM2ZS1hYTczLWQzZjZjZDhlNDQ0NC8x
L3g1YTJfcVhDXzN0cnhDbzJ4RXdrNnZwQlBsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
ODdlOTQwLWUyYTEtNDM2ZS1hYTczLWQzZjZjZDhlNDQ0NC8xLzdHdHh4bjRjd29C
NGFYbFNyVDlQTlY5T0UwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvtZDANBgkqhkiG9w0BAQsFAAOC
AQEAYMyonPdUDjtQawyTaLNHyhCv+UK0IVBn3Bg6L4O70VuJz+V4bKmuCH7PHG21
EwHPI4XUlZowT+gtGPD3UskFOV5wWG0oPgSExNXsFXvbSxllwH17UZXZVQFTwe8i
lyXRppEVEKy3evg13FWOgrN67DLpYduXOKdvv2Ln59/WP/6oSRkOAzmQEHELChHc
V9kxax0KzkIm5Tvz4DNMSrINUB0rsvzU8edoaPVu0shqosWYb7vDg7ydsJ5uVwm8
8XpdwKu81CNqeatRbSJI3RhyHrQFP9AIbJKxnXZ0oBK7pW/QZRcURs5/9KfacYJF
WB/mbu6X3DK1tWiRcNSfF3WGJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:32 2023 by rpki-client on console-ams.rpki-client.org