Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/RYVmejHlm-E7E5973q22lO6e2yg.roa
File: RYVmejHlm-E7E5973q22lO6e2yg.roa (raw, json)
Hash identifier: ANXNgSoVbukzdpy5v6u0s9i23DpnQOkUXBXm/6gM4Xw=
Subject key identifier: 45:85:66:7A:31:E5:9B:E1:3B:13:9F:7B:DE:AD:B6:94:EE:9E:DB:28
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 07820922
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/RYVmejHlm-E7E5973q22lO6e2yg.roa
Signing time: Sat 01 Jan 2022 12:55:42 +0000
ROA not before: Sat 01 Jan 2022 12:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35732
IP address blocks: 91.188.209.0/24 maxlen: 24
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
91.188.208.0/24 maxlen: 24
2a0f:b1c2:1::/48 maxlen: 48
2a0f:b1c2:3::/48 maxlen: 48
2a0f:b1c1::/32 maxlen: 32
2a0f:b1c2::/48 maxlen: 48
2a0f:b1c0::/32 maxlen: 32
2a0f:b1c2:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125962530 (0x7820922)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Jan 1 12:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4585667a31e59be13b139f7bdeadb694ee9edb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a0:c0:37:3c:c0:e2:7b:ac:0c:a8:40:62:6f:
0d:12:f9:39:a2:59:ee:0b:9d:b7:1a:39:89:c3:c6:
fe:94:29:1d:15:63:eb:78:34:01:74:a1:f4:47:50:
41:6a:94:3e:d3:ef:d5:69:35:7a:9f:02:91:34:bd:
d1:96:c6:7f:91:70:37:f9:40:1d:27:6b:c8:40:83:
68:de:d9:63:85:ba:7c:62:ca:79:d2:76:a4:f9:f9:
4d:2e:4a:57:8e:0c:16:4a:e6:6b:22:3a:f5:c6:ca:
0a:a9:d8:e5:52:2d:98:57:6c:55:fa:e4:42:b1:e5:
5b:9a:a7:1a:49:0e:82:ab:52:88:5c:6a:b3:59:06:
38:0b:62:be:2d:f4:df:44:90:41:99:21:0b:2a:c6:
b8:08:1e:c6:78:ca:0b:ad:62:3d:4e:d1:e8:6a:8f:
04:17:1d:69:73:a6:7f:0b:00:98:70:20:a4:0a:e3:
c9:1c:13:82:24:da:14:91:76:29:4b:dd:1c:de:a4:
46:32:0b:0d:9a:75:ae:bf:02:50:1d:8e:70:96:f4:
f9:fa:cc:d8:8e:33:49:7d:60:97:57:d3:6e:3b:ce:
cc:dd:c3:93:f9:63:a2:b7:bc:04:0e:45:f3:2c:c3:
c8:01:1d:89:48:16:c6:63:89:b0:84:8c:a2:91:41:
e0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:85:66:7A:31:E5:9B:E1:3B:13:9F:7B:DE:AD:B6:94:EE:9E:DB:28
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/RYVmejHlm-E7E5973q22lO6e2yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
IPv6:
2a0f:b1c0::-2a0f:b1c2:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:1a:8c:94:22:ca:dc:5c:8b:20:cc:ca:36:81:c0:36:9f:26:
5c:7a:85:df:86:8f:72:c8:5c:79:10:2d:cb:da:9f:fa:33:6a:
ab:2e:8f:55:4b:4c:1c:cd:df:07:80:ae:ca:74:c4:ec:4c:62:
8a:81:d3:f5:92:81:1f:a9:44:7b:0e:e6:d5:1d:7a:e9:6d:4f:
da:74:26:6f:b0:09:45:e5:9f:24:13:03:e2:77:92:b5:f6:18:
5d:04:e8:38:83:69:36:b1:de:37:b0:7c:55:ff:c7:f7:a4:7c:
a3:05:3b:d4:18:64:f6:f6:50:f7:7e:66:3e:1c:cd:f2:ce:de:
b0:4a:b1:2d:14:69:5e:8b:62:3c:27:18:70:a9:d6:f1:3c:8f:
20:4c:54:c0:b0:a1:13:92:28:de:e6:2a:7d:8c:57:bd:a0:ed:
49:40:6e:3a:6b:58:82:a9:ba:49:3b:18:bb:29:c3:d3:26:79:
fb:5f:9a:52:6f:0e:ef:5f:34:1f:15:37:e4:ca:b2:e4:fc:65:
7b:b8:eb:e5:0e:c7:be:46:54:a3:de:86:8b:c6:07:ba:41:a9:
0c:c3:a5:ea:8b:6d:dc:bd:39:5f:5b:91:e8:e6:27:cb:d7:6d:
8c:7f:05:da:0c:df:13:ad:db:e6:b6:99:f4:b9:59:60:fa:e1:
01:b7:fb:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEB4IJIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmM4Njk1NzcyZjBlNjRmM2I5YTE2MjE3MzNjYzAyNTA2Zjc0NzAyMB4XDTIyMDEw
MTEyNTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDU4NTY2N2EzMWU1
OWJlMTNiMTM5ZjdiZGVhZGI2OTRlZTllZGIyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOgwDc8wOJ7rAyoQGJvDRL5OaJZ7gudtxo5icPG/pQpHRVj
63g0AXSh9EdQQWqUPtPv1Wk1ep8CkTS90ZbGf5FwN/lAHSdryECDaN7ZY4W6fGLK
edJ2pPn5TS5KV44MFkrmayI69cbKCqnY5VItmFdsVfrkQrHlW5qnGkkOgqtSiFxq
s1kGOAtivi3030SQQZkhCyrGuAgexnjKC61iPU7R6GqPBBcdaXOmfwsAmHAgpArj
yRwTgiTaFJF2KUvdHN6kRjILDZp1rr8CUB2OcJb0+frM2I4zSX1gl1fTbjvOzN3D
k/ljore8BA5F8yzDyAEdiUgWxmOJsISMopFB4G0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRFhWZ6MeWb4TsTn3verbaU7p7bKDAfBgNVHSMEGDAWgBQryGlXcvDmTzua
FiFzPMAlBvdHAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s4aHBWM0x3NWs4N21oWWhjenpBSlFiM1J3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvY2JmYTliLTAyOTEtNDhlMy04MDVjLTQzZDY2YTAzMzFlYy8x
L1JZVm1lakhsbS1FN0U1OTczcTIybE82ZTJ5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
Y2JmYTliLTAyOTEtNDhlMy04MDVjLTQzZDY2YTAzMzFlYy8xL0s4aHBWM0x3NWs4
N21oWWhjenpBSlFiM1J3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAlu80DAYBAIAAjASMBADBQYqD7HA
AwcCKg+xwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBrGoyUIsrcXIsgzMo2gcA2nyZc
eoXfho9yyFx5EC3L2p/6M2qrLo9VS0wczd8HgK7KdMTsTGKKgdP1koEfqUR7DubV
HXrpbU/adCZvsAlF5Z8kEwPid5K19hhdBOg4g2k2sd43sHxV/8f3pHyjBTvUGGT2
9lD3fmY+HM3yzt6wSrEtFGlei2I8JxhwqdbxPI8gTFTAsKETkije5ip9jFe9oO1J
QG46a1iCqbpJOxi7KcPTJnn7X5pSbw7vXzQfFTfkyrLk/GV7uOvlDse+RlSj3oaL
xge6QakMw6Xqi23cvTlfW5Ho5ifL122MfwXaDN8Trdvmtpn0uVlg+uEBt/s/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org