Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/hW8u9VBZscgTZIHgLW7z2LhiHXI.roa
File: hW8u9VBZscgTZIHgLW7z2LhiHXI.roa (raw, json)
Hash identifier: 07qH5masLJqrktTk9N36m5U1ZlvS0yuSYBqsrneUipo=
Subject key identifier: 85:6F:2E:F5:50:59:B1:C8:13:64:81:E0:2D:6E:F3:D8:B8:62:1D:72
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 01822C7C5ACF080C573DBB0727454EE3F407
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/hW8u9VBZscgTZIHgLW7z2LhiHXI.roa
Signing time: Sat 23 Jul 2022 19:15:23 +0000
ROA not before: Sat 23 Jul 2022 19:15:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35732
IP address blocks: 91.188.209.0/24 maxlen: 24
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
91.188.208.80/28 maxlen: 28
91.188.208.0/24 maxlen: 24
2a0f:b1c2:1::/48 maxlen: 48
2a0f:b1c2:3::/48 maxlen: 48
2a0f:b1c1::/32 maxlen: 32
2a0f:b1c2::/48 maxlen: 48
2a0f:b1c0::/32 maxlen: 32
2a0f:b1c2:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2c:7c:5a:cf:08:0c:57:3d:bb:07:27:45:4e:e3:f4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Jul 23 19:15:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=856f2ef55059b1c8136481e02d6ef3d8b8621d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b8:b8:1b:2f:f0:86:99:55:4d:b4:21:98:29:
fa:6a:c8:19:a6:da:7e:4a:3c:d5:fb:fb:7f:05:33:
c4:9c:aa:ef:93:bb:dc:ac:64:21:b6:67:e0:38:d1:
4c:c2:c7:c2:d3:d8:e5:89:1d:8b:bf:0b:20:83:58:
13:47:e3:7b:0c:e7:f8:2d:16:d8:c4:b7:96:08:d4:
96:5f:41:ac:54:1a:93:1f:70:ba:d3:87:ae:eb:57:
98:57:1f:59:78:36:18:6f:fd:2f:9f:80:56:ff:9a:
9f:13:15:48:89:2f:b7:90:66:ac:46:a0:0c:f9:07:
54:d5:05:23:ad:29:6d:cf:0b:61:ea:d9:80:91:db:
f5:2e:76:68:90:53:ad:25:c3:60:85:92:a4:98:89:
48:c4:42:ac:2f:c3:26:d1:14:9a:6b:61:64:09:78:
71:e3:cf:f3:10:b5:82:51:d8:00:75:22:b9:bb:e9:
09:ce:e5:95:3c:c0:77:56:1c:11:31:3d:ec:f6:58:
d8:37:d2:f1:2c:51:8c:3a:a2:50:a5:9a:97:64:09:
2e:d9:af:fb:57:62:d2:ba:28:3f:a1:4d:ff:a3:e6:
f9:07:e1:6c:bb:85:0a:99:e2:d4:fb:47:78:18:da:
89:3b:ca:4d:f2:f7:21:da:66:16:35:07:53:f1:33:
da:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6F:2E:F5:50:59:B1:C8:13:64:81:E0:2D:6E:F3:D8:B8:62:1D:72
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/hW8u9VBZscgTZIHgLW7z2LhiHXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
IPv6:
2a0f:b1c0::-2a0f:b1c2:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:c5:89:13:66:5a:49:22:da:7d:4e:fd:f3:a4:3a:53:3a:27:
04:0b:96:ec:d4:da:13:08:1a:3b:b4:e5:3a:c3:ad:bf:21:22:
49:da:bf:11:60:7a:4f:4f:37:fc:6b:ca:f7:76:51:dd:08:9d:
6c:0a:7e:b4:20:b4:31:96:00:6e:42:eb:e7:bd:ec:91:c1:ab:
c5:25:72:90:f1:10:e3:82:dc:d4:4b:aa:22:96:ff:e6:46:5f:
51:67:08:cf:3b:68:32:3b:25:30:a4:5d:89:51:27:76:6f:c5:
5b:ed:b5:3c:1f:90:90:94:29:d5:4f:3b:a9:d3:f1:7f:17:3c:
1f:ba:bf:7c:99:5e:ab:55:e7:da:32:ef:97:b8:2d:00:74:13:
83:fb:cb:07:34:a2:f7:33:6f:f2:65:21:03:de:b9:d7:0e:41:
0c:a8:8c:23:32:b7:3c:cd:eb:97:9b:36:ad:7a:40:4b:b9:53:
c4:28:f7:c7:cf:5c:d9:c0:91:cb:9f:cf:14:16:15:53:94:6a:
e7:2f:31:c2:b7:f0:24:e1:7b:f2:d9:54:ba:cd:6e:ca:ec:1c:
a8:37:55:b4:ea:34:04:b7:5b:be:4a:cf:ed:d9:d8:55:96:9c:
be:57:1a:56:47:7b:fe:43:e8:c3:9b:66:c1:7c:b1:bb:b8:f6:
f2:a6:6e:e5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYIsfFrPCAxXPbsHJ0VO4/QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzg2OTU3NzJmMGU2NGYzYjlhMTYyMTczM2NjMDI1MDZm
NzQ3MDIwHhcNMjIwNzIzMTkxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTZmMmVmNTUwNTliMWM4MTM2NDgxZTAyZDZlZjNkOGI4NjIxZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7i4Gy/whplVTbQhmCn6asgZptp+
SjzV+/t/BTPEnKrvk7vcrGQhtmfgONFMwsfC09jliR2Lvwsgg1gTR+N7DOf4LRbY
xLeWCNSWX0GsVBqTH3C604eu61eYVx9ZeDYYb/0vn4BW/5qfExVIiS+3kGasRqAM
+QdU1QUjrSltzwth6tmAkdv1LnZokFOtJcNghZKkmIlIxEKsL8Mm0RSaa2FkCXhx
48/zELWCUdgAdSK5u+kJzuWVPMB3VhwRMT3s9ljYN9LxLFGMOqJQpZqXZAku2a/7
V2LSuig/oU3/o+b5B+Fsu4UKmeLU+0d4GNqJO8pN8vch2mYWNQdT8TPaBwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIVvLvVQWbHIE2SB4C1u89i4Yh1yMB8GA1UdIwQY
MBaAFCvIaVdy8OZPO5oWIXM8wCUG90cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMt
NDNkNjZhMDMzMWVjLzEvaFc4dTlWQlpzY2dUWklIZ0xXN3oyTGhpSFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMtNDNkNjZhMDMzMWVj
LzEvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCW7zQMBgE
AgACMBIwEAMFBioPscADBwIqD7HCAAAwDQYJKoZIhvcNAQELBQADggEBAH/FiRNm
Wkki2n1O/fOkOlM6JwQLluzU2hMIGju05TrDrb8hIknavxFgek9PN/xryvd2Ud0I
nWwKfrQgtDGWAG5C6+e97JHBq8UlcpDxEOOC3NRLqiKW/+ZGX1FnCM87aDI7JTCk
XYlRJ3ZvxVvttTwfkJCUKdVPO6nT8X8XPB+6v3yZXqtV59oy75e4LQB0E4P7ywc0
ovczb/JlIQPeudcOQQyojCMytzzN65ebNq16QEu5U8Qo98fPXNnAkcufzxQWFVOU
aucvMcK38CThe/LZVLrNbsrsHKg3VbTqNAS3W75Kz+3Z2FWWnL5XGlZHe/5D6MOb
ZsF8sbu49vKmbuU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org