Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/kIVcBT0rGipbClQ_GfZPYIjxSmo.roa
File: kIVcBT0rGipbClQ_GfZPYIjxSmo.roa (raw, json)
Hash identifier: uXtex0A5EajOy0MUw/7bcKxXkX67etzdB04c+Cyu0cI=
Subject key identifier: 90:85:5C:05:3D:2B:1A:2A:5B:0A:54:3F:19:F6:4F:60:88:F1:4A:6A
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 070B2460
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/kIVcBT0rGipbClQ_GfZPYIjxSmo.roa
Signing time: Thu 13 Jan 2022 14:22:29 +0000
ROA not before: Thu 13 Jan 2022 14:22:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60800
IP address blocks: 91.210.101.0/24 maxlen: 24
91.210.100.0/24 maxlen: 24
91.210.103.0/24 maxlen: 24
103.82.0.0/22 maxlen: 22
185.42.16.0/22 maxlen: 22
125.62.72.0/22 maxlen: 22
185.17.172.0/22 maxlen: 22
185.222.112.0/22 maxlen: 22
2a03:ec40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118170720 (0x70b2460)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jan 13 14:22:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90855c053d2b1a2a5b0a543f19f64f6088f14a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:db:13:0f:27:9f:d0:31:e3:c0:3f:c4:41:8b:
3a:d0:5d:ca:fa:04:bd:0f:e9:f1:67:22:fb:8e:34:
5e:93:27:52:de:8c:7c:92:45:80:39:59:e6:e7:6f:
a2:44:e2:15:d6:e9:0e:32:4f:22:7f:a5:4e:d5:85:
94:55:87:6d:dc:64:65:50:2b:f0:39:da:e6:90:74:
d7:37:e9:b9:fe:76:14:4f:12:26:4b:8e:0b:3b:05:
5c:1b:54:b8:74:69:c7:22:38:02:7c:dd:90:64:15:
23:65:2b:69:cf:c2:7b:5c:bc:ca:4f:f5:f4:fe:c4:
9a:f9:1a:7d:a5:35:1b:c7:57:ac:70:75:65:d0:c0:
a7:22:11:7b:41:71:02:f5:8b:77:1f:59:d2:41:fc:
13:be:ac:55:51:05:ff:0b:6f:eb:fb:df:d0:88:87:
b9:ac:0f:5f:42:1b:fb:7b:9f:3c:8c:17:0b:61:0f:
ff:c2:64:67:d7:bb:4b:52:6d:2e:76:0f:04:f7:2e:
3f:d3:32:64:ce:34:c2:c5:67:60:21:56:3d:c6:3e:
4e:29:d0:7b:2e:40:a7:72:0b:a9:b9:62:f5:e6:29:
2a:2e:86:b0:7d:6c:e6:94:42:0a:96:38:cd:c4:69:
d7:fc:fc:ef:2d:a3:30:61:e8:ce:b1:d5:12:49:51:
bc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:85:5C:05:3D:2B:1A:2A:5B:0A:54:3F:19:F6:4F:60:88:F1:4A:6A
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/kIVcBT0rGipbClQ_GfZPYIjxSmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.100.0/23
91.210.103.0/24
103.82.0.0/22
125.62.72.0/22
185.17.172.0/22
185.42.16.0/22
185.222.112.0/22
IPv6:
2a03:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
7f:64:c8:bc:52:28:c7:d1:25:69:22:9d:0c:98:b0:9c:f8:18:
31:df:ca:49:47:80:3b:f7:32:33:43:db:c7:75:a9:fb:ef:60:
01:36:47:63:38:e7:2a:b1:04:df:a6:3e:80:26:c7:26:d8:92:
cb:8b:81:47:e7:48:ec:96:c9:f0:04:a8:e3:48:99:e6:ed:f6:
e9:5c:dd:10:d0:7a:8b:d4:23:56:40:f3:ed:54:f0:d2:7a:d6:
5b:69:66:b8:6d:5d:d8:e4:04:1f:99:ca:64:88:80:08:25:6b:
15:58:b5:e7:60:2b:4b:c0:1d:04:69:5a:28:86:16:f8:d3:86:
20:da:26:51:75:96:e6:78:5f:51:f4:26:00:9c:65:6d:26:2a:
b5:3f:fc:32:8d:26:68:24:0a:c8:e3:7f:9e:d8:9a:11:79:d4:
ac:aa:92:68:5e:be:7c:9a:31:41:84:bc:3e:05:a3:c6:8a:74:
6c:0b:e0:75:9d:40:c6:3d:86:9e:05:f9:47:03:13:a2:78:06:
3b:d8:93:fb:3d:aa:8d:26:d7:58:61:23:73:06:84:88:3d:d5:
1f:4d:25:99:0c:c8:a0:1b:5e:1e:38:95:de:44:ce:e9:6d:b0:
a1:4f:d1:d8:69:fb:16:90:6d:91:3d:ee:b3:b5:21:b5:9e:a2:
ad:7e:18:b2
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBwskYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjYzNzg3ZmQwZjk0YjM3ODEzZWVmMTZiYzgxMzc0MjNlZTNmZWYzMB4XDTIyMDEx
MzE0MjIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA4NTVjMDUzZDJi
MWEyYTViMGE1NDNmMTlmNjRmNjA4OGYxNGE2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLbEw8nn9Ax48A/xEGLOtBdyvoEvQ/p8Wci+440XpMnUt6M
fJJFgDlZ5udvokTiFdbpDjJPIn+lTtWFlFWHbdxkZVAr8Dna5pB01zfpuf52FE8S
JkuOCzsFXBtUuHRpxyI4AnzdkGQVI2Urac/Ce1y8yk/19P7EmvkafaU1G8dXrHB1
ZdDApyIRe0FxAvWLdx9Z0kH8E76sVVEF/wtv6/vf0IiHuawPX0Ib+3ufPIwXC2EP
/8JkZ9e7S1JtLnYPBPcuP9MyZM40wsVnYCFWPcY+TinQey5Ap3ILqbli9eYpKi6G
sH1s5pRCCpY4zcRp1/z87y2jMGHozrHVEklRvIECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSQhVwFPSsaKlsKVD8Z9k9giPFKajAfBgNVHSMEGDAWgBQyY3h/0PlLN4E+
7xa8gTdCPuP+8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01tTjRmOUQ1U3plQlB1OFd2SUUzUWo3al92TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzcwM2VmLTI0MjItNDM3Yy1iOTNkLTU5NWUwYmY1YzYxMy8x
L2tJVmNCVDByR2lwYkNsUV9HZlpQWUlqeFNtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzcwM2VmLTI0MjItNDM3Yy1iOTNkLTU5NWUwYmY1YzYxMy8xL01tTjRmOUQ1U3pl
QlB1OFd2SUUzUWo3al92TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAVvSZAMEAFvSZwMEAmdSAAMEAn0+
SAMEArkRrAMEArkqEAMEArnecDANBAIAAjAHAwUDKgPsQDANBgkqhkiG9w0BAQsF
AAOCAQEAf2TIvFIox9ElaSKdDJiwnPgYMd/KSUeAO/cyM0Pbx3Wp++9gATZHYzjn
KrEE36Y+gCbHJtiSy4uBR+dI7JbJ8ASo40iZ5u326VzdENB6i9QjVkDz7VTw0nrW
W2lmuG1d2OQEH5nKZIiACCVrFVi152ArS8AdBGlaKIYW+NOGINomUXWW5nhfUfQm
AJxlbSYqtT/8Mo0maCQKyON/ntiaEXnUrKqSaF6+fJoxQYS8PgWjxop0bAvgdZ1A
xj2GngX5RwMTongGO9iT+z2qjSbXWGEjcwaEiD3VH00lmQzIoBteHjiV3kTO6W2w
oU/R2Gn7FpBtkT3us7UhtZ6irX4Ysg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org