Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/v5cm2nfVDAxI0zTwZqzqEYprPiI.roa
File: v5cm2nfVDAxI0zTwZqzqEYprPiI.roa (raw, json)
Hash identifier: 7VjhoFyeU6ALDYnRUwX3MRy41rTqpAsFfowp4OmawTo=
Subject key identifier: BF:97:26:DA:77:D5:0C:0C:48:D3:34:F0:66:AC:EA:11:8A:6B:3E:22
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 018428C50586133A6150960A838431FE3882
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/v5cm2nfVDAxI0zTwZqzqEYprPiI.roa
Signing time: Sun 30 Oct 2022 12:01:51 +0000
ROA not before: Sun 30 Oct 2022 12:01:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211895
IP address blocks: 193.36.132.0/24 maxlen: 24
91.218.20.0/24 maxlen: 24
188.239.191.0/24 maxlen: 24
2a07:e040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:28:c5:05:86:13:3a:61:50:96:0a:83:84:31:fe:38:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Oct 30 12:01:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf9726da77d50c0c48d334f066acea118a6b3e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:11:11:39:7e:7a:fd:8b:bd:e3:79:ef:cd:
1f:c8:4c:73:d2:bd:2d:30:fb:e8:14:d0:ad:7c:c1:
86:09:25:cc:73:74:bf:ca:90:f5:dc:6d:28:29:31:
1a:ce:cd:58:e2:66:46:f5:0e:8a:81:63:9d:d7:7a:
1b:ab:eb:44:65:62:c5:bc:59:08:23:8a:4d:77:e9:
dc:23:e4:8f:39:7d:aa:cc:da:a4:db:89:f0:5d:fb:
82:a0:47:1a:f6:3b:e3:b1:35:bc:d3:ab:04:5e:dd:
eb:ae:35:41:b4:39:9f:7c:5c:9c:05:5c:d0:a4:ed:
42:e3:82:42:d3:e7:7a:ab:db:5a:ab:33:80:71:f5:
19:f0:34:cc:d0:06:2b:10:10:72:5f:80:9b:62:2d:
93:f9:22:0a:bd:75:2e:b5:7b:90:d6:e6:ca:23:65:
6b:03:01:6f:e5:15:18:bf:57:d2:1e:20:2c:ac:17:
16:e5:b5:be:8d:1d:24:7e:74:70:b0:f8:44:30:ee:
9f:ca:64:fc:0a:ef:40:50:cc:dd:ca:d0:2a:15:33:
62:4c:c9:38:c7:b7:cb:fd:0f:c4:d2:1f:e2:94:57:
07:0c:64:2d:bc:e8:cb:6e:ec:57:9d:dc:08:12:f5:
80:26:74:56:e6:09:1e:55:55:fd:6c:48:db:13:5e:
ce:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:97:26:DA:77:D5:0C:0C:48:D3:34:F0:66:AC:EA:11:8A:6B:3E:22
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/v5cm2nfVDAxI0zTwZqzqEYprPiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.20.0/24
188.239.191.0/24
193.36.132.0/24
IPv6:
2a07:e040::/32
Signature Algorithm: sha256WithRSAEncryption
05:14:37:0f:46:2c:0f:4a:c5:3c:57:1a:2d:07:8d:7c:62:69:
66:0b:4f:a0:c2:b3:2b:9a:09:9f:22:8f:ae:1d:f9:77:12:b6:
f8:97:47:66:81:58:75:6c:88:92:ae:e5:b8:6c:a4:11:a4:2c:
6e:2d:b6:3e:b6:c6:dd:aa:ff:89:81:e7:5e:51:a5:c9:af:ed:
ac:8d:0c:54:ad:5a:6a:37:5e:3c:57:86:50:95:5f:fe:5d:be:
33:e7:36:c6:ed:c0:de:04:17:6f:ca:35:b6:16:4c:a7:de:80:
93:13:de:68:dd:74:b8:9d:d7:bd:9b:b5:ee:2a:62:19:df:95:
07:0b:9e:47:12:76:1f:b1:85:d9:90:e9:c5:6b:49:e0:08:b3:
1d:65:38:38:07:90:62:45:19:f1:4d:fc:4e:b9:5c:22:e9:86:
82:a3:0b:98:6e:21:e4:fd:b1:72:9c:a1:dd:9b:d0:87:3a:0a:
56:fb:c0:2a:10:a7:32:aa:dc:08:95:be:4a:cc:5b:45:27:3d:
38:a8:23:89:e2:9f:81:31:8c:03:d5:bd:86:e0:90:2f:59:fc:
97:43:b6:78:7f:b3:8d:bc:68:72:07:9a:84:2b:16:55:d2:bf:
f7:dd:c5:58:21:d1:38:ee:eb:d2:28:23:74:c5:00:c9:3d:99:
67:2f:9a:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYQoxQWGEzphUJYKg4Qx/jiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjIxMDMwMTIwMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk3MjZkYTc3ZDUwYzBjNDhkMzM0ZjA2NmFjZWExMThhNmIzZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ERETl+ev2LveN5780fyExz0r0t
MPvoFNCtfMGGCSXMc3S/ypD13G0oKTEazs1Y4mZG9Q6KgWOd13obq+tEZWLFvFkI
I4pNd+ncI+SPOX2qzNqk24nwXfuCoEca9jvjsTW806sEXt3rrjVBtDmffFycBVzQ
pO1C44JC0+d6q9taqzOAcfUZ8DTM0AYrEBByX4CbYi2T+SIKvXUutXuQ1ubKI2Vr
AwFv5RUYv1fSHiAsrBcW5bW+jR0kfnRwsPhEMO6fymT8Cu9AUMzdytAqFTNiTMk4
x7fL/Q/E0h/ilFcHDGQtvOjLbuxXndwIEvWAJnRW5gkeVVX9bEjbE17OcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL+XJtp31QwMSNM08Gas6hGKaz4iMB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvdjVjbTJuZlZEQXhJMHpUd1pxenFFWXByUGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9oUAwQA
vO+/AwQAwSSEMA0EAgACMAcDBQAqB+BAMA0GCSqGSIb3DQEBCwUAA4IBAQAFFDcP
RiwPSsU8VxotB418YmlmC0+gwrMrmgmfIo+uHfl3Erb4l0dmgVh1bIiSruW4bKQR
pCxuLbY+tsbdqv+JgedeUaXJr+2sjQxUrVpqN148V4ZQlV/+Xb4z5zbG7cDeBBdv
yjW2Fkyn3oCTE95o3XS4nde9m7XuKmIZ35UHC55HEnYfsYXZkOnFa0ngCLMdZTg4
B5BiRRnxTfxOuVwi6YaCowuYbiHk/bFynKHdm9CHOgpW+8AqEKcyqtwIlb5KzFtF
Jz04qCOJ4p+BMYwD1b2G4JAvWfyXQ7Z4f7ONvGhyB5qEKxZV0r/33cVYIdE47uvS
KCN0xQDJPZlnL5r+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org