Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/CxbVsmSHk-CcNxwb-qp3kBhNue8.roa
File: CxbVsmSHk-CcNxwb-qp3kBhNue8.roa (raw, json)
Hash identifier: uxBYkSgOUiSbVT17R94+54WNTjsC86tvE7yGcP/DNv0=
Subject key identifier: 0B:16:D5:B2:64:87:93:E0:9C:37:1C:1B:FA:AA:77:90:18:4D:B9:EF
Certificate issuer: /CN=a633725cd5dd91cf190ab3a99526e898357856ef
Certificate serial: 1FCA7BEC
Authority key identifier: A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/CxbVsmSHk-CcNxwb-qp3kBhNue8.roa
Signing time: Sat 01 Jan 2022 03:55:40 +0000
ROA not before: Sat 01 Jan 2022 03:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15495
IP address blocks: 91.213.221.0/24 maxlen: 24
128.246.0.0/16 maxlen: 24
141.6.0.0/16 maxlen: 24
195.234.178.0/24 maxlen: 24
2a03:5680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 533363692 (0x1fca7bec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a633725cd5dd91cf190ab3a99526e898357856ef
Validity
Not Before: Jan 1 03:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b16d5b2648793e09c371c1bfaaa7790184db9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ab:ac:ab:75:4c:38:fb:ba:ef:75:7f:a0:94:
bd:af:24:86:f3:38:c1:fd:08:91:f7:a5:84:67:7f:
08:f1:2d:5a:17:a1:ea:88:14:fe:1c:8c:e2:66:a2:
8d:e6:45:0d:89:79:04:e5:b8:b0:35:7c:bd:7d:86:
05:5a:b8:f9:b0:98:ef:92:ea:2b:ca:06:f1:a8:24:
8d:b9:ca:72:be:f9:17:2b:1e:a3:68:e9:97:8d:37:
b6:2b:4c:60:bd:bc:cf:1a:95:b1:ad:51:74:25:94:
e4:ac:08:7c:09:95:76:c3:f5:37:37:90:c2:a6:8f:
2d:07:5a:5f:67:cd:6f:ed:f3:72:fc:d4:f0:b3:41:
79:60:01:5f:94:de:c8:7d:da:b3:04:d5:d9:4c:0d:
90:4a:d0:f3:b7:c4:f5:b3:77:a2:eb:5b:e5:24:f5:
30:25:f1:44:8f:43:e0:71:6a:db:be:fb:fc:20:ca:
93:d2:bb:43:e7:1d:91:06:59:d8:7c:9d:98:c6:18:
38:1c:b6:1c:f8:11:6d:d0:ff:04:1d:f1:6c:88:7c:
31:4e:36:05:d2:bb:f5:de:cd:24:38:5f:a6:22:9d:
cd:cd:f4:42:b4:c3:4c:5e:3a:00:3b:9a:b1:62:34:
3a:c9:2a:c0:58:ea:a5:85:ae:d6:88:3e:f4:e9:28:
db:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:16:D5:B2:64:87:93:E0:9C:37:1C:1B:FA:AA:77:90:18:4D:B9:EF
X509v3 Authority Key Identifier:
keyid:A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/CxbVsmSHk-CcNxwb-qp3kBhNue8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.221.0/24
128.246.0.0/16
141.6.0.0/16
195.234.178.0/24
IPv6:
2a03:5680::/32
Signature Algorithm: sha256WithRSAEncryption
87:51:5a:12:92:ff:f0:ea:eb:95:2d:31:28:dd:a5:18:4e:f3:
e2:53:8c:75:13:d7:7b:41:57:d7:cf:07:13:51:e2:47:ee:8d:
bf:d4:7b:a2:91:bd:18:4e:a5:93:15:be:3e:09:96:05:f3:88:
95:6c:b0:be:b1:64:be:d5:49:98:71:2e:46:ec:ef:a5:49:0c:
dd:b0:96:20:c1:a6:5a:d1:aa:b1:cf:2d:a5:98:66:fe:1b:ca:
16:5f:ad:4a:51:1b:18:11:db:39:a8:00:18:1a:2e:82:04:02:
bc:0f:ea:ca:22:71:b5:f4:fa:69:fa:d8:49:8d:38:7b:bf:ad:
bf:2b:7e:db:70:62:df:21:7e:ea:bd:8c:98:2d:63:a8:0a:f7:
df:f2:f9:00:5c:05:98:84:51:ef:bd:43:33:ce:8c:85:01:29:
47:ba:33:ae:fe:31:8e:ed:5e:13:ab:f9:1a:ac:0a:c4:e6:f7:
e8:84:c2:ed:2e:f8:8c:7c:50:20:28:24:2f:75:ba:15:0d:68:
17:dd:ef:09:a0:f0:fe:2f:8f:07:3d:42:13:fc:8a:14:3e:f8:
71:b3:00:e8:1c:0b:26:e6:bf:2b:5e:3b:cc:53:76:25:df:dd:
ac:9e:7a:a8:ed:74:e5:67:ef:8c:b9:e7:52:00:b3:6e:7e:5d:
77:1d:89:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEH8p77DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjMzNzI1Y2Q1ZGQ5MWNmMTkwYWIzYTk5NTI2ZTg5ODM1Nzg1NmVmMB4XDTIyMDEw
MTAzNTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIxNmQ1YjI2NDg3
OTNlMDljMzcxYzFiZmFhYTc3OTAxODRkYjllZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWrrKt1TDj7uu91f6CUva8khvM4wf0IkfelhGd/CPEtWheh
6ogU/hyM4maijeZFDYl5BOW4sDV8vX2GBVq4+bCY75LqK8oG8agkjbnKcr75Fyse
o2jpl403titMYL28zxqVsa1RdCWU5KwIfAmVdsP1NzeQwqaPLQdaX2fNb+3zcvzU
8LNBeWABX5TeyH3aswTV2UwNkErQ87fE9bN3outb5ST1MCXxRI9D4HFq2777/CDK
k9K7Q+cdkQZZ2HydmMYYOBy2HPgRbdD/BB3xbIh8MU42BdK79d7NJDhfpiKdzc30
QrTDTF46ADuasWI0OskqwFjqpYWu1og+9Oko29kCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBQLFtWyZIeT4Jw3HBv6qneQGE257zAfBgNVHSMEGDAWgBSmM3Jc1d2RzxkK
s6mVJuiYNXhW7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BqTnlYTlhka2M4WkNyT3BsU2JvbURWNFZ1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNWI4NTZhLWE5MGQtNDc5MS05YzEwLWMwYjgxM2I0ZWM3ZS8x
L0N4YlZzbVNIay1DY054d2ItcXAza0JoTnVlOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NWI4NTZhLWE5MGQtNDc5MS05YzEwLWMwYjgxM2I0ZWM3ZS8xL3BqTnlYTlhka2M4
WkNyT3BsU2JvbURWNFZ1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wHAQCAAEwFgMEAFvV3QMDAID2AwMAjQYDBADD6rIw
DQQCAAIwBwMFACoDVoAwDQYJKoZIhvcNAQELBQADggEBAIdRWhKS//Dq65UtMSjd
pRhO8+JTjHUT13tBV9fPBxNR4kfujb/Ue6KRvRhOpZMVvj4JlgXziJVssL6xZL7V
SZhxLkbs76VJDN2wliDBplrRqrHPLaWYZv4byhZfrUpRGxgR2zmoABgaLoIEArwP
6soicbX0+mn62EmNOHu/rb8rfttwYt8hfuq9jJgtY6gK99/y+QBcBZiEUe+9QzPO
jIUBKUe6M67+MY7tXhOr+RqsCsTm9+iEwu0u+Ix8UCAoJC91uhUNaBfd7wmg8P4v
jwc9QhP8ihQ++HGzAOgcCybmvyteO8xTdiXf3ayeeqjtdOVn74y551IAs25+XXcd
iSU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:40 2024 by rpki-client on console-fra.rpki-client.org