Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/0dfvictmGHMiMIRWxo0BoROcXJw.roa
File: 0dfvictmGHMiMIRWxo0BoROcXJw.roa (raw, json)
Hash identifier: SE3rZbvWl3ZJOoTULlfHxivctHTtHJZaGImN0bdvaO4=
Subject key identifier: D1:D7:EF:89:CB:66:18:73:22:30:84:56:C6:8D:01:A1:13:9C:5C:9C
Certificate issuer: /CN=fae01464a695b0f6f52f511bcc1240fa284d3dcf
Certificate serial: 041B5E
Authority key identifier: FA:E0:14:64:A6:95:B0:F6:F5:2F:51:1B:CC:12:40:FA:28:4D:3D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uAUZKaVsPb1L1EbzBJA-ihNPc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/0dfvictmGHMiMIRWxo0BoROcXJw.roa
Signing time: Fri 25 Feb 2022 06:36:46 +0000
ROA not before: Fri 25 Feb 2022 06:36:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8412
IP address blocks: 91.220.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 269150 (0x41b5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae01464a695b0f6f52f511bcc1240fa284d3dcf
Validity
Not Before: Feb 25 06:36:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1d7ef89cb66187322308456c68d01a1139c5c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:31:8b:e6:f6:b6:72:78:ec:81:f1:62:17:7f:
eb:db:23:4f:b9:5f:68:94:79:25:02:6d:e5:58:47:
39:8c:c8:9d:79:1e:cc:b6:39:43:4e:5c:64:b5:c9:
34:9c:67:37:f3:ad:15:6f:b8:cc:4f:22:c4:eb:cf:
e1:88:03:14:a5:7b:44:fe:13:db:cc:03:6a:47:04:
0a:1c:b6:fc:47:69:d6:39:c3:b2:9b:8f:7f:4a:07:
88:78:73:29:c7:f0:f3:52:b3:28:20:fd:c1:fa:7f:
f7:15:2b:73:ac:53:44:d6:d6:88:6c:7d:15:7b:c0:
43:70:c3:dd:a5:6e:3b:6c:b3:85:ef:ee:99:eb:fe:
4e:14:53:b9:92:9a:06:0f:6c:eb:bc:3d:79:37:bb:
08:bd:ac:14:c1:e8:5d:ff:c8:09:bb:6f:b5:9e:cd:
a6:b9:93:a5:fd:5f:d0:60:dc:1a:57:95:a1:27:bd:
e5:04:ba:2e:cb:31:67:45:e6:28:8b:4c:91:a1:95:
d5:e7:fa:0a:d7:69:c6:32:f5:ef:7e:6d:a3:ac:90:
3a:5f:13:a3:14:e1:10:f0:50:ce:30:f0:09:24:a4:
16:59:60:3f:6c:d4:72:72:e8:a9:4d:10:6f:a2:94:
fe:ce:97:52:24:a0:86:08:f1:38:a1:b7:2e:af:55:
1a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D7:EF:89:CB:66:18:73:22:30:84:56:C6:8D:01:A1:13:9C:5C:9C
X509v3 Authority Key Identifier:
keyid:FA:E0:14:64:A6:95:B0:F6:F5:2F:51:1B:CC:12:40:FA:28:4D:3D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uAUZKaVsPb1L1EbzBJA-ihNPc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/0dfvictmGHMiMIRWxo0BoROcXJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1c6704-510a-4800-a890-32352f96a621/1/1-uAUZKaVsPb1L1EbzBJA-ihNPc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:bf:25:92:20:02:16:8e:a4:3d:5a:dc:5c:d5:82:c3:eb:c7:
18:32:5d:1f:da:ea:e1:63:d9:5e:56:47:0d:6c:73:b5:b1:58:
6d:3c:c5:b8:b9:7f:32:25:24:c4:33:9a:0d:24:8d:2b:69:d6:
7c:ea:35:11:cd:e5:52:d6:da:77:3f:d0:ee:5c:33:e1:fa:e6:
27:ea:af:45:49:80:f2:6c:aa:7a:ee:a6:7a:ca:b7:2f:e9:41:
12:7d:8e:52:3d:0b:fa:9d:6f:33:2a:5d:62:ef:f5:6f:b6:60:
1f:74:6b:78:57:20:d1:d1:2e:b7:99:63:61:eb:76:95:12:5c:
a5:96:f8:4f:62:24:06:00:0b:b3:74:fb:90:3b:98:ed:14:a3:
50:0f:c7:c9:77:c3:8f:39:c8:78:05:46:3a:6e:c3:1b:6f:d6:
50:b8:96:0a:24:17:b1:ea:67:59:66:9a:0e:8b:25:46:a7:25:
6c:2b:91:11:fc:e6:c6:ea:89:96:44:de:64:88:1e:52:ed:48:
5b:32:82:32:c6:f6:e7:36:14:b1:80:a5:ac:98:be:e4:83:c1:
12:4b:3c:74:90:8d:68:cc:c4:3c:0b:89:65:d7:d3:96:49:b6:
b0:95:3a:b3:38:23:38:01:1c:b6:95:71:ba:40:cf:ef:74:06:
1d:13:ea:2d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIDBBteMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZh
ZTAxNDY0YTY5NWIwZjZmNTJmNTExYmNjMTI0MGZhMjg0ZDNkY2YwHhcNMjIwMjI1
MDYzNjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMWQ3ZWY4OWNiNjYx
ODczMjIzMDg0NTZjNjhkMDFhMTEzOWM1YzljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjTGL5va2cnjsgfFiF3/r2yNPuV9olHklAm3lWEc5jMideR7M
tjlDTlxktck0nGc3860Vb7jMTyLE68/hiAMUpXtE/hPbzANqRwQKHLb8R2nWOcOy
m49/SgeIeHMpx/DzUrMoIP3B+n/3FStzrFNE1taIbH0Ve8BDcMPdpW47bLOF7+6Z
6/5OFFO5kpoGD2zrvD15N7sIvawUwehd/8gJu2+1ns2muZOl/V/QYNwaV5WhJ73l
BLouyzFnReYoi0yRoZXV5/oK12nGMvXvfm2jrJA6XxOjFOEQ8FDOMPAJJKQWWWA/
bNRycuipTRBvopT+zpdSJKCGCPE4obcur1UawQIDAQABo4ICCzCCAgcwHQYDVR0O
BBYEFNHX74nLZhhzIjCEVsaNAaETnFycMB8GA1UdIwQYMBaAFPrgFGSmlbD29S9R
G8wSQPooTT3PMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS11QVVaS2FWc1BiMUwxRWJ6QkpBLWloTlBjOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvMWM2NzA0LTUxMGEtNDgwMC1hODkwLTMyMzUyZjk2YTYyMS8x
LzBkZnZpY3RtR0hNaU1JUld4bzBCb1JPY1hKdy5yb2EwgYIGA1UdHwR7MHkwd6B1
oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
MWM2NzA0LTUxMGEtNDgwMC1hODkwLTMyMzUyZjk2YTYyMS8xLzEtdUFVWkthVnNQ
YjFMMUViekJKQS1paE5QYzguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb3AIwDQYJKoZIhvcNAQELBQAD
ggEBAEy/JZIgAhaOpD1a3FzVgsPrxxgyXR/a6uFj2V5WRw1sc7WxWG08xbi5fzIl
JMQzmg0kjStp1nzqNRHN5VLW2nc/0O5cM+H65ifqr0VJgPJsqnrupnrKty/pQRJ9
jlI9C/qdbzMqXWLv9W+2YB90a3hXINHRLreZY2HrdpUSXKWW+E9iJAYAC7N0+5A7
mO0Uo1APx8l3w485yHgFRjpuwxtv1lC4lgokF7HqZ1lmmg6LJUanJWwrkRH85sbq
iZZE3mSIHlLtSFsygjLG9uc2FLGApayYvuSDwRJLPHSQjWjMxDwLiWXX05ZJtrCV
OrM4IzgBHLaVcbpAz+90Bh0T6i0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:55 2023 by rpki-client on console-fra.rpki-client.org