Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-r4TjHnNmOxkn0Rsi3aPs6sh2s0.roa
File: 1-r4TjHnNmOxkn0Rsi3aPs6sh2s0.roa (raw, json)
Hash identifier: 9GayWKnrc42KTgQDdUR3UdE2ckHuAOHd+DAfPTHNL/U=
Subject key identifier: FA:BE:13:8C:79:CD:98:EC:64:9F:44:6C:8B:76:8F:B3:AB:21:DA:CD
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CBF11D0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-r4TjHnNmOxkn0Rsi3aPs6sh2s0.roa
Signing time: Sat 01 Jan 2022 05:05:03 +0000
ROA not before: Sat 01 Jan 2022 05:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198352
IP address blocks: 91.190.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213848528 (0xcbf11d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fabe138c79cd98ec649f446c8b768fb3ab21dacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c1:2d:b4:ae:1f:fb:ed:c4:71:97:08:06:49:
11:f8:73:65:b1:74:94:b0:b1:dc:96:0c:5c:83:97:
3e:28:a5:ec:d2:2e:11:d1:6b:7a:47:ac:7c:4e:28:
fd:df:b2:3a:55:0d:64:ca:a1:3b:42:e5:b5:13:48:
05:b3:2b:ab:27:cd:ea:ac:86:f9:6c:5a:72:50:b8:
ca:76:7a:de:ba:a7:c5:8b:9e:bb:fa:06:52:0c:e2:
d8:7a:bf:a9:0e:f8:37:85:06:a9:88:c3:1d:85:5a:
a3:ed:1e:ae:ce:64:6a:23:d3:10:83:9e:08:29:67:
70:55:8b:60:71:31:88:aa:b7:79:f6:2c:b5:a2:b8:
df:97:fc:27:13:7e:0c:84:0f:3f:e6:d5:7f:71:e5:
51:d8:d9:f3:53:4d:00:8a:c9:e3:cb:7b:64:7e:d9:
75:a5:9d:2d:c2:a8:be:89:d1:d0:ec:a0:f6:99:0b:
43:ba:65:dc:77:1e:e6:2e:bf:a3:ba:8b:6d:0b:7c:
c1:60:2b:87:24:1f:50:53:05:df:c6:3d:18:82:7f:
d4:62:e7:dc:04:e8:04:92:07:cb:c7:26:ea:77:e8:
98:f3:00:a6:f1:57:a9:14:fc:68:f7:0b:af:50:db:
3c:09:d1:fc:38:37:c8:6d:e7:d8:37:4c:d2:0e:1c:
e1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BE:13:8C:79:CD:98:EC:64:9F:44:6C:8B:76:8F:B3:AB:21:DA:CD
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-r4TjHnNmOxkn0Rsi3aPs6sh2s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.98.0/24
Signature Algorithm: sha256WithRSAEncryption
34:42:6b:85:86:85:99:19:34:52:29:4d:81:44:cd:43:0b:5a:
36:b7:38:ad:f5:97:62:e2:3f:40:2e:c8:f4:ce:6f:f0:2b:a3:
ea:4b:c0:63:b7:b6:3b:cc:d3:9f:cc:f9:46:3b:46:d1:f4:c8:
78:9f:ea:46:74:11:9d:fb:cd:d5:8e:e0:0a:e6:3d:2d:5d:9d:
3c:80:aa:a7:00:33:c4:f2:8f:ae:20:c0:b3:b2:53:7c:20:bb:
a0:13:85:ea:98:90:ff:8b:f0:0a:e5:d9:60:b0:05:83:eb:06:
8b:8d:2c:49:df:49:76:4f:43:25:32:d4:0d:b5:b3:95:df:ed:
0c:8e:46:ff:98:1f:76:5a:ad:ec:79:7c:bf:04:00:c3:bb:d6:
96:7d:13:88:b0:51:a6:c4:b9:c0:f7:84:30:65:b7:a0:fd:d7:
3d:10:6c:48:2a:c5:ec:e2:42:55:92:93:e5:3d:cf:b5:2d:d5:
cc:d2:2c:3a:93:ab:93:33:f9:66:d6:3a:34:b0:da:c4:5a:6e:
8f:16:dd:18:ce:b6:78:d8:b6:e7:70:74:6f:bb:87:37:6c:4c:
6e:0c:47:dd:77:8d:d9:c8:30:3a:68:23:f2:b8:b0:56:da:a8:
c5:15:ee:86:e6:df:81:57:7e:5e:00:07:f9:9c:02:9b:87:7e:
44:b4:e5:76
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDL8R0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFiZTEzOGM3OWNk
OThlYzY0OWY0NDZjOGI3NjhmYjNhYjIxZGFjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7BLbSuH/vtxHGXCAZJEfhzZbF0lLCx3JYMXIOXPiil7NIu
EdFrekesfE4o/d+yOlUNZMqhO0LltRNIBbMrqyfN6qyG+WxaclC4ynZ63rqnxYue
u/oGUgzi2Hq/qQ74N4UGqYjDHYVao+0ers5kaiPTEIOeCClncFWLYHExiKq3efYs
taK435f8JxN+DIQPP+bVf3HlUdjZ81NNAIrJ48t7ZH7ZdaWdLcKovonR0Oyg9pkL
Q7pl3Hce5i6/o7qLbQt8wWArhyQfUFMF38Y9GIJ/1GLn3AToBJIHy8cm6nfomPMA
pvFXqRT8aPcLr1DbPAnR/Dg3yG3n2DdM0g4c4dMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6vhOMec2Y7GSfRGyLdo+zqyHazTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
LzEtcjRUakhuTm1PeGtuMFJzaTNhUHM2c2gyczAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Jj
LzhkZDg1YS1iZjhmLTQyNWUtYTI0Yi0yY2NlZGI5NjZhNTgvMS9Oc0trdDlYWFBG
dFhCR0lqdnpEclpUQUZzT0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbvmIwDQYJKoZIhvcNAQELBQAD
ggEBADRCa4WGhZkZNFIpTYFEzUMLWja3OK31l2LiP0AuyPTOb/Aro+pLwGO3tjvM
05/M+UY7RtH0yHif6kZ0EZ37zdWO4ArmPS1dnTyAqqcAM8Tyj64gwLOyU3wgu6AT
heqYkP+L8Arl2WCwBYPrBouNLEnfSXZPQyUy1A21s5Xf7QyORv+YH3Zarex5fL8E
AMO71pZ9E4iwUabEucD3hDBlt6D91z0QbEgqxeziQlWSk+U9z7Ut1czSLDqTq5Mz
+WbWOjSw2sRabo8W3RjOtnjYtudwdG+7hzdsTG4MR913jdnIMDpoI/K4sFbaqMUV
7obm34FXfl4AB/mcApuHfkS05XY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org