Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/SmsJYx15pR-1CN7RtT3VDOEOZTA.roa
File: SmsJYx15pR-1CN7RtT3VDOEOZTA.roa (raw, json)
Hash identifier: h89sG1evvvok5JT3GpT0wKfsT8uqKH9gK0Z4IfnBZxk=
Subject key identifier: 4A:6B:09:63:1D:79:A5:1F:B5:08:DE:D1:B5:3D:D5:0C:E1:0E:65:30
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 064C8A06
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/SmsJYx15pR-1CN7RtT3VDOEOZTA.roa
Signing time: Sat 01 Jan 2022 01:53:58 +0000
ROA not before: Sat 01 Jan 2022 01:53:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105679366 (0x64c8a06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Jan 1 01:53:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a6b09631d79a51fb508ded1b53dd50ce10e6530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5a:fb:dc:e2:d6:62:d2:4a:05:16:36:a5:80:
00:cb:40:0c:3b:31:c2:6c:c3:77:b9:0a:47:f1:49:
82:04:ad:23:e2:e0:0a:36:8a:fd:f7:ab:cf:1e:4d:
5d:bd:36:43:a5:8e:29:b6:1c:9d:e2:cc:4a:d3:45:
3a:ee:da:47:bf:62:12:32:63:9a:30:a1:48:ee:12:
35:77:ec:a0:04:a0:18:b3:e6:a1:59:e2:4e:47:52:
f5:3d:e4:1c:2c:4e:b8:c9:22:a4:1a:0c:f2:35:31:
a2:f2:b7:62:7a:74:16:55:6b:07:1b:71:90:fd:eb:
37:18:56:b4:af:3a:fc:72:70:7b:2e:ed:fd:f1:3b:
18:5d:f5:d5:f5:eb:ef:09:62:91:67:f0:39:e2:96:
ca:09:09:2f:34:2c:d3:01:37:90:9f:67:2e:61:0c:
cb:24:e5:1d:ec:1a:71:6a:7c:1c:61:92:de:31:bf:
1e:80:3a:35:9d:a3:45:bc:d9:42:0b:3a:0f:a1:d0:
f7:f0:5e:a4:73:11:c6:45:dd:d3:2d:84:ba:c3:a4:
24:69:16:83:e0:9c:87:df:d5:fd:3a:9f:89:26:e6:
7b:4f:e6:13:0d:09:bc:b9:85:83:54:1f:d7:8a:a7:
78:53:ca:6f:14:17:80:fd:65:d3:c2:10:23:b4:05:
eb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6B:09:63:1D:79:A5:1F:B5:08:DE:D1:B5:3D:D5:0C:E1:0E:65:30
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/SmsJYx15pR-1CN7RtT3VDOEOZTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:ca:12:74:b1:50:67:1d:a2:f3:2e:8b:cd:f1:a7:fa:69:af:
74:46:f2:a1:44:dc:30:5a:96:60:1d:91:e8:e6:8d:eb:54:d8:
92:95:a1:79:98:62:87:49:83:1b:73:a6:6f:4d:78:a7:f5:ac:
0c:73:b9:0b:8d:f9:e8:a2:c4:44:57:1b:bb:8e:18:c2:c5:7b:
61:6a:fc:1a:ad:5e:cf:36:27:62:3c:f4:e4:c1:9b:11:49:da:
65:d3:97:b2:2f:8f:02:89:87:66:b5:54:a2:99:ac:20:9f:8f:
a4:b6:f3:37:6a:c5:e8:66:93:c7:50:a9:d1:59:5d:8e:ff:12:
ab:21:45:e3:fa:16:82:4e:b1:0a:55:cd:54:43:5b:c5:00:1c:
b4:69:6d:10:b4:22:ff:56:ae:4a:0c:dc:64:37:6a:3c:c5:09:
96:3b:1b:52:8b:4d:9a:80:97:b7:c2:7c:b1:29:c9:f2:b0:dc:
f0:29:ec:df:e3:fa:69:73:f3:09:f2:fa:c3:9c:c6:66:f9:c4:
41:83:d7:ef:36:59:0f:b1:fd:9b:06:24:f9:83:00:63:c5:e4:
7c:a1:ba:6e:7f:9e:45:11:21:79:c4:60:f1:fc:4e:e8:21:2c:
ce:06:6b:cf:32:f0:d2:72:db:a0:c5:de:62:81:a7:7f:52:9d:
24:84:92:81
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBkyKBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NmVkNDQyYjkxZDRlODNhNmRlMzlmYjY3OTcxYTFlNzljNmIxZWQ1MB4XDTIyMDEw
MTAxNTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE2YjA5NjMxZDc5
YTUxZmI1MDhkZWQxYjUzZGQ1MGNlMTBlNjUzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANha+9zi1mLSSgUWNqWAAMtADDsxwmzDd7kKR/FJggStI+Lg
CjaK/ferzx5NXb02Q6WOKbYcneLMStNFOu7aR79iEjJjmjChSO4SNXfsoASgGLPm
oVniTkdS9T3kHCxOuMkipBoM8jUxovK3Ynp0FlVrBxtxkP3rNxhWtK86/HJwey7t
/fE7GF311fXr7wlikWfwOeKWygkJLzQs0wE3kJ9nLmEMyyTlHewacWp8HGGS3jG/
HoA6NZ2jRbzZQgs6D6HQ9/BepHMRxkXd0y2EusOkJGkWg+Cch9/V/TqfiSbme0/m
Ew0JvLmFg1Qf14qneFPKbxQXgP1l08IQI7QF60cCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRKawljHXmlH7UI3tG1PdUM4Q5lMDAfBgNVHSMEGDAWgBSm7UQrkdToOm3j
n7Z5caHnnGse1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3B1MUVLNUhVNkRwdDQ1LTJlWEdoNTV4ckh0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNTUzZGM2LTEyZDAtNGQ0YS1hMjk0LTk3YzVkNTliMGJiZi8x
L1Ntc0pZeDE1cFItMUNON1J0VDNWRE9FT1pUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NTUzZGM2LTEyZDAtNGQ0YS1hMjk0LTk3YzVkNTliMGJiZi8xL3B1MUVLNUhVNkRw
dDQ1LTJlWEdoNTV4ckh0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvQogMEAFvQuAMEAFvQxQMEAFvQ
zjANBAIAAjAHAwUDKg9fQDANBgkqhkiG9w0BAQsFAAOCAQEAnsoSdLFQZx2i8y6L
zfGn+mmvdEbyoUTcMFqWYB2R6OaN61TYkpWheZhih0mDG3Omb014p/WsDHO5C435
6KLERFcbu44YwsV7YWr8Gq1ezzYnYjz05MGbEUnaZdOXsi+PAomHZrVUopmsIJ+P
pLbzN2rF6GaTx1Cp0Vldjv8SqyFF4/oWgk6xClXNVENbxQActGltELQi/1auSgzc
ZDdqPMUJljsbUotNmoCXt8J8sSnJ8rDc8Cns3+P6aXPzCfL6w5zGZvnEQYPX7zZZ
D7H9mwYk+YMAY8XkfKG6bn+eRREhecRg8fxO6CEszgZrzzLw0nLboMXeYoGnf1Kd
JISSgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:03 2024 by rpki-client on console-fra.rpki-client.org