Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/IkhemQLVi-cCFFPTN3XMng-Eg0I.roa
File: IkhemQLVi-cCFFPTN3XMng-Eg0I.roa (raw, json)
Hash identifier: VP+yGBM7KgDLUOISHNWte5QI41zvEBQCBrDi1f6fGfw=
Subject key identifier: 22:48:5E:99:02:D5:8B:E7:02:14:53:D3:37:75:CC:9E:0F:84:83:42
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0A7AE756
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/IkhemQLVi-cCFFPTN3XMng-Eg0I.roa
Signing time: Sat 01 Jan 2022 08:57:08 +0000
ROA not before: Sat 01 Jan 2022 08:57:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 91.151.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175826774 (0xa7ae756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 08:57:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22485e9902d58be7021453d33775cc9e0f848342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ba:62:da:ed:cd:c7:66:86:34:df:b2:fa:19:
5a:06:3a:b9:04:29:cf:5d:c4:8c:3c:28:07:35:c7:
cd:11:68:b6:0b:15:10:03:1f:cc:1e:77:f9:d0:ed:
4b:a4:94:f5:8b:7f:21:ba:95:59:2a:cb:47:9b:4a:
f3:93:70:70:6c:88:f0:5b:5e:5b:8f:4b:6f:db:ec:
95:3f:d3:2d:dc:cd:0f:e6:10:d9:0c:a1:70:47:39:
36:e9:f2:0b:b4:79:22:2c:3a:2c:ee:43:f6:9a:58:
39:0f:50:e4:23:1a:0d:c1:2c:7f:7f:8a:d2:2d:03:
b7:91:c5:b2:aa:f8:fb:89:5c:82:f6:2a:3a:9e:f5:
6d:f4:55:17:4d:5f:43:56:88:34:15:e2:be:80:ec:
24:91:80:0d:83:bb:6e:07:49:41:ee:70:dd:59:0b:
57:de:71:a3:4a:70:49:52:22:c7:3c:64:e6:1a:8d:
b0:e2:61:1b:3f:5e:91:de:a8:46:44:9e:d9:bb:7e:
20:29:de:db:2f:c2:1d:48:8f:52:9b:a0:d7:a4:e0:
9a:92:6a:72:f9:d4:b9:4d:02:8a:c6:d0:f5:4a:c6:
55:af:1c:0d:a9:fa:a2:fb:22:08:24:94:d4:58:70:
a3:19:14:12:cf:05:89:f1:08:9c:f0:74:ce:3e:11:
5a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:48:5E:99:02:D5:8B:E7:02:14:53:D3:37:75:CC:9E:0F:84:83:42
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/IkhemQLVi-cCFFPTN3XMng-Eg0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.95.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:5d:34:11:a1:fd:15:76:87:9d:76:cc:96:cd:97:92:56:ba:
bf:ab:37:5e:2c:29:12:95:ea:1a:e7:32:d9:53:b8:f9:dc:ee:
48:bc:ba:a9:01:56:f2:6f:67:ac:5d:23:86:a0:e8:bb:7d:4b:
5b:47:62:76:09:54:20:e7:33:aa:f8:24:5f:c2:f7:61:28:b2:
11:3c:4f:2d:b8:d9:60:9a:f2:03:fe:41:d7:74:8e:63:42:5b:
ff:64:10:3c:12:e7:27:85:c4:d5:0f:36:ad:17:56:85:e7:af:
c8:2d:a3:34:8a:a0:bd:d1:11:c9:e9:02:b3:44:9c:5a:91:0c:
8a:3e:44:5d:58:97:f3:72:8b:0c:26:e7:0a:95:00:90:d6:78:
e9:aa:7d:44:d2:75:95:04:f6:df:79:70:26:5c:93:47:b7:44:
6f:da:55:88:5d:62:a0:37:37:f9:dc:a4:0e:37:37:53:33:48:
e9:5a:e8:07:45:a8:c5:93:d5:7f:a9:8d:fa:f5:c3:b6:d9:8a:
23:1e:08:db:51:8e:a0:00:dd:6c:6e:db:87:dd:70:e9:34:22:
e0:ea:f7:36:64:51:a1:43:ed:82:0e:5d:91:03:68:bb:fe:06:
f6:ed:75:17:1a:ca:93:9e:62:e8:c3:15:50:47:b0:5f:e2:35:
95:4e:17:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECnrnVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDEw
MTA4NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI0ODVlOTkwMmQ1
OGJlNzAyMTQ1M2QzMzc3NWNjOWUwZjg0ODM0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMu6YtrtzcdmhjTfsvoZWgY6uQQpz13EjDwoBzXHzRFotgsV
EAMfzB53+dDtS6SU9Yt/IbqVWSrLR5tK85NwcGyI8FteW49Lb9vslT/TLdzND+YQ
2QyhcEc5NunyC7R5Iiw6LO5D9ppYOQ9Q5CMaDcEsf3+K0i0Dt5HFsqr4+4lcgvYq
Op71bfRVF01fQ1aINBXivoDsJJGADYO7bgdJQe5w3VkLV95xo0pwSVIixzxk5hqN
sOJhGz9ekd6oRkSe2bt+ICne2y/CHUiPUpug16TgmpJqcvnUuU0CisbQ9UrGVa8c
Dan6ovsiCCSU1FhwoxkUEs8FifEInPB0zj4RWgUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQiSF6ZAtWL5wIUU9M3dcyeD4SDQjAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L0lraGVtUUxWaS1jQ0ZGUFROM1hNbmctRWcwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuXXzANBgkqhkiG9w0BAQsFAAOC
AQEAOl00EaH9FXaHnXbMls2Xkla6v6s3XiwpEpXqGucy2VO4+dzuSLy6qQFW8m9n
rF0jhqDou31LW0didglUIOczqvgkX8L3YSiyETxPLbjZYJryA/5B13SOY0Jb/2QQ
PBLnJ4XE1Q82rRdWheevyC2jNIqgvdERyekCs0ScWpEMij5EXViX83KLDCbnCpUA
kNZ46ap9RNJ1lQT233lwJlyTR7dEb9pViF1ioDc3+dykDjc3UzNI6VroB0WoxZPV
f6mN+vXDttmKIx4I21GOoADdbG7bh91w6TQi4Or3NmRRoUPtgg5dkQNou/4G9u11
FxrKk55i6MMVUEewX+I1lU4XHQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-ams.rpki-client.org