Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/O_laWnixDPkv_GzAZacNaUbfrBE.roa
File: O_laWnixDPkv_GzAZacNaUbfrBE.roa (raw, json)
Hash identifier: rnbnA+ZQ70DscUe7GJMA8kaDDqX63HfMqlWRzMojrVc=
Subject key identifier: 3B:F9:5A:5A:78:B1:0C:F9:2F:FC:6C:C0:65:A7:0D:69:46:DF:AC:11
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0A7C8E77
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/O_laWnixDPkv_GzAZacNaUbfrBE.roa
Signing time: Sat 01 Jan 2022 08:57:09 +0000
ROA not before: Sat 01 Jan 2022 08:57:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 91.151.93.0/24 maxlen: 32
213.142.149.0/24 maxlen: 32
213.142.156.0/24 maxlen: 32
91.151.90.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175935095 (0xa7c8e77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 08:57:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bf95a5a78b10cf92ffc6cc065a70d6946dfac11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:be:0e:89:64:2e:79:4e:cd:c3:54:1e:87:
bc:78:8c:a4:cf:5c:dc:c7:72:bd:66:17:6e:e7:7d:
be:9c:fe:8a:a8:94:87:e9:97:b9:41:8d:e1:4b:49:
78:62:e3:47:2b:66:1a:13:7a:8b:89:6c:f4:c4:09:
96:fa:e4:bb:a7:da:22:63:f1:bf:15:59:c2:c8:30:
42:ae:02:4d:b2:04:14:b5:b3:5c:28:dc:93:a7:62:
18:01:f7:46:e8:02:79:b9:2d:03:9a:4b:8f:3d:eb:
ab:2a:5f:0e:d8:27:e6:92:d0:e7:6d:63:73:2f:16:
23:77:e5:e7:5a:24:55:1e:47:be:23:d3:e4:4f:09:
bf:da:2c:1e:f3:26:00:c2:24:a6:d5:c7:bb:a8:a2:
04:ed:f5:b3:66:c6:34:46:2c:bd:1f:88:14:58:11:
e0:8b:b9:a8:29:47:f7:ad:f5:c5:5a:66:ff:9f:a2:
56:3f:ef:6e:7d:7d:bc:4e:e0:04:1f:36:4f:b9:4d:
5b:b0:bb:97:0b:1a:f2:59:97:17:d0:35:e8:58:e0:
89:ec:e2:a7:2b:2f:8e:69:37:15:ca:eb:ae:d7:6f:
0c:4b:73:db:bf:f5:7a:4b:4f:37:fd:a6:35:59:04:
6c:20:d2:71:1b:7c:be:b4:a0:76:41:a9:1a:42:5e:
57:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F9:5A:5A:78:B1:0C:F9:2F:FC:6C:C0:65:A7:0D:69:46:DF:AC:11
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/O_laWnixDPkv_GzAZacNaUbfrBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.90.0/24
91.151.93.0/24
213.142.149.0/24
213.142.156.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:ed:b9:09:f2:5b:fc:93:da:1d:77:4f:72:5d:51:3e:87:8c:
f4:3a:34:52:d8:a9:49:2c:b0:48:90:8a:0f:bb:3d:ea:f8:d5:
3c:da:d6:06:20:1b:15:05:2a:49:49:50:40:bf:5c:3b:17:9f:
3f:cc:e2:cd:7a:52:dd:d7:36:b0:6f:ee:99:fd:18:7e:63:a7:
4d:3c:5c:13:9b:b4:12:0e:74:e9:e3:c4:ee:fa:49:25:77:db:
e7:9c:36:06:01:75:d1:4d:7b:9d:ca:3f:88:55:86:2c:06:26:
41:d7:cf:c2:5f:f7:e6:4b:b0:12:65:34:d2:e6:38:2e:ba:f4:
05:25:f2:36:e6:f1:2c:71:f2:be:ff:a0:9c:86:3d:6f:4b:c0:
47:b0:aa:1b:f8:4e:ea:49:cc:d7:ea:6a:af:a7:bb:83:63:5a:
74:99:2a:82:f0:73:14:15:df:b2:de:be:5f:13:fa:ac:0f:25:
47:c0:e2:20:00:8e:77:60:db:2c:63:46:01:be:ad:77:68:0a:
f1:da:a2:9c:ad:3d:1f:e6:b1:3b:bf:59:5c:ea:d8:87:1a:a3:
8b:d1:8d:a7:81:9e:70:40:7b:96:f7:bb:b9:df:fc:7b:f2:6d:
1f:62:09:11:2c:f3:fc:5a:bd:23:11:26:ce:88:01:f7:08:52:
dd:3a:3f:4e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECnyOdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDEw
MTA4NTcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JmOTVhNWE3OGIx
MGNmOTJmZmM2Y2MwNjVhNzBkNjk0NmRmYWMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHSvg6JZC55Ts3DVB6HvHiMpM9c3MdyvWYXbud9vpz+iqiU
h+mXuUGN4UtJeGLjRytmGhN6i4ls9MQJlvrku6faImPxvxVZwsgwQq4CTbIEFLWz
XCjck6diGAH3RugCebktA5pLjz3rqypfDtgn5pLQ521jcy8WI3fl51okVR5HviPT
5E8Jv9osHvMmAMIkptXHu6iiBO31s2bGNEYsvR+IFFgR4Iu5qClH9631xVpm/5+i
Vj/vbn19vE7gBB82T7lNW7C7lwsa8lmXF9A16Fjgiezipysvjmk3FcrrrtdvDEtz
27/1ektPN/2mNVkEbCDScRt8vrSgdkGpGkJeV4kCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ7+VpaeLEM+S/8bMBlpw1pRt+sETAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L09fbGFXbml4RFBrdl9HekFaYWNOYVViZnJCRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFuXWgMEAFuXXQMEANWOlQMEANWO
nDANBgkqhkiG9w0BAQsFAAOCAQEAve25CfJb/JPaHXdPcl1RPoeM9Do0UtipSSyw
SJCKD7s96vjVPNrWBiAbFQUqSUlQQL9cOxefP8zizXpS3dc2sG/umf0YfmOnTTxc
E5u0Eg506ePE7vpJJXfb55w2BgF10U17nco/iFWGLAYmQdfPwl/35kuwEmU00uY4
Lrr0BSXyNubxLHHyvv+gnIY9b0vAR7CqG/hO6knM1+pqr6e7g2NadJkqgvBzFBXf
st6+XxP6rA8lR8DiIACOd2DbLGNGAb6td2gK8dqinK09H+axO79ZXOrYhxqji9GN
p4GecEB7lve7ud/8e/JtH2IJESzz/Fq9IxEmzogB9whS3To/Tg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org