Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/lrGAEXah4Cu3TTO_ckWlCBcWokA.roa
File: lrGAEXah4Cu3TTO_ckWlCBcWokA.roa (raw, json)
Hash identifier: +wCfSgzTFSVPnCkMZKzR82/DV2AJbb8kCNw+yaTQIfg=
Subject key identifier: 96:B1:80:11:76:A1:E0:2B:B7:4D:33:BF:72:45:A5:08:17:16:A2:40
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0A7D9C9F
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/lrGAEXah4Cu3TTO_ckWlCBcWokA.roa
Signing time: Sat 01 Jan 2022 08:57:10 +0000
ROA not before: Sat 01 Jan 2022 08:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211557
IP address blocks: 91.151.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176004255 (0xa7d9c9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 08:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96b1801176a1e02bb74d33bf7245a5081716a240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b2:35:28:ef:da:e2:1e:cd:54:38:70:83:0f:
b6:a4:8c:d2:0a:5c:9d:03:31:f9:81:de:39:46:b9:
b8:43:d5:01:03:70:f5:13:6b:bf:54:3a:de:95:72:
e4:e7:b4:3f:e4:c9:c8:30:af:df:15:59:f2:87:11:
43:39:7a:f0:29:53:b3:f4:db:57:d5:3f:dc:27:84:
23:6a:e7:56:d7:3f:c7:f8:96:8c:4a:82:ac:1f:90:
06:8b:8d:27:73:c1:72:84:cc:c8:29:16:8a:d9:fe:
12:ae:67:a1:72:dd:4e:dc:9f:f2:bc:4d:9c:88:c1:
18:a5:b7:71:28:17:a8:31:56:e8:69:a3:ed:1f:94:
3e:2c:62:da:b2:9d:39:04:90:cf:9d:70:86:c6:fa:
eb:a6:ee:53:f7:4d:9c:e8:44:a3:aa:5e:7e:0b:d8:
a7:35:1f:f0:2b:f4:d9:6d:79:51:9c:12:6a:22:f7:
c4:4c:69:16:db:64:a5:60:bc:3a:81:00:4e:f3:45:
41:ab:de:a2:59:35:79:b9:90:c6:ee:42:ed:ee:b8:
a1:58:9d:19:63:ba:00:64:42:a4:c3:8f:f4:99:85:
c2:15:5a:e3:41:1f:92:b5:a7:5d:83:41:e6:f9:6d:
db:cd:f9:5a:6d:30:0b:44:f3:d6:78:6c:db:04:29:
e0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B1:80:11:76:A1:E0:2B:B7:4D:33:BF:72:45:A5:08:17:16:A2:40
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/lrGAEXah4Cu3TTO_ckWlCBcWokA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.94.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f3:f4:77:5e:40:7e:c0:bb:13:80:24:f5:90:39:21:af:e0:
7a:4f:8f:ec:e9:70:d8:ce:64:dc:14:f3:cc:38:b8:f8:eb:f5:
ca:de:fc:ae:ea:d6:85:10:15:c7:3b:e0:94:1c:22:ef:bb:f3:
ad:9e:e0:bf:32:36:b0:45:75:8b:84:18:de:e8:67:e6:53:f1:
7a:c7:ca:64:2a:56:35:b3:ac:2e:fe:c2:5b:bb:77:6a:fa:21:
b0:18:d6:5a:3d:5c:b3:83:82:db:40:bf:64:ca:b6:4a:3a:f8:
2b:96:4f:72:09:e6:17:e4:71:42:65:5a:4f:c4:d3:40:df:3f:
9d:67:77:dd:eb:ba:9c:e7:17:39:1e:e8:45:92:01:88:b3:c8:
f9:25:87:b2:0a:b1:b9:30:ee:b8:eb:6b:22:f3:63:2d:34:70:
b5:33:3a:43:0e:78:13:5b:8f:a2:a1:41:59:e4:d9:00:f8:3c:
36:42:27:29:35:ee:41:4c:e5:12:46:e9:5e:6e:b2:85:81:96:
b4:f0:93:a2:ee:24:06:c9:20:bd:6e:22:7a:f8:97:38:58:3c:
68:a1:91:37:45:bd:fd:b4:ef:23:b9:a0:5c:f5:79:4f:0d:1c:
6e:3c:4e:cb:fe:6e:f8:83:38:7e:fa:99:b3:da:43:ea:2a:cb:
cc:df:8d:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECn2cnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDEw
MTA4NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZiMTgwMTE3NmEx
ZTAyYmI3NGQzM2JmNzI0NWE1MDgxNzE2YTI0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGyNSjv2uIezVQ4cIMPtqSM0gpcnQMx+YHeOUa5uEPVAQNw
9RNrv1Q63pVy5Oe0P+TJyDCv3xVZ8ocRQzl68ClTs/TbV9U/3CeEI2rnVtc/x/iW
jEqCrB+QBouNJ3PBcoTMyCkWitn+Eq5noXLdTtyf8rxNnIjBGKW3cSgXqDFW6Gmj
7R+UPixi2rKdOQSQz51whsb666buU/dNnOhEo6pefgvYpzUf8Cv02W15UZwSaiL3
xExpFttkpWC8OoEATvNFQaveolk1ebmQxu5C7e64oVidGWO6AGRCpMOP9JmFwhVa
40EfkrWnXYNB5vlt2835Wm0wC0Tz1nhs2wQp4MMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSWsYARdqHgK7dNM79yRaUIFxaiQDAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L2xyR0FFWGFoNEN1M1RUT19ja1dsQ0JjV29rQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuXXjANBgkqhkiG9w0BAQsFAAOC
AQEAmfP0d15AfsC7E4Ak9ZA5Ia/gek+P7Olw2M5k3BTzzDi4+Ov1yt78rurWhRAV
xzvglBwi77vzrZ7gvzI2sEV1i4QY3uhn5lPxesfKZCpWNbOsLv7CW7t3avohsBjW
Wj1cs4OC20C/ZMq2Sjr4K5ZPcgnmF+RxQmVaT8TTQN8/nWd33eu6nOcXOR7oRZIB
iLPI+SWHsgqxuTDuuOtrIvNjLTRwtTM6Qw54E1uPoqFBWeTZAPg8NkInKTXuQUzl
EkbpXm6yhYGWtPCTou4kBskgvW4ieviXOFg8aKGRN0W9/bTvI7mgXPV5Tw0cbjxO
y/5u+IM4fvqZs9pD6irLzN+NeQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-ams.rpki-client.org