Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/5f8074-01ce-4cc4-b945-024e7257335f/1/aSOfHCbhpiLsSzP1d_6v2YMwYXY.roa
File: aSOfHCbhpiLsSzP1d_6v2YMwYXY.roa (raw, json)
Hash identifier: yRb5MX/c67rDoPROiqjBjcrUiVrqtlXj9uBvKHvH/LE=
Subject key identifier: 69:23:9F:1C:26:E1:A6:22:EC:4B:33:F5:77:FE:AF:D9:83:30:61:76
Certificate issuer: /CN=5ad443ad19444814122f3b27cb93a505abe50799
Certificate serial: 0DBD011E
Authority key identifier: 5A:D4:43:AD:19:44:48:14:12:2F:3B:27:CB:93:A5:05:AB:E5:07:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtRDrRlESBQSLzsny5OlBavlB5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/5f8074-01ce-4cc4-b945-024e7257335f/1/aSOfHCbhpiLsSzP1d_6v2YMwYXY.roa
Signing time: Sat 01 Jan 2022 11:04:30 +0000
ROA not before: Sat 01 Jan 2022 11:04:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49788
IP address blocks: 91.242.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230490398 (0xdbd011e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad443ad19444814122f3b27cb93a505abe50799
Validity
Not Before: Jan 1 11:04:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69239f1c26e1a622ec4b33f577feafd983306176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:46:99:4b:ce:0f:02:86:47:b7:15:0a:17:95:
d8:b2:ac:de:23:7e:07:bc:d5:69:18:4c:b5:46:df:
7d:f5:97:23:47:24:90:82:af:4d:4b:48:53:89:30:
2a:7f:68:22:9b:17:b2:97:4d:ec:b1:f6:2b:04:01:
e0:ba:e4:0c:84:98:bb:f2:6b:af:67:cf:9b:65:b9:
1a:85:cd:7c:6f:b2:5e:eb:1c:52:29:b3:40:5d:79:
03:f5:1b:96:b7:8a:4d:5f:a0:49:c3:fc:cb:d7:ac:
eb:6b:c8:ad:9f:07:79:a2:db:e0:02:b0:d7:af:f8:
b0:0f:6b:be:09:44:08:16:04:61:8e:ff:b0:fc:78:
d3:09:52:4d:9e:92:f4:32:75:8a:e4:f4:ac:6a:3b:
ef:72:44:06:6a:41:fb:ae:cd:96:cd:6d:a3:bc:41:
26:c5:2e:26:5c:43:24:f9:70:8a:b2:ef:e6:fc:84:
73:3b:67:9f:ad:83:5a:b0:a2:33:4d:19:f8:d9:a1:
59:fc:78:ba:89:ac:6b:20:eb:af:19:96:5f:2f:a9:
61:da:60:31:17:f2:14:3b:a8:24:f7:7f:ea:0b:34:
db:4c:18:0f:89:48:c1:6f:48:d4:66:23:8d:66:26:
a8:9f:7c:a7:98:2e:90:d7:f5:80:ad:09:d2:87:82:
de:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:23:9F:1C:26:E1:A6:22:EC:4B:33:F5:77:FE:AF:D9:83:30:61:76
X509v3 Authority Key Identifier:
keyid:5A:D4:43:AD:19:44:48:14:12:2F:3B:27:CB:93:A5:05:AB:E5:07:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtRDrRlESBQSLzsny5OlBavlB5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/5f8074-01ce-4cc4-b945-024e7257335f/1/aSOfHCbhpiLsSzP1d_6v2YMwYXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/5f8074-01ce-4cc4-b945-024e7257335f/1/WtRDrRlESBQSLzsny5OlBavlB5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.200.0/21
Signature Algorithm: sha256WithRSAEncryption
66:9a:8f:d3:54:50:27:db:09:ce:60:40:53:97:70:26:79:27:
0c:49:6e:93:3f:5e:b4:46:84:25:69:1b:94:d4:c3:44:e3:ff:
a5:70:ee:8f:bc:99:68:c1:31:66:ae:24:f7:83:f3:7a:01:66:
b7:b3:f9:8a:6f:b3:2d:e8:66:22:d3:06:23:e7:6a:7f:ec:a1:
5c:a5:86:a3:ef:e7:16:a7:c1:3f:4c:58:9a:1c:8b:51:fc:be:
b6:2d:d6:63:15:a5:50:00:ff:57:52:9c:03:89:9a:5f:10:c6:
43:78:be:10:73:2f:fd:1e:58:65:de:1a:ab:f3:f3:eb:4a:a2:
41:18:ac:1f:88:64:c2:81:b9:6f:35:b1:5c:0e:c3:a1:d5:9e:
99:58:bb:70:fb:97:81:1c:95:0e:85:99:22:ac:37:52:0e:99:
06:ea:57:fd:8f:69:84:15:96:d1:2a:9e:e2:13:5f:37:d0:08:
be:8f:12:48:1a:7a:3c:27:b1:b9:69:4b:e6:42:5a:be:67:16:
2d:78:fe:bb:ee:6a:b4:0d:18:cb:a9:8c:d9:bb:46:41:93:78:
71:6c:3e:d7:65:24:92:c4:cb:0c:4e:80:28:a0:45:7d:9e:f7:
7a:48:d0:3d:69:04:c5:81:89:a9:e8:3a:5e:77:c9:9c:c0:fa:
a4:70:2e:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDb0BHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWQ0NDNhZDE5NDQ0ODE0MTIyZjNiMjdjYjkzYTUwNWFiZTUwNzk5MB4XDTIyMDEw
MTExMDQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkyMzlmMWMyNmUx
YTYyMmVjNGIzM2Y1NzdmZWFmZDk4MzMwNjE3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVGmUvODwKGR7cVCheV2LKs3iN+B7zVaRhMtUbfffWXI0ck
kIKvTUtIU4kwKn9oIpsXspdN7LH2KwQB4LrkDISYu/Jrr2fPm2W5GoXNfG+yXusc
UimzQF15A/UblreKTV+gScP8y9es62vIrZ8HeaLb4AKw16/4sA9rvglECBYEYY7/
sPx40wlSTZ6S9DJ1iuT0rGo773JEBmpB+67Nls1to7xBJsUuJlxDJPlwirLv5vyE
cztnn62DWrCiM00Z+NmhWfx4uomsayDrrxmWXy+pYdpgMRfyFDuoJPd/6gs020wY
D4lIwW9I1GYjjWYmqJ98p5gukNf1gK0J0oeC3m8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpI58cJuGmIuxLM/V3/q/ZgzBhdjAfBgNVHSMEGDAWgBRa1EOtGURIFBIv
OyfLk6UFq+UHmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d0UkRyUmxFU0JRU0x6c255NU9sQmF2bEI1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvNWY4MDc0LTAxY2UtNGNjNC1iOTQ1LTAyNGU3MjU3MzM1Zi8x
L2FTT2ZIQ2JocGlMc1N6UDFkXzZ2MllNd1lYWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
NWY4MDc0LTAxY2UtNGNjNC1iOTQ1LTAyNGU3MjU3MzM1Zi8xL1d0UkRyUmxFU0JR
U0x6c255NU9sQmF2bEI1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1vyyDANBgkqhkiG9w0BAQsFAAOC
AQEAZpqP01RQJ9sJzmBAU5dwJnknDElukz9etEaEJWkblNTDROP/pXDuj7yZaMEx
Zq4k94PzegFmt7P5im+zLehmItMGI+dqf+yhXKWGo+/nFqfBP0xYmhyLUfy+ti3W
YxWlUAD/V1KcA4maXxDGQ3i+EHMv/R5YZd4aq/Pz60qiQRisH4hkwoG5bzWxXA7D
odWemVi7cPuXgRyVDoWZIqw3Ug6ZBupX/Y9phBWW0Sqe4hNfN9AIvo8SSBp6PCex
uWlL5kJavmcWLXj+u+5qtA0Yy6mM2btGQZN4cWw+12UkksTLDE6AKKBFfZ73ekjQ
PWkExYGJqeg6XnfJnMD6pHAuwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:11 2024 by rpki-client on console-fra.rpki-client.org