Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/ZG-yRW4JGLl1ofRiuiDMzV-2ENg.roa
File: ZG-yRW4JGLl1ofRiuiDMzV-2ENg.roa (raw, json)
Hash identifier: azxQz7IletSvGjQYDIe9ZmMsynN6Z0oUSDBllKfoTlQ=
Subject key identifier: 64:6F:B2:45:6E:09:18:B9:75:A1:F4:62:BA:20:CC:CD:5F:B6:10:D8
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 0184A7B34C7A6203A7D87585F17CA7767327
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/ZG-yRW4JGLl1ofRiuiDMzV-2ENg.roa
Signing time: Thu 24 Nov 2022 03:34:16 +0000
ROA not before: Thu 24 Nov 2022 03:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201268
IP address blocks: 91.221.248.0/24 maxlen: 24
91.221.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a7:b3:4c:7a:62:03:a7:d8:75:85:f1:7c:a7:76:73:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Nov 24 03:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=646fb2456e0918b975a1f462ba20cccd5fb610d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:53:37:37:be:15:9f:ec:f6:f5:b9:36:1b:1a:
4d:4b:55:bd:86:0f:0c:9a:df:26:8c:6a:3f:e5:8f:
8f:58:ac:05:24:0d:53:1f:f7:3e:42:f0:14:e1:c8:
89:cb:0d:4f:cd:01:a6:7d:22:fa:86:94:aa:d4:5f:
36:86:69:bc:79:80:39:92:41:53:2b:1f:aa:0e:73:
3a:9a:86:3a:11:96:48:5b:a2:6a:17:31:65:fc:9d:
16:5b:1b:2d:90:22:c0:0a:90:6e:6e:84:e9:53:a9:
53:c4:c7:bd:fe:65:f8:63:f5:0d:3c:d7:b7:4c:0e:
e0:8c:e7:ac:cb:b9:42:0f:fe:40:07:f6:d4:55:e1:
f2:44:b6:ab:0c:42:6e:31:85:ca:f3:20:9e:dc:dd:
ca:dc:41:21:34:4d:2a:d0:53:d1:50:89:1b:fd:a6:
d9:09:1f:c8:59:5b:2c:0f:8d:24:d7:60:95:35:cc:
e0:bf:d7:7f:cf:1f:28:b2:1b:ef:82:27:16:70:68:
2b:7f:63:8c:ff:ee:d7:12:ba:ee:e5:75:a7:0f:58:
97:4c:73:14:e7:28:e2:a0:1e:f5:8c:bf:22:0c:b1:
42:ba:43:44:b1:cd:d8:12:5e:c1:35:75:c9:e0:0d:
07:4e:1a:39:fb:cb:49:13:18:a1:0b:e4:18:a3:28:
39:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6F:B2:45:6E:09:18:B9:75:A1:F4:62:BA:20:CC:CD:5F:B6:10:D8
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/ZG-yRW4JGLl1ofRiuiDMzV-2ENg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.248.0/23
Signature Algorithm: sha256WithRSAEncryption
21:85:48:b2:cd:5e:a0:71:c9:68:4c:74:5b:e9:c3:f9:c5:cc:
00:25:2d:93:9a:82:c6:53:74:3f:32:c6:eb:cc:94:c7:6c:b0:
50:64:3a:ce:ff:32:6b:cf:8e:e2:b2:81:81:c3:7a:bd:5b:42:
57:6c:05:d7:88:d2:43:c2:43:39:f9:c4:a9:d3:f4:6c:1d:db:
ac:54:ef:6b:6a:29:8e:a7:89:70:9d:f5:1d:2a:3a:c9:5c:c4:
fb:30:25:f9:ea:f8:7f:df:76:a7:a4:41:9d:84:d9:92:35:4d:
dd:35:0f:f7:67:b6:1d:80:e8:2f:d2:a6:da:4c:8a:ce:f7:3a:
2b:2f:75:28:84:31:e4:db:e2:c0:ea:b1:0e:1c:20:b2:21:e8:
15:27:04:1b:84:9b:cc:be:82:9f:4b:39:21:a7:f3:f9:26:9a:
0d:72:6d:55:79:ca:2f:be:b0:aa:30:62:54:e5:a6:6d:75:e2:
f4:02:18:8a:31:05:da:8b:3e:16:bf:8d:d7:07:13:b9:45:ef:
33:e9:60:50:57:14:aa:cc:b3:dd:b3:64:2d:8e:09:2e:9d:df:
c2:d5:b9:d2:3a:25:64:85:06:d1:d0:56:54:e8:43:8d:58:17:
8e:a6:ea:a2:f0:00:61:b3:5c:3a:dc:de:c7:ec:6b:b2:a7:f8:
01:2c:b5:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSns0x6YgOn2HWF8XyndnMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjIxMTI0MDMzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZmYjI0NTZlMDkxOGI5NzVhMWY0NjJiYTIwY2NjZDVmYjYxMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VM3N74Vn+z29bk2GxpNS1W9hg8M
mt8mjGo/5Y+PWKwFJA1TH/c+QvAU4ciJyw1PzQGmfSL6hpSq1F82hmm8eYA5kkFT
Kx+qDnM6moY6EZZIW6JqFzFl/J0WWxstkCLACpBuboTpU6lTxMe9/mX4Y/UNPNe3
TA7gjOesy7lCD/5AB/bUVeHyRLarDEJuMYXK8yCe3N3K3EEhNE0q0FPRUIkb/abZ
CR/IWVssD40k12CVNczgv9d/zx8oshvvgicWcGgrf2OM/+7XErru5XWnD1iXTHMU
5yjioB71jL8iDLFCukNEsc3YEl7BNXXJ4A0HTho5+8tJExihC+QYoyg5mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRvskVuCRi5daH0YrogzM1fthDYMB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEvWkcteVJXNEpHTGwxb2ZSaXVpRE16Vi0yRU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW934MA0G
CSqGSIb3DQEBCwUAA4IBAQAhhUiyzV6gccloTHRb6cP5xcwAJS2TmoLGU3Q/Msbr
zJTHbLBQZDrO/zJrz47isoGBw3q9W0JXbAXXiNJDwkM5+cSp0/RsHdusVO9raimO
p4lwnfUdKjrJXMT7MCX56vh/33anpEGdhNmSNU3dNQ/3Z7YdgOgv0qbaTIrO9zor
L3UohDHk2+LA6rEOHCCyIegVJwQbhJvMvoKfSzkhp/P5JpoNcm1VecovvrCqMGJU
5aZtdeL0AhiKMQXaiz4Wv43XBxO5Re8z6WBQVxSqzLPds2Qtjgkund/C1bnSOiVk
hQbR0FZU6EONWBeOpuqi8ABhs1w63N7H7Guyp/gBLLUI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:14 2024 by rpki-client on console-fra.rpki-client.org