Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/ufzBtylyurmSjk83Nx7qz7idhGg.roa
File: ufzBtylyurmSjk83Nx7qz7idhGg.roa (raw, json)
Hash identifier: ps1kDj4wNzPoFz5E4Wvj72bZFkJNGHRgd24rW4j+uBE=
Subject key identifier: B9:FC:C1:B7:29:72:BA:B9:92:8E:4F:37:37:1E:EA:CF:B8:9D:84:68
Certificate issuer: /CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Certificate serial: 055917
Authority key identifier: A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/ufzBtylyurmSjk83Nx7qz7idhGg.roa
Signing time: Wed 09 Mar 2022 18:00:08 +0000
ROA not before: Wed 09 Mar 2022 18:00:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57457
IP address blocks: 91.232.66.0/24 maxlen: 24
185.210.201.0/24 maxlen: 24
91.232.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350487 (0x55917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Validity
Not Before: Mar 9 18:00:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9fcc1b72972bab9928e4f37371eeacfb89d8468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8f:6b:e7:cd:b4:ef:5a:ac:e4:94:8a:aa:ca:
6e:6d:59:91:01:81:90:7c:1d:37:8b:9b:63:8f:61:
b9:3f:32:1d:2f:5d:de:6b:77:5b:a7:7a:e6:17:d8:
5c:9f:af:0a:93:dd:54:66:f9:ee:d4:8b:11:c1:fd:
c1:f8:60:71:77:83:83:c9:8f:56:a8:fe:81:d6:d1:
75:f2:66:6f:f4:82:c2:8d:c1:75:69:fc:92:81:25:
a3:88:07:29:6b:3e:eb:2e:01:72:45:a5:0f:d7:07:
ea:f7:78:1f:b0:a4:29:e0:8b:f9:90:51:64:00:98:
d8:3b:66:78:5b:96:79:f8:70:96:94:70:9e:e7:9f:
a5:04:ec:36:5e:33:20:9c:17:f0:9d:d4:ad:83:11:
75:13:0f:c1:30:65:64:9a:e4:15:98:f4:2a:c7:3b:
1e:eb:db:62:e7:78:79:1e:0f:d3:5f:7b:58:27:1d:
1b:37:19:2d:83:05:a4:ff:0b:0e:45:9d:09:fb:4b:
c0:ad:0a:5c:2e:24:b4:f5:7f:a2:01:bf:05:33:00:
29:51:d9:f8:d7:58:fe:ab:c5:6d:5c:f3:7e:64:ee:
a8:06:7d:cc:67:74:7c:73:13:c2:10:0e:8c:42:99:
25:b7:ea:fa:23:cf:ab:41:75:57:f3:08:47:d8:6c:
f1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FC:C1:B7:29:72:BA:B9:92:8E:4F:37:37:1E:EA:CF:B8:9D:84:68
X509v3 Authority Key Identifier:
keyid:A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/ufzBtylyurmSjk83Nx7qz7idhGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.66.0/24
91.232.68.0/24
185.210.201.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d1:f4:8c:49:3a:12:63:c6:41:12:51:e6:a3:c5:81:a6:90:
5d:2a:7f:77:db:e0:4e:3a:10:7d:42:dc:be:fc:16:b8:0e:d6:
25:fa:28:ef:01:3c:e3:c0:ee:91:47:d7:20:80:16:fb:61:ae:
ec:63:cb:1d:86:12:5f:0a:44:7c:41:93:39:ba:fd:e8:5f:3c:
a5:38:9d:51:ef:0d:78:f3:72:62:22:33:76:b9:10:ce:81:71:
4a:ed:c5:04:a7:1f:c6:b8:c8:cc:47:a7:c0:88:78:3e:70:53:
a6:1f:04:77:09:32:f6:82:96:ea:aa:1b:7b:a2:9b:b3:89:f2:
b0:37:26:bf:b4:87:7f:c2:70:c0:8c:76:f2:8b:af:9e:b3:c1:
ce:9d:97:4f:05:2c:85:49:57:c5:a6:54:09:96:7f:19:b3:e1:
f7:c4:1e:f4:ad:14:e9:db:b0:70:eb:98:2e:66:38:e2:84:84:
b8:42:45:b7:4f:2d:5e:c6:93:60:38:79:7c:67:a9:89:c3:78:
db:43:53:dd:37:69:54:1c:73:d7:09:63:ea:e7:25:e1:aa:79:
37:d7:c0:ae:52:49:7f:2a:28:eb:d1:b7:02:65:54:e3:22:72:
76:91:1f:38:64:06:45:2a:4d:98:6d:7f:1e:79:96:21:f9:93:
8c:7c:86:35
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDBVkXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
NDM4ZWFjZjRkMDY0ZTg3YTc2YmI0NjJkM2I0YjJjYzM4NThhNGMwHhcNMjIwMzA5
MTgwMDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiOWZjYzFiNzI5NzJi
YWI5OTI4ZTRmMzczNzFlZWFjZmI4OWQ4NDY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoI9r582071qs5JSKqspubVmRAYGQfB03i5tjj2G5PzIdL13e
a3dbp3rmF9hcn68Kk91UZvnu1IsRwf3B+GBxd4ODyY9WqP6B1tF18mZv9ILCjcF1
afySgSWjiAcpaz7rLgFyRaUP1wfq93gfsKQp4Iv5kFFkAJjYO2Z4W5Z5+HCWlHCe
55+lBOw2XjMgnBfwndStgxF1Ew/BMGVkmuQVmPQqxzse69ti53h5Hg/TX3tYJx0b
NxktgwWk/wsORZ0J+0vArQpcLiS09X+iAb8FMwApUdn411j+q8VtXPN+ZO6oBn3M
Z3R8cxPCEA6MQpklt+r6I8+rQXVX8whH2Gzx1wIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFLn8wbcpcrq5ko5PNzce6s+4nYRoMB8GA1UdIwQYMBaAFKhDjqz00GToena7
Ri07SyzDhYpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cUVPT3JQVFFaT2g2ZHJ0R0xUdExMTU9GaWt3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMS84ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEv
dWZ6QnR5bHl1cm1Tams4M054N3F6N2lkaEdnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84
ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEvcUVPT3JQVFFaT2g2
ZHJ0R0xUdExMTU9GaWt3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+hCAwQAW+hEAwQAudLJMA0GCSqG
SIb3DQEBCwUAA4IBAQAy0fSMSToSY8ZBElHmo8WBppBdKn932+BOOhB9Qty+/Ba4
DtYl+ijvATzjwO6RR9cggBb7Ya7sY8sdhhJfCkR8QZM5uv3oXzylOJ1R7w1483Ji
IjN2uRDOgXFK7cUEpx/GuMjMR6fAiHg+cFOmHwR3CTL2gpbqqht7opuzifKwNya/
tId/wnDAjHbyi6+es8HOnZdPBSyFSVfFplQJln8Zs+H3xB70rRTp27Bw65guZjji
hIS4QkW3Ty1expNgOHl8Z6mJw3jbQ1PdN2lUHHPXCWPq5yXhqnk318CuUkl/Kijr
0bcCZVTjInJ2kR84ZAZFKk2YbX8eeZYh+ZOMfIY1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org