Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/08bfdc-8c02-42c4-9025-dcdf24414989/1/xnQDi5lFlMq9w-PYx6h-vgzvaMA.roa
File: xnQDi5lFlMq9w-PYx6h-vgzvaMA.roa (raw, json)
Hash identifier: FKZd8N5wHv8R4kdAEaJvzxZbggzduKorlIXdC+CBD5k=
Subject key identifier: C6:74:03:8B:99:45:94:CA:BD:C3:E3:D8:C7:A8:7E:BE:0C:EF:68:C0
Certificate issuer: /CN=7982802ce71830590b26aba9971e12f6ae18dcee
Certificate serial: 0182623CBA4C8750D6348268E3210A9BA679
Authority key identifier: 79:82:80:2C:E7:18:30:59:0B:26:AB:A9:97:1E:12:F6:AE:18:DC:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eYKALOcYMFkLJquplx4S9q4Y3O4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/08bfdc-8c02-42c4-9025-dcdf24414989/1/xnQDi5lFlMq9w-PYx6h-vgzvaMA.roa
Signing time: Wed 03 Aug 2022 05:45:23 +0000
ROA not before: Wed 03 Aug 2022 05:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197357
IP address blocks: 91.220.63.0/24 maxlen: 24
2001:67c:a70::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:3c:ba:4c:87:50:d6:34:82:68:e3:21:0a:9b:a6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7982802ce71830590b26aba9971e12f6ae18dcee
Validity
Not Before: Aug 3 05:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c674038b994594cabdc3e3d8c7a87ebe0cef68c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:13:6f:03:06:9b:98:eb:e3:37:3b:ad:48:a8:
f2:cb:a2:6d:89:7b:05:49:24:91:a4:93:9b:a0:0b:
e5:a4:f6:15:78:c1:31:34:16:39:79:b0:8b:f7:88:
f4:c4:cb:8d:93:1d:83:8e:08:b5:14:4e:f5:d9:65:
44:d9:52:49:34:89:05:55:cc:13:0b:ec:ef:6b:a8:
d9:78:33:c2:2b:0e:44:c8:f4:c8:85:70:53:29:59:
ec:8b:8d:91:b0:43:87:91:b6:f6:b3:0d:a9:c6:43:
53:40:97:5f:5e:40:15:29:7c:10:a6:9d:2d:97:ac:
4e:b5:00:61:b1:65:ce:1d:52:39:d4:77:f4:6b:19:
9a:bf:53:cf:1f:32:f6:46:c6:23:f4:cc:97:8f:dc:
f1:c2:4a:09:45:80:29:04:0a:df:8c:17:5b:77:e7:
7a:38:fd:a4:22:26:ef:58:03:45:1e:ee:ac:61:2a:
45:81:6b:64:79:70:cf:b8:f8:a3:f3:7f:73:71:8e:
8e:05:79:39:33:8f:e8:62:f8:05:74:2e:74:38:a4:
dc:77:5e:2c:44:84:97:d3:fc:2a:01:b4:e3:76:56:
72:22:c2:bc:f2:e3:4a:1f:c3:4a:63:65:fc:96:9b:
63:ac:75:b3:d3:1f:f0:f9:d6:16:71:f4:bd:6b:19:
2f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:74:03:8B:99:45:94:CA:BD:C3:E3:D8:C7:A8:7E:BE:0C:EF:68:C0
X509v3 Authority Key Identifier:
keyid:79:82:80:2C:E7:18:30:59:0B:26:AB:A9:97:1E:12:F6:AE:18:DC:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYKALOcYMFkLJquplx4S9q4Y3O4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/08bfdc-8c02-42c4-9025-dcdf24414989/1/xnQDi5lFlMq9w-PYx6h-vgzvaMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/08bfdc-8c02-42c4-9025-dcdf24414989/1/eYKALOcYMFkLJquplx4S9q4Y3O4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.63.0/24
IPv6:
2001:67c:a70::/48
Signature Algorithm: sha256WithRSAEncryption
71:b5:0e:c0:36:08:04:c9:ad:0e:0f:0b:38:3d:e4:59:16:78:
f0:df:27:7c:d7:d8:2e:32:6f:88:4c:b8:27:35:ca:ee:3d:e7:
25:16:71:a9:98:4e:0b:f9:b3:e1:36:39:88:d1:3b:d4:1c:98:
ee:3c:78:b4:c5:6d:56:f7:8d:29:eb:4f:fc:d3:f4:32:f6:5c:
44:80:95:38:ad:56:a1:0b:76:9f:c8:5b:8c:4d:d9:b2:00:1a:
3a:32:47:e2:be:0e:8e:2c:9f:69:45:e9:a0:4a:ed:25:34:7a:
60:a9:83:3e:fc:a2:61:ed:c4:3a:a4:40:66:de:73:39:d7:45:
0e:15:d2:61:06:14:35:5a:fc:2a:c2:9a:5b:a6:eb:0c:8f:69:
03:38:b2:37:de:8d:e6:55:03:90:ba:c1:3e:b1:88:cb:af:40:
c4:4d:70:5a:85:fb:96:3f:21:b7:9a:6b:42:9b:4b:46:0b:6b:
df:86:7b:ac:eb:91:b2:95:d1:c8:73:44:76:9c:2a:c6:65:85:
72:65:67:7e:c8:4d:b9:7b:7c:27:dc:3e:cf:89:d6:df:92:df:
62:70:23:65:45:12:04:4c:21:c8:b6:60:1a:fc:5f:89:d9:28:
a5:f1:ab:7e:45:42:73:ec:60:dc:de:29:c7:34:b0:58:a6:0f:
b6:90:b4:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJiPLpMh1DWNIJo4yEKm6Z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODI4MDJjZTcxODMwNTkwYjI2YWJhOTk3MWUxMmY2YWUx
OGRjZWUwHhcNMjIwODAzMDU0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc0MDM4Yjk5NDU5NGNhYmRjM2UzZDhjN2E4N2ViZTBjZWY2OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxNvAwabmOvjNzutSKjyy6JtiXsF
SSSRpJOboAvlpPYVeMExNBY5ebCL94j0xMuNkx2Djgi1FE712WVE2VJJNIkFVcwT
C+zva6jZeDPCKw5EyPTIhXBTKVnsi42RsEOHkbb2sw2pxkNTQJdfXkAVKXwQpp0t
l6xOtQBhsWXOHVI51Hf0axmav1PPHzL2RsYj9MyXj9zxwkoJRYApBArfjBdbd+d6
OP2kIibvWANFHu6sYSpFgWtkeXDPuPij839zcY6OBXk5M4/oYvgFdC50OKTcd14s
RISX0/wqAbTjdlZyIsK88uNKH8NKY2X8lptjrHWz0x/w+dYWcfS9axkvHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZ0A4uZRZTKvcPj2Meofr4M72jAMB8GA1UdIwQY
MBaAFHmCgCznGDBZCyarqZceEvauGNzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlLQUxPY1lNRmtMSnF1cGx4NFM5cTRZM080LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wOGJmZGMtOGMwMi00MmM0LTkwMjUt
ZGNkZjI0NDE0OTg5LzEveG5RRGk1bEZsTXE5dy1QWXg2aC12Z3p2YU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wOGJmZGMtOGMwMi00MmM0LTkwMjUtZGNkZjI0NDE0OTg5
LzEvZVlLQUxPY1lNRmtMSnF1cGx4NFM5cTRZM080LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9w/MA8E
AgACMAkDBwAgAQZ8CnAwDQYJKoZIhvcNAQELBQADggEBAHG1DsA2CATJrQ4PCzg9
5FkWePDfJ3zX2C4yb4hMuCc1yu495yUWcamYTgv5s+E2OYjRO9QcmO48eLTFbVb3
jSnrT/zT9DL2XESAlTitVqELdp/IW4xN2bIAGjoyR+K+Do4sn2lF6aBK7SU0emCp
gz78omHtxDqkQGbecznXRQ4V0mEGFDVa/CrCmlum6wyPaQM4sjfejeZVA5C6wT6x
iMuvQMRNcFqF+5Y/Ibeaa0KbS0YLa9+Ge6zrkbKV0chzRHacKsZlhXJlZ37ITbl7
fCfcPs+J1t+S32JwI2VFEgRMIci2YBr8X4nZKKXxq35FQnPsYNzeKcc0sFimD7aQ
tK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:46 2024 by rpki-client on console-fra.rpki-client.org