Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/T5stxfvDkAr3W1JVXtWwwwbrX9g.roa
File: T5stxfvDkAr3W1JVXtWwwwbrX9g.roa (raw, json)
Hash identifier: CG39i9nxhqqwOqkFwGM/fVUYaPjlIFTTSimfHAGfRh0=
Subject key identifier: 4F:9B:2D:C5:FB:C3:90:0A:F7:5B:52:55:5E:D5:B0:C3:06:EB:5F:D8
Certificate issuer: /CN=3fdf2cf8659206d8e6f82c24ec6f9d9e6d673e07
Certificate serial: 013C367C
Authority key identifier: 3F:DF:2C:F8:65:92:06:D8:E6:F8:2C:24:EC:6F:9D:9E:6D:67:3E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P98s-GWSBtjm-Cwk7G-dnm1nPgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/T5stxfvDkAr3W1JVXtWwwwbrX9g.roa
Signing time: Sat 01 Jan 2022 05:53:25 +0000
ROA not before: Sat 01 Jan 2022 05:53:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.198.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20723324 (0x13c367c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fdf2cf8659206d8e6f82c24ec6f9d9e6d673e07
Validity
Not Before: Jan 1 05:53:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f9b2dc5fbc3900af75b52555ed5b0c306eb5fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:67:25:0f:55:90:6b:53:16:a8:0b:e7:4a:0e:
8a:2c:ab:1e:02:aa:39:9e:0c:74:97:2f:fb:9f:39:
00:34:f4:d2:ec:ef:4f:0d:10:e3:5b:cb:fa:b3:ec:
d0:33:4c:a2:39:f4:c9:6a:9e:e9:30:f9:60:6e:ce:
61:d3:20:ae:e6:f6:ed:92:82:bb:4f:e6:ea:c0:75:
58:63:1c:6d:c4:e4:6e:43:7a:60:0d:bf:d4:ee:41:
45:2e:80:86:3d:f8:10:4b:89:ca:98:55:13:d8:87:
2e:f8:32:75:fc:f5:8e:cd:c9:c7:ac:2c:e9:d7:88:
d3:77:a4:58:59:17:5e:d7:5e:3e:60:f6:fb:18:0c:
69:c6:48:3f:3a:95:5c:85:bc:67:44:cf:22:a0:f4:
d3:e6:ef:be:ba:e8:9e:4e:fe:48:f7:bd:71:3a:58:
50:20:64:6c:c5:65:a6:e3:51:03:e4:77:2d:ab:71:
ff:5b:19:51:78:7d:a9:cc:ae:02:cc:a5:52:49:59:
59:8d:e7:5c:18:df:a3:0a:5d:bf:4e:ed:62:c9:5c:
43:3d:c6:55:07:2c:6e:6b:7d:54:f0:2a:5d:f6:c0:
4b:2d:92:3a:19:99:a2:fa:6c:6b:aa:e9:9e:13:2c:
a4:22:96:22:cc:33:30:3c:c5:fa:b3:65:73:89:81:
0c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9B:2D:C5:FB:C3:90:0A:F7:5B:52:55:5E:D5:B0:C3:06:EB:5F:D8
X509v3 Authority Key Identifier:
keyid:3F:DF:2C:F8:65:92:06:D8:E6:F8:2C:24:EC:6F:9D:9E:6D:67:3E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P98s-GWSBtjm-Cwk7G-dnm1nPgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/T5stxfvDkAr3W1JVXtWwwwbrX9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/P98s-GWSBtjm-Cwk7G-dnm1nPgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.200.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:71:2d:3b:82:47:6b:a1:ac:f8:ac:0e:e4:e1:c2:24:c7:8f:
8e:e9:44:0f:04:f3:a6:4c:80:7c:80:9c:5f:26:db:b5:a2:31:
c0:55:50:65:7d:a2:9a:79:fc:90:26:53:c2:38:d6:9d:04:0c:
98:3a:5e:fa:e5:76:68:20:50:ef:16:52:69:b6:78:f4:6f:72:
67:d0:33:3f:a5:a7:bb:d5:fc:9e:d1:6e:06:a4:e1:85:c4:fa:
38:6c:bd:57:7e:39:49:29:58:ce:3b:a4:c8:fa:c8:a9:c6:36:
25:cc:30:67:9b:9c:90:2f:21:3c:60:27:1c:0b:b5:cd:c6:5c:
42:10:4f:03:e0:a7:ac:84:57:15:1b:b6:bb:4a:34:e9:f4:db:
8e:fe:34:3c:f3:a1:77:05:39:9b:d7:10:b4:36:08:2d:b9:bf:
bd:1e:7b:a3:24:0d:05:70:fb:69:1d:2d:8a:06:85:d2:77:e9:
e5:86:fd:9d:b7:27:2b:80:8a:4d:c2:d4:ba:88:a5:ae:ef:54:
9e:f6:8e:ec:95:61:0f:5a:c2:4d:21:6d:3c:f6:48:a5:28:3d:
a1:1b:49:98:59:d2:b1:46:b4:d4:71:51:bc:bd:f7:92:fc:24:
d7:96:d3:ae:3d:d7:0a:bd:f6:8d:48:bd:73:d6:79:5e:25:a8:
d8:1f:5d:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATw2fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmRmMmNmODY1OTIwNmQ4ZTZmODJjMjRlYzZmOWQ5ZTZkNjczZTA3MB4XDTIyMDEw
MTA1NTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY5YjJkYzVmYmMz
OTAwYWY3NWI1MjU1NWVkNWIwYzMwNmViNWZkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNnJQ9VkGtTFqgL50oOiiyrHgKqOZ4MdJcv+585ADT00uzv
Tw0Q41vL+rPs0DNMojn0yWqe6TD5YG7OYdMgrub27ZKCu0/m6sB1WGMcbcTkbkN6
YA2/1O5BRS6Ahj34EEuJyphVE9iHLvgydfz1js3Jx6ws6deI03ekWFkXXtdePmD2
+xgMacZIPzqVXIW8Z0TPIqD00+bvvrronk7+SPe9cTpYUCBkbMVlpuNRA+R3Latx
/1sZUXh9qcyuAsylUklZWY3nXBjfowpdv07tYslcQz3GVQcsbmt9VPAqXfbASy2S
OhmZovpsa6rpnhMspCKWIswzMDzF+rNlc4mBDC0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPmy3F+8OQCvdbUlVe1bDDButf2DAfBgNVHSMEGDAWgBQ/3yz4ZZIG2Ob4
LCTsb52ebWc+BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A5OHMtR1dTQnRqbS1Dd2s3Ry1kbm0xblBnYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvNjNlZmM5LTVlMWMtNDc3My05NGEyLWU2MGRlNTU1YThiZS8x
L1Q1c3R4ZnZEa0FyM1cxSlZYdFd3d3diclg5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
NjNlZmM5LTVlMWMtNDc3My05NGEyLWU2MGRlNTU1YThiZS8xL1A5OHMtR1dTQnRq
bS1Dd2s3Ry1kbm0xblBnYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvGyDANBgkqhkiG9w0BAQsFAAOC
AQEAnHEtO4JHa6Gs+KwO5OHCJMePjulEDwTzpkyAfICcXybbtaIxwFVQZX2imnn8
kCZTwjjWnQQMmDpe+uV2aCBQ7xZSabZ49G9yZ9AzP6Wnu9X8ntFuBqThhcT6OGy9
V345SSlYzjukyPrIqcY2JcwwZ5uckC8hPGAnHAu1zcZcQhBPA+CnrIRXFRu2u0o0
6fTbjv40PPOhdwU5m9cQtDYILbm/vR57oyQNBXD7aR0tigaF0nfp5Yb9nbcnK4CK
TcLUuoilru9UnvaO7JVhD1rCTSFtPPZIpSg9oRtJmFnSsUa01HFRvL33kvwk15bT
rj3XCr32jUi9c9Z5XiWo2B9d4w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:56 2023 by rpki-client on console-fra.rpki-client.org