Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/s5rsiKEoT-DRxRU_OByuNw7CSt4.roa
File: s5rsiKEoT-DRxRU_OByuNw7CSt4.roa (raw, json)
Hash identifier: lrK0AR3QDEk4roX2SNQI5se3UDIluTlDRzbovU2iXzo=
Subject key identifier: B3:9A:EC:88:A1:28:4F:E0:D1:C5:15:3F:38:1C:AE:37:0E:C2:4A:DE
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 1963C272
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/s5rsiKEoT-DRxRU_OByuNw7CSt4.roa
Signing time: Sat 01 Jan 2022 15:56:28 +0000
ROA not before: Sat 01 Jan 2022 15:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60708
IP address blocks: 91.228.39.0/24 maxlen: 24
2a01:7640:400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425968242 (0x1963c272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Jan 1 15:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b39aec88a1284fe0d1c5153f381cae370ec24ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:70:c3:6f:49:f0:8e:d8:17:5d:73:44:6c:88:
8d:ca:0f:de:6e:87:1f:9a:29:2b:96:d5:19:71:55:
e3:b4:ce:b0:85:24:f4:32:c0:12:c4:f4:b3:28:74:
36:85:77:a1:50:e2:b0:14:b6:3e:95:cd:e2:2a:20:
ab:fe:eb:31:41:88:55:33:45:de:05:5b:e1:0d:81:
b0:59:06:e3:51:f6:14:4c:a9:32:35:c1:1d:ff:0e:
32:20:46:eb:00:31:1c:b6:83:d4:00:29:67:56:0e:
2b:a6:ca:0c:9c:ca:6b:f8:e7:a1:d9:ef:9b:e6:e6:
88:d1:c1:a7:41:75:a2:8c:ab:d3:39:ea:bb:68:4a:
a6:dc:0f:f8:e6:5d:c6:55:8a:01:11:c3:32:8c:ce:
7e:89:61:7c:96:dc:3b:62:c9:d1:b7:a1:88:31:12:
7f:1c:42:8b:71:bb:71:36:f2:6c:85:1c:a7:d2:e4:
16:9e:34:a0:52:08:e0:06:84:74:87:ad:aa:29:26:
c9:6a:87:27:cd:11:be:3c:71:17:20:9d:b1:30:c1:
87:84:4c:80:c5:b5:6c:90:fa:c7:95:d7:3a:b2:e2:
fa:7f:17:b4:f2:be:17:19:7b:e5:ec:4e:5a:a4:ff:
28:78:a8:dc:fa:d0:ba:e2:ee:04:3f:9b:b1:c0:95:
72:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9A:EC:88:A1:28:4F:E0:D1:C5:15:3F:38:1C:AE:37:0E:C2:4A:DE
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/s5rsiKEoT-DRxRU_OByuNw7CSt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.39.0/24
IPv6:
2a01:7640:400::/48
Signature Algorithm: sha256WithRSAEncryption
62:cb:eb:af:72:17:a0:ae:a0:1c:43:80:98:04:67:41:23:e2:
0a:21:f2:e8:5f:ed:dd:a0:1b:95:09:d1:38:2c:aa:b3:1e:55:
09:66:17:24:b5:c4:1d:61:a1:a3:f5:3b:3d:b7:7d:bb:b3:08:
78:08:43:0b:31:38:f7:d8:b1:df:c4:36:a6:73:f7:dd:7d:63:
30:93:6b:e9:f7:7e:53:46:46:a1:de:ea:4f:f7:b7:e6:74:fb:
20:b7:5b:a2:54:93:f5:09:19:d2:4c:92:ff:a0:2f:aa:ee:dd:
88:63:4d:4a:ba:8c:cc:2f:9e:c2:85:47:57:0f:61:d8:ff:d9:
f1:fb:ca:f0:9d:1c:68:d7:90:7e:82:2e:b9:2f:cd:35:1f:46:
5c:b7:6f:04:ac:8b:32:31:b5:07:18:d5:8c:2c:a5:0d:35:13:
38:23:dd:51:c8:60:93:b0:c5:53:d8:55:9d:07:a7:a5:c8:47:
46:8b:f2:75:9e:c1:24:a0:79:2c:ab:23:5c:1c:bc:70:9c:01:
0b:69:35:6b:ff:7a:7d:ca:ee:49:e8:01:92:bc:2a:db:03:6e:
aa:cc:76:4d:1e:31:84:66:8d:f0:c4:f1:1a:25:a4:91:c8:82:
28:aa:03:df:7a:b8:e6:de:b4:8a:df:f5:63:16:0a:f8:e5:68:
6a:aa:9e:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGWPCcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGRlYzY0MTA1MWIwMjZiOTVjODQ1OTE1MGNhNDdkZGFlYzg5NjY4MB4XDTIyMDEw
MTE1NTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM5YWVjODhhMTI4
NGZlMGQxYzUxNTNmMzgxY2FlMzcwZWMyNGFkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPFww29J8I7YF11zRGyIjcoP3m6HH5opK5bVGXFV47TOsIUk
9DLAEsT0syh0NoV3oVDisBS2PpXN4iogq/7rMUGIVTNF3gVb4Q2BsFkG41H2FEyp
MjXBHf8OMiBG6wAxHLaD1AApZ1YOK6bKDJzKa/jnodnvm+bmiNHBp0F1ooyr0znq
u2hKptwP+OZdxlWKARHDMozOfolhfJbcO2LJ0behiDESfxxCi3G7cTbybIUcp9Lk
Fp40oFII4AaEdIetqikmyWqHJ80RvjxxFyCdsTDBh4RMgMW1bJD6x5XXOrLi+n8X
tPK+Fxl75exOWqT/KHio3PrQuuLuBD+bscCVchMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSzmuyIoShP4NHFFT84HK43DsJK3jAfBgNVHSMEGDAWgBSU3sZBBRsCa5XI
RZFQykfdrsiWaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xON0dRUVViQW11VnlFV1JVTXBIM2E3SWxtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMzUxMTEzLWVkODUtNDJiMi1iNjRmLTllYTY0ODYyYTlhYi8x
L3M1cnNpS0VvVC1EUnhSVV9PQnl1Tnc3Q1N0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MzUxMTEzLWVkODUtNDJiMi1iNjRmLTllYTY0ODYyYTlhYi8xL2xON0dRUVViQW11
VnlFV1JVTXBIM2E3SWxtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvkJzAPBAIAAjAJAwcAKgF2QAQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBiy+uvchegrqAcQ4CYBGdBI+IKIfLoX+3doBuV
CdE4LKqzHlUJZhcktcQdYaGj9Ts9t327swh4CEMLMTj32LHfxDamc/fdfWMwk2vp
935TRkah3upP97fmdPsgt1uiVJP1CRnSTJL/oC+q7t2IY01KuozML57ChUdXD2HY
/9nx+8rwnRxo15B+gi65L801H0Zct28ErIsyMbUHGNWMLKUNNRM4I91RyGCTsMVT
2FWdB6elyEdGi/J1nsEkoHksqyNcHLxwnAELaTVr/3p9yu5J6AGSvCrbA26qzHZN
HjGEZo3wxPEaJaSRyIIoqgPferjm3rSK3/VjFgr45Whqqp5R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:24 2024 by rpki-client on console-ams.rpki-client.org