Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/kV87RJlBF8_9WloPEMmCMbjli1Q.roa
File: kV87RJlBF8_9WloPEMmCMbjli1Q.roa (raw, json)
Hash identifier: 4F7903WaV8JGlXSjWfIScEK2gtXT8TOCGJJmommlrzM=
Subject key identifier: 91:5F:3B:44:99:41:17:CF:FD:5A:5A:0F:10:C9:82:31:B8:E5:8B:54
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 0183A1B0AA8365EDA72318694A1BD9C1A687
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/kV87RJlBF8_9WloPEMmCMbjli1Q.roa
Signing time: Tue 04 Oct 2022 06:30:53 +0000
ROA not before: Tue 04 Oct 2022 06:30:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207996
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a1:b0:aa:83:65:ed:a7:23:18:69:4a:1b:d9:c1:a6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Oct 4 06:30:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=915f3b44994117cffd5a5a0f10c98231b8e58b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:d7:43:97:b6:db:75:ed:aa:d5:0c:a4:aa:
ed:b6:78:af:45:08:e8:94:69:12:d1:4e:5e:cf:32:
03:f9:24:d5:b8:f7:6b:66:b7:6e:b7:ef:73:b2:c6:
73:9f:89:a2:fd:ab:a1:ce:1b:90:95:e6:18:c9:f8:
ac:34:12:4e:42:eb:b7:27:ca:93:46:16:f3:8e:c7:
17:af:7c:a4:f6:0d:49:7a:21:3c:a1:5e:8a:83:a9:
3d:6e:3e:3f:26:07:a8:cb:15:44:ae:4e:49:07:63:
95:50:f3:3d:50:f3:b7:d0:0f:f3:30:61:fc:f8:c8:
f2:b7:16:2d:04:e7:25:1b:94:c3:d9:7e:57:98:1f:
b7:10:9a:76:10:ec:79:75:c2:27:de:af:52:6d:85:
d9:71:74:a0:00:23:1d:69:f6:f4:55:25:2e:29:b1:
dc:52:84:be:94:ff:fd:51:27:8f:51:7c:da:64:df:
6e:e0:da:26:3f:68:a4:52:00:5f:9a:2a:c3:85:00:
93:cb:99:b2:11:57:6f:9d:8e:b2:f1:66:cc:23:0a:
7f:eb:51:57:3f:7d:ba:64:43:0f:85:85:df:31:19:
02:27:01:64:86:eb:8f:97:b9:4c:15:9f:4c:b3:ee:
b7:48:91:96:24:78:ba:1b:ac:1f:51:e2:87:53:4a:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5F:3B:44:99:41:17:CF:FD:5A:5A:0F:10:C9:82:31:B8:E5:8B:54
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/kV87RJlBF8_9WloPEMmCMbjli1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:10:a7:22:c8:55:20:67:11:e5:0d:0a:8a:74:f0:13:6c:24:
f3:c5:43:5e:06:65:61:52:39:9d:a0:88:0b:d7:7f:ab:58:d2:
27:aa:71:c8:3c:12:22:8d:e9:b9:b1:29:97:67:ee:db:ec:f8:
bc:0f:8c:d3:06:16:24:8a:6e:56:bc:35:0c:88:6e:22:65:e7:
04:db:2f:25:51:b0:19:db:b1:a0:ad:d3:04:2d:f2:f9:fc:8f:
60:d8:82:b8:f3:95:b2:15:41:01:87:01:c5:e8:cd:b4:7a:52:
7f:a8:e9:a5:bd:52:0a:33:14:03:0a:45:3a:6f:96:13:55:40:
16:f4:cf:27:1a:04:8f:4e:e0:74:13:1c:13:c7:f3:dc:92:a9:
35:0f:87:ce:fb:2d:1f:e5:5a:fc:5d:83:72:1e:1b:51:cb:44:
66:77:a1:08:33:ff:ea:a0:b3:01:6c:c3:fb:6a:0c:e8:f6:fd:
fd:83:24:1b:6e:01:64:ce:0a:31:41:56:06:5d:a5:8a:51:86:
8c:a2:88:a9:6a:0b:90:10:3b:1f:09:0c:d3:f5:b2:65:69:c9:
dd:28:dd:de:83:03:2c:b5:f6:bf:e6:26:81:fb:00:e0:98:60:
c2:76:73:cc:e1:d5:44:8e:5c:d5:23:76:1f:b3:d1:4f:de:c7:
7b:a7:c3:0a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYOhsKqDZe2nIxhpShvZwaaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjIxMDA0MDYzMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTVmM2I0NDk5NDExN2NmZmQ1YTVhMGYxMGM5ODIzMWI4ZTU4YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcnXQ5e223XtqtUMpKrttnivRQjo
lGkS0U5ezzID+STVuPdrZrdut+9zssZzn4mi/auhzhuQleYYyfisNBJOQuu3J8qT
RhbzjscXr3yk9g1JeiE8oV6Kg6k9bj4/JgeoyxVErk5JB2OVUPM9UPO30A/zMGH8
+MjytxYtBOclG5TD2X5XmB+3EJp2EOx5dcIn3q9SbYXZcXSgACMdafb0VSUuKbHc
UoS+lP/9USePUXzaZN9u4NomP2ikUgBfmirDhQCTy5myEVdvnY6y8WbMIwp/61FX
P326ZEMPhYXfMRkCJwFkhuuPl7lMFZ9Ms+63SJGWJHi6G6wfUeKHU0oDJwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJFfO0SZQRfP/VpaDxDJgjG45YtUMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEva1Y4N1JKbEJGOF85V2xvUEVNbUNNYmpsaTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW8KLAwQB
k07CMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOCAQEAZxCn
IshVIGcR5Q0KinTwE2wk88VDXgZlYVI5naCIC9d/q1jSJ6pxyDwSIo3pubEpl2fu
2+z4vA+M0wYWJIpuVrw1DIhuImXnBNsvJVGwGduxoK3TBC3y+fyPYNiCuPOVshVB
AYcBxejNtHpSf6jppb1SCjMUAwpFOm+WE1VAFvTPJxoEj07gdBMcE8fz3JKpNQ+H
zvstH+Va/F2Dch4bUctEZnehCDP/6qCzAWzD+2oM6Pb9/YMkG24BZM4KMUFWBl2l
ilGGjKKIqWoLkBA7HwkM0/WyZWnJ3Sjd3oMDLLX2v+YmgfsA4JhgwnZzzOHVRI5c
1SN2H7PRT97He6fDCg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:03 2023 by rpki-client on console-fra.rpki-client.org