Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/mQXmIWcJnT1_vjIAXaSiz6b61YM.roa
File: mQXmIWcJnT1_vjIAXaSiz6b61YM.roa (raw, json)
Hash identifier: Sf7CYSfVqKktveKz3Rwz+MpIHW+0TpStnQHi07pYrxw=
Subject key identifier: 99:05:E6:21:67:09:9D:3D:7F:BE:32:00:5D:A4:A2:CF:A6:FA:D5:83
Certificate issuer: /CN=bfad8231a46c641c7ab301d7bfbef0dc09acd4ce
Certificate serial: 039892DC
Authority key identifier: BF:AD:82:31:A4:6C:64:1C:7A:B3:01:D7:BF:BE:F0:DC:09:AC:D4:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v62CMaRsZBx6swHXv77w3Ams1M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/mQXmIWcJnT1_vjIAXaSiz6b61YM.roa
Signing time: Sat 01 Jan 2022 06:04:23 +0000
ROA not before: Sat 01 Jan 2022 06:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39223
IP address blocks: 194.105.144.0/23 maxlen: 23
91.221.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60330716 (0x39892dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfad8231a46c641c7ab301d7bfbef0dc09acd4ce
Validity
Not Before: Jan 1 06:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9905e62167099d3d7fbe32005da4a2cfa6fad583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9f:45:59:23:04:52:8e:e7:56:d7:ae:cf:fa:
b7:c0:dd:72:51:9f:72:db:29:84:62:c0:33:c7:5d:
c4:d0:7a:2f:dd:24:02:48:98:d2:28:30:ba:27:4b:
5c:24:c7:06:45:b4:1f:25:c8:66:f8:28:eb:d8:a8:
7f:ae:0d:32:56:c4:fd:86:6b:e2:b2:0f:9f:90:7d:
f2:f8:24:e4:c6:ce:e2:bb:2b:23:1d:50:cf:62:71:
0c:62:c8:29:af:4e:a4:bf:5b:16:24:57:71:41:37:
97:d9:35:4f:8d:94:e0:ea:8c:b0:4f:8d:69:cf:7b:
83:2f:43:de:fb:fc:d2:45:4e:d6:11:af:5d:14:27:
31:19:97:30:44:f9:64:f3:e8:ad:82:de:6a:b8:f0:
4d:f3:77:19:73:cc:43:96:ff:71:f6:5a:e4:bc:c2:
74:55:3f:37:41:c2:71:75:22:13:ef:38:1e:be:82:
fc:f3:b3:ba:0b:1a:c5:bd:ef:a6:c3:2f:45:11:d3:
1c:e6:73:59:b5:57:c6:41:36:54:95:e1:fd:19:22:
8d:ea:06:c0:35:b5:ee:d2:3e:6b:0a:51:03:73:9e:
e1:1c:8b:64:fc:24:b3:79:3d:8b:63:d5:6d:ed:c4:
d1:3f:55:52:21:6f:9d:10:df:fb:93:fa:ae:02:4c:
8a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:05:E6:21:67:09:9D:3D:7F:BE:32:00:5D:A4:A2:CF:A6:FA:D5:83
X509v3 Authority Key Identifier:
keyid:BF:AD:82:31:A4:6C:64:1C:7A:B3:01:D7:BF:BE:F0:DC:09:AC:D4:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v62CMaRsZBx6swHXv77w3Ams1M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/mQXmIWcJnT1_vjIAXaSiz6b61YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/v62CMaRsZBx6swHXv77w3Ams1M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.166.0/23
194.105.144.0/23
Signature Algorithm: sha256WithRSAEncryption
29:9e:94:72:7b:df:f9:99:12:99:7a:b0:44:8f:da:ea:78:b9:
53:11:2d:b0:89:54:43:64:29:88:55:92:fe:02:ae:e3:5a:bc:
ad:7e:a5:6d:b0:68:30:3c:39:34:87:8e:22:1e:f2:1e:9a:79:
db:50:b3:35:a2:e8:92:66:96:cb:a8:9c:05:4e:ba:7f:da:22:
8d:aa:63:59:79:ec:49:c7:bf:bd:54:b1:03:55:0a:f2:6a:1b:
ea:f0:bc:e6:a3:52:37:f0:95:fc:7d:d9:4b:f7:93:31:1c:f4:
43:43:db:a9:c6:7e:5f:35:4b:3c:e8:32:9a:4d:c1:f2:b5:76:
de:bf:21:b0:74:9a:70:6f:bd:7d:68:e7:65:64:2a:e3:95:f3:
05:37:c6:0c:57:5c:f6:dd:d7:6b:e9:38:d8:08:a7:9e:d8:b7:
a6:3e:60:f0:ed:6f:73:d9:d2:12:1c:dc:a8:bc:af:98:f8:4d:
f9:0f:6a:b2:e2:c8:ac:69:a1:d5:d0:58:76:b7:03:a4:75:7e:
0a:8a:94:e8:86:4c:0a:66:4b:8d:d2:3b:18:f0:02:f6:ce:49:
72:61:d4:84:d0:f4:0d:2b:4c:53:19:7d:8d:35:e1:4a:13:da:
03:99:06:6b:1a:48:fe:76:b2:94:ae:81:98:2b:36:f8:02:d2:
79:8c:39:7e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA5iS3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmFkODIzMWE0NmM2NDFjN2FiMzAxZDdiZmJlZjBkYzA5YWNkNGNlMB4XDTIyMDEw
MTA2MDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTkwNWU2MjE2NzA5
OWQzZDdmYmUzMjAwNWRhNGEyY2ZhNmZhZDU4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCfRVkjBFKO51bXrs/6t8DdclGfctsphGLAM8ddxNB6L90k
AkiY0igwuidLXCTHBkW0HyXIZvgo69iof64NMlbE/YZr4rIPn5B98vgk5MbO4rsr
Ix1Qz2JxDGLIKa9OpL9bFiRXcUE3l9k1T42U4OqMsE+Nac97gy9D3vv80kVO1hGv
XRQnMRmXMET5ZPPorYLearjwTfN3GXPMQ5b/cfZa5LzCdFU/N0HCcXUiE+84Hr6C
/POzugsaxb3vpsMvRRHTHOZzWbVXxkE2VJXh/RkijeoGwDW17tI+awpRA3Oe4RyL
ZPwks3k9i2PVbe3E0T9VUiFvnRDf+5P6rgJMircCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSZBeYhZwmdPX++MgBdpKLPpvrVgzAfBgNVHSMEGDAWgBS/rYIxpGxkHHqz
Ade/vvDcCazUzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y2MkNNYVJzWkJ4NnN3SFh2Nzd3M0FtczFNNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvMzM3OTAwLTM4MGUtNDlkOC1hZjRlLTlkZDQyYzE3MTExMi8x
L21RWG1JV2NKblQxX3ZqSUFYYVNpejZiNjFZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
MzM3OTAwLTM4MGUtNDlkOC1hZjRlLTlkZDQyYzE3MTExMi8xL3Y2MkNNYVJzWkJ4
NnN3SFh2Nzd3M0FtczFNNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVvdpgMEAcJpkDANBgkqhkiG9w0B
AQsFAAOCAQEAKZ6Ucnvf+ZkSmXqwRI/a6ni5UxEtsIlUQ2QpiFWS/gKu41q8rX6l
bbBoMDw5NIeOIh7yHpp521CzNaLokmaWy6icBU66f9oijapjWXnsSce/vVSxA1UK
8mob6vC85qNSN/CV/H3ZS/eTMRz0Q0PbqcZ+XzVLPOgymk3B8rV23r8hsHSacG+9
fWjnZWQq45XzBTfGDFdc9t3Xa+k42Ainnti3pj5g8O1vc9nSEhzcqLyvmPhN+Q9q
suLIrGmh1dBYdrcDpHV+CoqU6IZMCmZLjdI7GPAC9s5JcmHUhND0DStMUxl9jTXh
ShPaA5kGaxpI/naylK6BmCs2+ALSeYw5fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:23 2024 by rpki-client on console-fra.rpki-client.org