Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/ctMtfDZ_nxi7vYrA-IZTRbur1z0.roa
File: ctMtfDZ_nxi7vYrA-IZTRbur1z0.roa (raw, json)
Hash identifier: TrOjOXx8c1g2lNBNxRAjCrDZehg8DlIc9mekSzR1zYk=
Subject key identifier: 72:D3:2D:7C:36:7F:9F:18:BB:BD:8A:C0:F8:86:53:45:BB:AB:D7:3D
Certificate issuer: /CN=43e045d021d48ae861a0ce67d38d15a067653a31
Certificate serial: 01821A57018D159F9458E69EFA7AE8EA6F9F
Authority key identifier: 43:E0:45:D0:21:D4:8A:E8:61:A0:CE:67:D3:8D:15:A0:67:65:3A:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-BF0CHUiuhhoM5n040VoGdlOjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/ctMtfDZ_nxi7vYrA-IZTRbur1z0.roa
Signing time: Wed 20 Jul 2022 06:41:25 +0000
ROA not before: Wed 20 Jul 2022 06:41:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197877
IP address blocks: 91.228.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:57:01:8d:15:9f:94:58:e6:9e:fa:7a:e8:ea:6f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e045d021d48ae861a0ce67d38d15a067653a31
Validity
Not Before: Jul 20 06:41:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72d32d7c367f9f18bbbd8ac0f8865345bbabd73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:da:c5:2d:fb:53:bb:1d:2b:0c:fd:6d:af:f1:
7f:86:e6:9d:25:80:e9:26:30:2d:f4:51:6a:ee:3c:
1e:3d:7c:33:9b:8e:84:fd:13:f2:5d:d3:37:45:5b:
33:a4:e1:89:24:c9:ad:3d:de:b6:3d:cd:15:5c:c2:
03:f8:21:9c:32:e6:92:f5:46:88:6a:0d:bc:ab:e2:
e2:d1:6b:6d:8b:0f:11:4c:e6:d0:73:e4:cf:02:ce:
5e:6d:6c:17:ae:98:f2:a5:af:f2:a8:a6:be:84:a4:
2b:43:33:da:71:19:33:7b:0e:1c:0c:c8:80:7d:90:
8a:f4:26:a7:79:1f:4d:f5:9c:d0:9a:4e:5e:fd:c4:
28:9c:a1:e6:5d:42:39:3e:ec:61:a5:fe:63:32:d1:
48:a2:44:3e:ed:a2:fe:d5:30:61:8d:10:0b:f6:bf:
3b:93:98:ef:c4:ab:9a:78:03:85:a2:38:eb:ef:04:
10:fe:22:63:ea:60:59:9a:f5:26:95:47:89:f6:b5:
37:2d:18:3d:40:de:c6:8d:59:de:3a:9b:b5:8e:4f:
2c:9b:31:75:29:67:7b:70:10:b6:b6:7a:3d:78:78:
d2:f0:e0:2b:79:08:e5:e8:23:9b:c3:62:d5:64:43:
60:dc:36:cb:8c:24:65:99:70:c5:8f:04:22:ae:67:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D3:2D:7C:36:7F:9F:18:BB:BD:8A:C0:F8:86:53:45:BB:AB:D7:3D
X509v3 Authority Key Identifier:
keyid:43:E0:45:D0:21:D4:8A:E8:61:A0:CE:67:D3:8D:15:A0:67:65:3A:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-BF0CHUiuhhoM5n040VoGdlOjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/ctMtfDZ_nxi7vYrA-IZTRbur1z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8f573b-dc8d-4876-bca2-3b02c99c733b/1/Q-BF0CHUiuhhoM5n040VoGdlOjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.207.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:44:ff:51:fb:e1:17:fb:8c:f9:09:86:ea:b5:8f:74:e5:fc:
79:a6:31:4f:bc:45:29:1e:62:90:aa:d1:59:e7:db:59:70:ed:
d1:b5:68:de:4f:04:cf:88:79:e7:e9:a7:20:05:5d:d2:b0:56:
6f:a6:09:70:f0:1c:3a:ea:ca:c7:17:66:03:96:41:53:1e:4f:
f1:9a:f8:d9:21:4f:78:8d:be:4a:e5:b6:6a:f9:02:f8:cf:d9:
d7:8f:27:f2:ab:6c:92:49:b3:b9:da:9e:2b:61:c8:e4:e8:33:
c3:c3:69:17:7e:b0:8f:b0:94:65:35:b4:4e:29:c1:8d:81:1d:
5a:07:89:25:cf:cc:ff:97:30:b5:64:90:0f:5d:28:07:78:bd:
26:cb:45:f7:fb:a1:56:05:05:c0:9d:6c:fe:23:36:ff:dc:38:
3f:87:0e:33:17:b0:ef:73:15:2e:db:65:fc:09:11:64:89:3b:
17:d2:06:25:ed:d8:fd:31:b4:ec:30:6b:24:d9:34:9d:67:d7:
02:7d:98:06:39:05:a4:e8:1c:92:5c:b7:19:5d:0c:62:72:a2:
b2:dc:00:a3:f7:5d:4c:06:e2:6c:d1:3d:e5:a1:e0:d1:d3:04:
2f:ac:61:9b:9b:9f:24:75:55:34:da:c2:07:af:8a:7e:55:96:
f4:c2:b4:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIaVwGNFZ+UWOae+nro6m+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTA0NWQwMjFkNDhhZTg2MWEwY2U2N2QzOGQxNWEwNjc2
NTNhMzEwHhcNMjIwNzIwMDY0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQzMmQ3YzM2N2Y5ZjE4YmJiZDhhYzBmODg2NTM0NWJiYWJkNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9rFLftTux0rDP1tr/F/huadJYDp
JjAt9FFq7jwePXwzm46E/RPyXdM3RVszpOGJJMmtPd62Pc0VXMID+CGcMuaS9UaI
ag28q+Li0Wttiw8RTObQc+TPAs5ebWwXrpjypa/yqKa+hKQrQzPacRkzew4cDMiA
fZCK9CaneR9N9ZzQmk5e/cQonKHmXUI5Puxhpf5jMtFIokQ+7aL+1TBhjRAL9r87
k5jvxKuaeAOFojjr7wQQ/iJj6mBZmvUmlUeJ9rU3LRg9QN7GjVneOpu1jk8smzF1
KWd7cBC2tno9eHjS8OAreQjl6CObw2LVZENg3DbLjCRlmXDFjwQirmcI+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLTLXw2f58Yu72KwPiGU0W7q9c9MB8GA1UdIwQY
MBaAFEPgRdAh1IroYaDOZ9ONFaBnZToxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1CRjBDSFVpdWhob001bjA0MFZvR2RsT2pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84ZjU3M2ItZGM4ZC00ODc2LWJjYTIt
M2IwMmM5OWM3MzNiLzEvY3RNdGZEWl9ueGk3dllyQS1JWlRSYnVyMXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84ZjU3M2ItZGM4ZC00ODc2LWJjYTItM2IwMmM5OWM3MzNi
LzEvUS1CRjBDSFVpdWhob001bjA0MFZvR2RsT2pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+TPMA0G
CSqGSIb3DQEBCwUAA4IBAQA6RP9R++EX+4z5CYbqtY905fx5pjFPvEUpHmKQqtFZ
59tZcO3RtWjeTwTPiHnn6acgBV3SsFZvpglw8Bw66srHF2YDlkFTHk/xmvjZIU94
jb5K5bZq+QL4z9nXjyfyq2ySSbO52p4rYcjk6DPDw2kXfrCPsJRlNbROKcGNgR1a
B4klz8z/lzC1ZJAPXSgHeL0my0X3+6FWBQXAnWz+Izb/3Dg/hw4zF7DvcxUu22X8
CRFkiTsX0gYl7dj9MbTsMGsk2TSdZ9cCfZgGOQWk6BySXLcZXQxicqKy3ACj911M
BuJs0T3loeDR0wQvrGGbm58kdVU02sIHr4p+VZb0wrRe
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:03 2023 by rpki-client on console-ams.rpki-client.org