Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/TOFd_Q9BSvm9YGxHTx8EemnOKNw.roa
File: TOFd_Q9BSvm9YGxHTx8EemnOKNw.roa (raw, json)
Hash identifier: 2XsXKUxCoiFT6OTocacrQUdilLFNqO7dWTdKMNfV9xs=
Subject key identifier: 4C:E1:5D:FD:0F:41:4A:F9:BD:60:6C:47:4F:1F:04:7A:69:CE:28:DC
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 03C092B2
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/TOFd_Q9BSvm9YGxHTx8EemnOKNw.roa
Signing time: Sat 01 Jan 2022 01:56:53 +0000
ROA not before: Sat 01 Jan 2022 01:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 91.226.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62952114 (0x3c092b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Jan 1 01:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ce15dfd0f414af9bd606c474f1f047a69ce28dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:43:54:19:61:1b:63:d8:b3:26:61:34:d5:
cf:af:72:ba:32:43:8d:8b:ae:c8:8c:fa:cc:47:92:
32:d5:5b:e3:fb:fb:fc:20:69:c5:5c:ae:3a:cb:2a:
02:31:91:6f:bf:14:84:09:b9:0e:8d:7d:07:4a:7f:
17:a4:10:9b:28:45:2d:65:c7:bb:76:18:a1:f9:22:
cc:4c:e3:bc:cd:cd:50:66:d2:54:17:b7:21:48:be:
f1:b7:59:fa:a1:b9:cf:34:06:7a:0b:3e:62:86:34:
27:04:62:8c:ad:b4:e9:9d:8d:c7:6c:0c:08:0c:e7:
4d:e9:04:e8:bf:09:76:29:43:35:72:37:88:cd:8d:
74:59:5f:72:03:40:4d:ef:c5:77:db:88:e0:04:5a:
04:6a:c5:89:6b:2e:f0:c8:bd:d5:b9:02:58:05:d6:
73:fc:41:52:03:5e:09:80:72:5c:ac:ee:64:66:3d:
1d:ab:5c:cc:80:2a:e4:fb:12:5b:5c:89:9d:17:d6:
40:5d:71:ad:80:8b:61:a5:bd:c6:7b:6c:09:eb:8a:
44:ae:f0:7a:56:8c:38:bc:93:cb:12:b7:11:59:fb:
2c:8c:6e:61:b5:28:73:ac:2d:80:18:cd:0b:16:11:
73:be:78:86:67:8f:45:4a:d9:d0:bb:59:e5:14:89:
fd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E1:5D:FD:0F:41:4A:F9:BD:60:6C:47:4F:1F:04:7A:69:CE:28:DC
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/TOFd_Q9BSvm9YGxHTx8EemnOKNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.97.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:43:ca:a9:ad:9c:24:00:d6:50:dd:30:28:e3:41:6e:72:51:
da:a1:6e:b8:91:1b:a0:0c:66:32:64:b1:87:e6:0b:8c:0f:d1:
ee:c5:dc:d2:6c:a2:f4:7c:ae:ae:a4:e0:8d:53:88:94:12:16:
2c:f2:f8:5d:95:e6:b4:4a:55:07:13:e2:34:23:7d:fa:a4:69:
c8:ed:d3:c1:db:e6:eb:11:1b:73:fb:63:b6:5a:75:72:d4:32:
d3:3b:61:9b:b5:e7:ea:39:6f:a6:fe:54:18:cc:3e:11:2b:39:
ec:8b:c9:ee:24:a4:59:8d:01:94:fe:19:9a:08:88:9a:59:7d:
5c:b5:01:ff:2c:7b:6d:a4:b5:3e:da:64:49:10:1b:e5:bb:68:
9e:11:b8:6c:52:73:9c:8e:c5:ca:07:16:2c:25:c6:9e:04:68:
5d:85:a1:63:9e:62:a9:f5:20:29:e0:c8:bb:56:8f:7e:53:d8:
05:c2:a4:e2:17:56:41:e1:70:ba:ec:a0:2b:1d:31:01:f0:62:
bb:b3:de:ef:05:66:0e:ba:24:0d:67:6c:7b:d2:c8:b6:e9:33:
13:2f:10:48:86:c5:d1:88:a3:8f:62:de:5d:e7:8a:21:05:ad:
59:b9:9a:cc:19:f1:d9:b7:b1:88:45:1d:b6:27:3f:74:8f:e2:
b5:7e:51:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8CSsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDM3MGE0OGI1OWZiODExNDk1ZjExYzQ5NzM0NDgyZjIyYjFhMzkyMB4XDTIyMDEw
MTAxNTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNlMTVkZmQwZjQx
NGFmOWJkNjA2YzQ3NGYxZjA0N2E2OWNlMjhkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhZQ1QZYRtj2LMmYTTVz69yujJDjYuuyIz6zEeSMtVb4/v7
/CBpxVyuOssqAjGRb78UhAm5Do19B0p/F6QQmyhFLWXHu3YYofkizEzjvM3NUGbS
VBe3IUi+8bdZ+qG5zzQGegs+YoY0JwRijK206Z2Nx2wMCAznTekE6L8JdilDNXI3
iM2NdFlfcgNATe/Fd9uI4ARaBGrFiWsu8Mi91bkCWAXWc/xBUgNeCYByXKzuZGY9
HatczIAq5PsSW1yJnRfWQF1xrYCLYaW9xntsCeuKRK7welaMOLyTyxK3EVn7LIxu
YbUoc6wtgBjNCxYRc754hmePRUrZ0LtZ5RSJ/a0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRM4V39D0FK+b1gbEdPHwR6ac4o3DAfBgNVHSMEGDAWgBRdNwpItZ+4EUlf
EcSXNEgvIrGjkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hUY0tTTFdmdUJGSlh4SEVselJJTHlLeG81SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvNzA4NThhLTYzOTUtNDAyZC05YWNlLWUyNzIwMTMwMjZiNC8x
L1RPRmRfUTlCU3ZtOVlHeEhUeDhFZW1uT0tOdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
NzA4NThhLTYzOTUtNDAyZC05YWNlLWUyNzIwMTMwMjZiNC8xL1hUY0tTTFdmdUJG
Slh4SEVselJJTHlLeG81SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFviYTANBgkqhkiG9w0BAQsFAAOC
AQEALUPKqa2cJADWUN0wKONBbnJR2qFuuJEboAxmMmSxh+YLjA/R7sXc0myi9Hyu
rqTgjVOIlBIWLPL4XZXmtEpVBxPiNCN9+qRpyO3Twdvm6xEbc/tjtlp1ctQy0zth
m7Xn6jlvpv5UGMw+ESs57IvJ7iSkWY0BlP4ZmgiImll9XLUB/yx7baS1PtpkSRAb
5btonhG4bFJznI7FygcWLCXGngRoXYWhY55iqfUgKeDIu1aPflPYBcKk4hdWQeFw
uuygKx0xAfBiu7Pe7wVmDrokDWdse9LItukzEy8QSIbF0Yijj2LeXeeKIQWtWbma
zBnx2bexiEUdtic/dI/itX5RjQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:21 2023 by rpki-client on console-fra.rpki-client.org