Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/1-XKbyd_BXUHwy1hKFjbGAjerexA.roa
File: 1-XKbyd_BXUHwy1hKFjbGAjerexA.roa (raw, json)
Hash identifier: QV/LI1QElUCuDKz4mORzovUZyl2GrCbwbE1M603p3nI=
Subject key identifier: F9:72:9B:C9:DF:C1:5D:41:F0:CB:58:4A:16:36:C6:02:37:AB:7B:10
Certificate issuer: /CN=053f8469ec62520987896d8926c17228a7bcfb3d
Certificate serial: 01D9183C
Authority key identifier: 05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/1-XKbyd_BXUHwy1hKFjbGAjerexA.roa
Signing time: Sat 01 Jan 2022 10:55:53 +0000
ROA not before: Sat 01 Jan 2022 10:55:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197015
IP address blocks: 91.207.218.0/24 maxlen: 24
91.207.219.0/24 maxlen: 24
91.221.6.0/23 maxlen: 23
91.219.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31004732 (0x1d9183c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053f8469ec62520987896d8926c17228a7bcfb3d
Validity
Not Before: Jan 1 10:55:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9729bc9dfc15d41f0cb584a1636c60237ab7b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b0:b9:aa:88:62:7e:e4:64:c3:4b:1d:12:e8:
e9:16:5a:b7:5b:94:e9:05:26:ff:bf:5d:33:e9:69:
b3:09:4d:7f:a1:d6:b3:0b:9b:e1:7f:84:af:3c:33:
57:cb:14:dd:37:09:53:50:d9:24:e6:81:0e:d5:63:
54:45:75:7a:a6:e0:72:ae:8c:2d:0e:9a:b5:b2:b0:
0b:04:31:6f:ec:b1:2a:e8:4a:a8:7b:a3:6e:52:27:
8e:e6:0a:22:f5:57:ea:29:12:cc:a2:bb:5f:88:7b:
e5:3f:2e:ee:f4:32:8c:a6:0c:62:21:fd:17:fd:db:
12:96:fc:b4:fa:5b:68:27:54:ed:95:53:4d:70:da:
11:9b:c7:d2:0d:1d:46:2a:fa:a4:bd:e9:cc:95:6d:
38:0b:a3:f1:9f:3f:98:b8:90:31:3e:cd:b5:00:aa:
93:48:d1:48:71:61:13:ba:12:e8:2a:ea:a2:69:d8:
10:fe:48:0b:49:cb:82:d4:18:f6:cf:15:28:92:33:
20:0f:a3:59:19:49:d1:97:a8:83:19:5a:85:7c:08:
b5:f7:45:d4:d4:69:ce:c9:16:72:b7:87:bd:80:eb:
a4:58:8d:76:d9:7a:ab:40:8c:9a:e9:42:42:5d:20:
0d:e9:9f:fb:cc:95:cd:35:06:74:57:34:20:5a:c7:
50:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:72:9B:C9:DF:C1:5D:41:F0:CB:58:4A:16:36:C6:02:37:AB:7B:10
X509v3 Authority Key Identifier:
keyid:05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/1-XKbyd_BXUHwy1hKFjbGAjerexA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/BT-EaexiUgmHiW2JJsFyKKe8-z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.218.0/23
91.219.140.0/22
91.221.6.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:46:60:42:14:34:b6:9e:eb:5a:ff:7c:ac:f2:79:81:8b:0b:
6f:e4:07:9b:31:6e:8a:17:39:ee:38:4d:d2:71:ad:6a:59:2a:
dd:4d:82:a4:cd:90:7f:03:4d:02:37:f9:ce:81:6d:15:01:84:
73:1a:30:d7:50:b6:47:8d:5f:4b:bc:7f:f3:2a:51:71:4a:91:
8b:d5:01:d1:54:1c:c1:d9:e4:17:67:35:91:d1:02:c7:30:18:
9c:a3:e2:be:4c:bb:7a:ee:30:3c:57:1a:a9:5f:d0:e2:d0:c7:
d0:75:32:e5:10:d2:9c:9d:48:68:b4:d0:a1:5f:5e:a4:07:1b:
0b:89:ef:f1:cc:97:be:a9:6b:f8:2d:ac:4c:70:58:01:ad:d6:
a1:3b:87:3b:0a:ed:9e:c8:ac:69:68:37:6f:e9:f1:6f:c1:f8:
02:91:e5:88:bf:44:8e:28:0e:e9:a4:c8:7b:0d:21:0f:55:41:
71:f4:77:e5:32:08:14:14:6f:f6:57:3a:7d:f8:4f:6c:04:98:
fc:64:c5:7a:d5:92:09:6f:5b:5a:a3:3b:fa:27:e6:af:f1:e1:
60:93:64:c0:ee:86:6e:68:a8:37:46:97:6e:4b:5c:a8:83:7c:
85:56:c9:82:0b:98:41:32:06:af:31:cf:55:65:3b:e5:50:6c:
a9:9a:c3:b6
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEAdkYPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTNmODQ2OWVjNjI1MjA5ODc4OTZkODkyNmMxNzIyOGE3YmNmYjNkMB4XDTIyMDEw
MTEwNTU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk3MjliYzlkZmMx
NWQ0MWYwY2I1ODRhMTYzNmM2MDIzN2FiN2IxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPCwuaqIYn7kZMNLHRLo6RZat1uU6QUm/79dM+lpswlNf6HW
swub4X+ErzwzV8sU3TcJU1DZJOaBDtVjVEV1eqbgcq6MLQ6atbKwCwQxb+yxKuhK
qHujblInjuYKIvVX6ikSzKK7X4h75T8u7vQyjKYMYiH9F/3bEpb8tPpbaCdU7ZVT
TXDaEZvH0g0dRir6pL3pzJVtOAuj8Z8/mLiQMT7NtQCqk0jRSHFhE7oS6CrqomnY
EP5IC0nLgtQY9s8VKJIzIA+jWRlJ0ZeogxlahXwItfdF1NRpzskWcreHvYDrpFiN
dtl6q0CMmulCQl0gDemf+8yVzTUGdFc0IFrHUGECAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBT5cpvJ38FdQfDLWEoWNsYCN6t7EDAfBgNVHSMEGDAWgBQFP4Rp7GJSCYeJ
bYkmwXIop7z7PTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JULUVhZXhpVWdtSGlXMkpKc0Z5S0tlOC16MC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvZmFkNjcyLWU5M2EtNGRkNS04ODkzLWVmYzE3NTAyOTc0MC8x
LzEtWEtieWRfQlhVSHd5MWhLRmpiR0FqZXJleEEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Qy
L2ZhZDY3Mi1lOTNhLTRkZDUtODg5My1lZmMxNzUwMjk3NDAvMS9CVC1FYWV4aVVn
bUhpVzJKSnNGeUtLZTgtejAuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAFbz9oDBAJb24wDBAFb3QYwDQYJ
KoZIhvcNAQELBQADggEBADxGYEIUNLae61r/fKzyeYGLC2/kB5sxbooXOe44TdJx
rWpZKt1NgqTNkH8DTQI3+c6BbRUBhHMaMNdQtkeNX0u8f/MqUXFKkYvVAdFUHMHZ
5BdnNZHRAscwGJyj4r5Mu3ruMDxXGqlf0OLQx9B1MuUQ0pydSGi00KFfXqQHGwuJ
7/HMl76pa/gtrExwWAGt1qE7hzsK7Z7IrGloN2/p8W/B+AKR5Yi/RI4oDumkyHsN
IQ9VQXH0d+UyCBQUb/ZXOn34T2wEmPxkxXrVkglvW1qjO/on5q/x4WCTZMDuhm5o
qDdGl25LXKiDfIVWyYILmEEyBq8xz1VlO+VQbKmaw7Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:20 2023 by rpki-client on console-ams.rpki-client.org