Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/_HS8PRPbPy-IAddhXKyNvQ51Xuo.roa
File: _HS8PRPbPy-IAddhXKyNvQ51Xuo.roa (raw, json)
Hash identifier: AfcySeFD+nAPv2KEWR+VCy7lp4dODtNuzTRskItQrVA=
Subject key identifier: FC:74:BC:3D:13:DB:3F:2F:88:01:D7:61:5C:AC:8D:BD:0E:75:5E:EA
Certificate issuer: /CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Certificate serial: 04284913
Authority key identifier: 8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/_HS8PRPbPy-IAddhXKyNvQ51Xuo.roa
Signing time: Sat 01 Jan 2022 12:54:38 +0000
ROA not before: Sat 01 Jan 2022 12:54:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35213
IP address blocks: 91.229.101.0/24 maxlen: 24
91.239.139.0/24 maxlen: 24
91.239.138.0/24 maxlen: 24
91.239.137.0/24 maxlen: 24
91.239.136.0/24 maxlen: 24
91.201.168.0/24 maxlen: 24
176.111.51.0/24 maxlen: 24
193.0.247.0/24 maxlen: 24
91.205.67.0/24 maxlen: 24
91.205.66.0/24 maxlen: 24
91.205.65.0/24 maxlen: 24
91.205.64.0/24 maxlen: 24
2001:678:31c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69749011 (0x4284913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Validity
Not Before: Jan 1 12:54:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc74bc3d13db3f2f8801d7615cac8dbd0e755eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:31:97:21:73:c5:5e:69:01:88:1e:0e:c4:05:
00:ce:84:9a:fb:f1:ad:e8:b4:f5:b5:0a:82:a8:8d:
f9:8e:d9:a8:2d:96:99:c0:47:c6:77:f5:35:e3:75:
1c:55:d0:99:ab:c6:ee:6a:b0:74:16:b4:3f:ca:cf:
16:18:2a:9a:1c:8f:66:81:dd:f6:2c:9e:be:5a:65:
62:42:1b:ce:e8:d1:62:3f:21:4f:f0:df:9b:c2:c1:
d9:78:e3:c5:c0:f8:ca:85:18:b7:dd:01:b8:a8:dc:
ec:f7:03:3c:59:fe:25:22:de:69:f2:d8:4c:d5:ad:
95:6b:92:4d:b7:5b:11:43:a5:29:48:3b:4a:24:cc:
75:b9:20:2f:d7:ee:04:1f:aa:3e:0e:45:53:1c:87:
27:e2:80:10:f5:d9:2f:6b:0a:81:3d:19:56:34:90:
4d:a7:5b:ee:d3:c1:8f:94:b7:18:1b:4d:2d:aa:2b:
fa:dc:fd:ec:04:58:41:5a:a0:62:a0:ec:35:de:e2:
01:ac:71:ed:b8:74:fe:36:a8:9a:d5:49:73:3a:4f:
3e:72:d2:41:e6:6c:64:0b:51:54:1d:7b:44:32:88:
76:2c:36:57:3a:c5:69:28:71:4e:d5:fa:3a:b5:0d:
62:ae:9d:95:f2:9a:7d:33:19:d3:d6:8e:a5:2c:c7:
9f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:74:BC:3D:13:DB:3F:2F:88:01:D7:61:5C:AC:8D:BD:0E:75:5E:EA
X509v3 Authority Key Identifier:
keyid:8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/_HS8PRPbPy-IAddhXKyNvQ51Xuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/jlexRHZCwU8RwEtkHPHY3orax4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.168.0/24
91.205.64.0/22
91.229.101.0/24
91.239.136.0/22
176.111.51.0/24
193.0.247.0/24
IPv6:
2001:678:31c::/48
Signature Algorithm: sha256WithRSAEncryption
41:54:e1:a8:43:ca:2f:01:7e:46:ac:04:c4:2e:8d:46:6e:dc:
77:a8:00:5f:30:39:bd:91:bb:98:36:12:3f:32:2b:ec:e4:d0:
cc:b8:f7:e1:2e:3c:8f:0c:29:9e:3a:d3:95:c4:84:67:de:18:
cd:4b:7b:03:db:fb:01:b3:d9:89:58:ba:07:88:5c:3c:63:93:
c1:0b:9a:c3:e6:e9:9c:4c:25:99:a9:e2:d3:18:31:8a:c1:18:
6d:4c:84:d7:52:66:d9:f7:ce:fd:d9:a4:d1:ad:bf:0b:6d:e0:
77:45:ee:6f:a9:02:65:ba:a3:46:65:a1:7b:ca:b7:f4:66:4e:
55:76:69:40:59:08:96:8f:49:a0:f5:ca:bb:9c:ae:86:ca:7d:
d3:1b:d5:1d:4c:12:ca:af:b3:85:6f:ee:52:0e:c4:1f:0e:82:
fc:6b:00:0d:0e:7b:f6:0f:4a:1c:c6:9d:f0:fd:ae:ae:97:72:
84:ad:67:46:44:5c:61:bc:9d:28:a0:34:57:ad:a7:33:6a:c1:
b9:6d:49:9d:a6:3e:08:be:ed:79:13:13:b7:83:d7:3b:9a:44:
20:6f:d4:69:37:85:d6:7e:46:3e:79:15:ce:e4:81:c2:ec:47:
4d:72:ef:56:24:38:fe:5e:8f:96:cd:e2:39:00:84:71:ca:3f:
00:f0:fe:d8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBChJEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTU3YjE0NDc2NDJjMTRmMTFjMDRiNjQxY2YxZDhkZThhZGFjNzg0MB4XDTIyMDEw
MTEyNTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM3NGJjM2QxM2Ri
M2YyZjg4MDFkNzYxNWNhYzhkYmQwZTc1NWVlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4xlyFzxV5pAYgeDsQFAM6Emvvxrei09bUKgqiN+Y7ZqC2W
mcBHxnf1NeN1HFXQmavG7mqwdBa0P8rPFhgqmhyPZoHd9iyevlplYkIbzujRYj8h
T/Dfm8LB2XjjxcD4yoUYt90BuKjc7PcDPFn+JSLeafLYTNWtlWuSTbdbEUOlKUg7
SiTMdbkgL9fuBB+qPg5FUxyHJ+KAEPXZL2sKgT0ZVjSQTadb7tPBj5S3GBtNLaor
+tz97ARYQVqgYqDsNd7iAaxx7bh0/jaomtVJczpPPnLSQeZsZAtRVB17RDKIdiw2
VzrFaShxTtX6OrUNYq6dlfKafTMZ09aOpSzHn0cCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBT8dLw9E9s/L4gB12FcrI29DnVe6jAfBgNVHSMEGDAWgBSOV7FEdkLBTxHA
S2Qc8djeitrHhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2psZXhSSFpDd1U4UndFdGtIUEhZM29yYXg0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvZTFjN2M5LWNjODAtNDVkNy1hNmQ4LWFmMzM0YTBhMWU5My8x
L19IUzhQUlBiUHktSUFkZGhYS3lOdlE1MVh1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
ZTFjN2M5LWNjODAtNDVkNy1hNmQ4LWFmMzM0YTBhMWU5My8xL2psZXhSSFpDd1U4
UndFdGtIUEhZM29yYXg0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAFvJqAMEAlvNQAMEAFvlZQMEAlvv
iAMEALBvMwMEAMEA9zAPBAIAAjAJAwcAIAEGeAMcMA0GCSqGSIb3DQEBCwUAA4IB
AQBBVOGoQ8ovAX5GrATELo1Gbtx3qABfMDm9kbuYNhI/Mivs5NDMuPfhLjyPDCme
OtOVxIRn3hjNS3sD2/sBs9mJWLoHiFw8Y5PBC5rD5umcTCWZqeLTGDGKwRhtTITX
UmbZ98792aTRrb8LbeB3Re5vqQJluqNGZaF7yrf0Zk5VdmlAWQiWj0mg9cq7nK6G
yn3TG9UdTBLKr7OFb+5SDsQfDoL8awANDnv2D0ocxp3w/a6ul3KErWdGRFxhvJ0o
oDRXraczasG5bUmdpj4Ivu15ExO3g9c7mkQgb9RpN4XWfkY+eRXO5IHC7EdNcu9W
JDj+Xo+WzeI5AIRxyj8A8P7Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:03 2024 by rpki-client on console-ams.rpki-client.org