Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/fhoprqLXYqplJHu88DkYyl3YSvc.roa
File: fhoprqLXYqplJHu88DkYyl3YSvc.roa (raw, json)
Hash identifier: YmhHWgLRV6f8E5KLVIX2cn8czb8GDwmQ/bJmaj5PcGY=
Subject key identifier: 7E:1A:29:AE:A2:D7:62:AA:65:24:7B:BC:F0:39:18:CA:5D:D8:4A:F7
Certificate issuer: /CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Certificate serial: 04D52B4B
Authority key identifier: 8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/fhoprqLXYqplJHu88DkYyl3YSvc.roa
Signing time: Sat 19 Mar 2022 19:39:43 +0000
ROA not before: Sat 19 Mar 2022 19:39:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35213
IP address blocks: 91.229.101.0/24 maxlen: 24
91.239.139.0/24 maxlen: 24
91.239.138.0/24 maxlen: 24
91.239.137.0/24 maxlen: 24
91.239.136.0/22 maxlen: 22
91.239.136.0/24 maxlen: 24
91.201.168.0/24 maxlen: 24
176.111.51.0/24 maxlen: 24
193.0.247.0/24 maxlen: 24
91.205.67.0/24 maxlen: 24
91.205.66.0/24 maxlen: 24
91.205.65.0/24 maxlen: 24
91.205.64.0/22 maxlen: 22
91.205.64.0/24 maxlen: 24
2001:678:31c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81079115 (0x4d52b4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Validity
Not Before: Mar 19 19:39:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1a29aea2d762aa65247bbcf03918ca5dd84af7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1d:8b:ed:2a:d5:3d:f6:00:05:98:b2:aa:1d:
1d:03:60:38:cc:14:66:84:d0:a4:29:68:73:35:2b:
d8:81:26:d9:fb:f8:bd:2b:da:60:b7:81:6a:1a:91:
94:74:2d:4e:3b:bb:a6:2d:11:0c:95:13:42:88:b1:
ba:31:ac:c2:a6:1b:e6:62:82:05:52:67:08:1d:ff:
35:81:98:1b:9a:45:ab:74:e8:e1:35:e4:0b:25:8b:
5c:cc:6f:e4:1b:21:1f:15:23:d6:09:6c:46:98:3c:
6f:50:e7:c5:80:21:7f:33:6c:9b:f1:a3:3b:fd:7c:
eb:e3:2a:08:c3:83:4c:80:0d:26:2d:5d:1f:f4:45:
4f:9c:00:3f:dd:c5:c0:1e:e3:49:42:16:35:bc:da:
20:0d:a7:2f:92:da:ed:d3:0c:b4:dd:cd:84:7e:99:
f3:38:74:b5:28:11:4b:87:2e:1b:ed:ff:04:87:25:
27:27:7d:dd:83:d4:92:b4:43:63:eb:59:3a:05:9c:
93:af:37:89:47:50:2c:44:53:ac:15:e4:ce:94:05:
8e:10:1f:3d:e6:6f:67:f7:69:19:c9:41:e4:4e:a6:
2a:14:58:49:18:2b:55:96:15:c5:6e:af:a4:a9:4c:
26:ef:e3:01:97:c3:52:6b:00:ef:c5:a5:aa:cc:8f:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1A:29:AE:A2:D7:62:AA:65:24:7B:BC:F0:39:18:CA:5D:D8:4A:F7
X509v3 Authority Key Identifier:
keyid:8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/fhoprqLXYqplJHu88DkYyl3YSvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/jlexRHZCwU8RwEtkHPHY3orax4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.168.0/24
91.205.64.0/22
91.229.101.0/24
91.239.136.0/22
176.111.51.0/24
193.0.247.0/24
IPv6:
2001:678:31c::/48
Signature Algorithm: sha256WithRSAEncryption
05:7f:8f:7f:e7:2c:d3:67:d1:2c:a2:99:06:67:50:f9:1f:cd:
6e:b3:58:4e:7d:bc:9b:01:54:3f:1f:d3:d4:b5:15:6c:cb:1d:
73:a1:66:4a:d3:84:6c:14:a1:75:e2:ed:92:cb:d6:06:6b:62:
80:9c:07:5b:69:2c:66:1b:d1:80:3c:11:eb:8a:59:5a:c0:01:
8d:54:4c:45:32:66:32:d8:e6:0b:57:fd:8e:a8:9b:3b:25:17:
54:a1:10:19:0a:4d:98:73:b4:d2:1c:66:d9:3b:bb:25:eb:e3:
96:7a:69:41:b7:f1:eb:a2:a6:f7:ca:0c:de:7b:c4:11:50:c6:
24:90:0e:53:c0:f4:4f:6d:e9:98:b0:d2:9a:aa:ea:e3:d7:9f:
f1:b1:b7:70:24:65:99:fd:ec:35:fc:6c:da:ac:d0:0c:f1:9e:
53:7e:59:2f:cf:c6:34:7f:af:b8:02:2c:cc:b0:0a:53:72:0d:
30:1d:92:73:ec:40:f5:5d:9b:32:64:0c:17:1c:b4:68:5f:63:
70:db:80:a2:98:a6:c8:79:26:70:0c:eb:e5:a5:ad:2a:3f:aa:
d8:b9:51:97:f3:6e:22:3c:71:7a:ab:0a:3e:82:4f:e8:ed:92:
42:18:d2:61:75:72:93:4b:53:38:26:4d:50:73:73:4e:ae:50:
36:73:7f:bd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBNUrSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTU3YjE0NDc2NDJjMTRmMTFjMDRiNjQxY2YxZDhkZThhZGFjNzg0MB4XDTIyMDMx
OTE5Mzk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UxYTI5YWVhMmQ3
NjJhYTY1MjQ3YmJjZjAzOTE4Y2E1ZGQ4NGFmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4di+0q1T32AAWYsqodHQNgOMwUZoTQpCloczUr2IEm2fv4
vSvaYLeBahqRlHQtTju7pi0RDJUTQoixujGswqYb5mKCBVJnCB3/NYGYG5pFq3To
4TXkCyWLXMxv5BshHxUj1glsRpg8b1DnxYAhfzNsm/GjO/186+MqCMODTIANJi1d
H/RFT5wAP93FwB7jSUIWNbzaIA2nL5La7dMMtN3NhH6Z8zh0tSgRS4cuG+3/BIcl
Jyd93YPUkrRDY+tZOgWck683iUdQLERTrBXkzpQFjhAfPeZvZ/dpGclB5E6mKhRY
SRgrVZYVxW6vpKlMJu/jAZfDUmsA78WlqsyP4u8CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBR+GimuotdiqmUke7zwORjKXdhK9zAfBgNVHSMEGDAWgBSOV7FEdkLBTxHA
S2Qc8djeitrHhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2psZXhSSFpDd1U4UndFdGtIUEhZM29yYXg0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvZTFjN2M5LWNjODAtNDVkNy1hNmQ4LWFmMzM0YTBhMWU5My8x
L2Zob3BycUxYWXFwbEpIdTg4RGtZeWwzWVN2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
ZTFjN2M5LWNjODAtNDVkNy1hNmQ4LWFmMzM0YTBhMWU5My8xL2psZXhSSFpDd1U4
UndFdGtIUEhZM29yYXg0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAFvJqAMEAlvNQAMEAFvlZQMEAlvv
iAMEALBvMwMEAMEA9zAPBAIAAjAJAwcAIAEGeAMcMA0GCSqGSIb3DQEBCwUAA4IB
AQAFf49/5yzTZ9EsopkGZ1D5H81us1hOfbybAVQ/H9PUtRVsyx1zoWZK04RsFKF1
4u2Sy9YGa2KAnAdbaSxmG9GAPBHrillawAGNVExFMmYy2OYLV/2OqJs7JRdUoRAZ
Ck2Yc7TSHGbZO7sl6+OWemlBt/Hroqb3ygzee8QRUMYkkA5TwPRPbemYsNKaqurj
15/xsbdwJGWZ/ew1/GzarNAM8Z5Tflkvz8Y0f6+4AizMsApTcg0wHZJz7ED1XZsy
ZAwXHLRoX2Nw24CimKbIeSZwDOvlpa0qP6rYuVGX824iPHF6qwo+gk/o7ZJCGNJh
dXKTS1M4Jk1Qc3NOrlA2c3+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:03 2024 by rpki-client on console-ams.rpki-client.org