Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/oGb30YaxNlAR5c2Oe45WVy4Npxs.roa
File: oGb30YaxNlAR5c2Oe45WVy4Npxs.roa (raw, json)
Hash identifier: 5zK2mY5Nm5ymkSNEHpkHU0A5lJkfCk/+H2t9C9Wqid4=
Subject key identifier: A0:66:F7:D1:86:B1:36:50:11:E5:CD:8E:7B:8E:56:57:2E:0D:A7:1B
Certificate issuer: /CN=50aa99eb8c1b18b1aa7d4245ce481fb888fbf254
Certificate serial: 7A98
Authority key identifier: 50:AA:99:EB:8C:1B:18:B1:AA:7D:42:45:CE:48:1F:B8:88:FB:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/oGb30YaxNlAR5c2Oe45WVy4Npxs.roa
Signing time: Fri 15 Apr 2022 19:19:57 +0000
ROA not before: Fri 15 Apr 2022 19:19:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50401
IP address blocks: 91.242.192.0/23 maxlen: 23
91.242.194.0/23 maxlen: 23
91.242.196.0/23 maxlen: 23
91.242.198.0/23 maxlen: 23
91.222.112.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31384 (0x7a98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50aa99eb8c1b18b1aa7d4245ce481fb888fbf254
Validity
Not Before: Apr 15 19:19:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a066f7d186b1365011e5cd8e7b8e56572e0da71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:00:de:6f:84:6e:a3:3d:2a:bb:ec:39:4d:c4:
e6:d4:c3:07:3a:02:e2:a6:40:0f:9a:43:e9:c5:06:
e5:fd:58:df:51:7a:31:0d:7e:fc:ce:97:23:de:69:
e2:24:c4:32:2c:10:f9:4e:c0:be:b3:40:57:fa:0e:
e1:97:ca:74:37:9f:95:13:4f:5f:68:96:e7:36:a7:
99:50:83:65:b6:5a:3c:6e:df:e5:b8:9c:67:53:32:
6a:ae:2c:aa:e3:77:31:04:31:18:d0:f8:61:cc:97:
90:56:53:3a:02:58:67:0d:e7:e1:c2:d6:d0:85:76:
20:3e:fc:78:16:24:4e:a0:ce:77:9f:48:7a:a7:e4:
50:9c:e7:d9:65:0f:d5:f9:8b:1c:84:5d:b8:2e:fb:
e3:e0:67:25:36:9a:ed:80:08:37:ae:6e:f1:06:aa:
01:a3:eb:d9:aa:4c:39:05:e2:e3:9f:b4:f2:af:ab:
87:9e:4b:83:1b:26:aa:a0:44:8c:98:12:02:39:b4:
63:bb:af:7d:e7:e6:51:c3:0c:e6:ff:12:38:7b:c2:
d6:bf:2a:a6:15:9a:3d:51:eb:96:0b:3f:fa:0a:e8:
d6:56:5c:5a:3e:40:71:79:5f:30:cc:ff:f5:8f:b9:
8a:8c:4f:48:1f:5e:bd:1d:cc:55:6a:93:70:c2:eb:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:66:F7:D1:86:B1:36:50:11:E5:CD:8E:7B:8E:56:57:2E:0D:A7:1B
X509v3 Authority Key Identifier:
keyid:50:AA:99:EB:8C:1B:18:B1:AA:7D:42:45:CE:48:1F:B8:88:FB:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/oGb30YaxNlAR5c2Oe45WVy4Npxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UKqZ64wbGLGqfUJFzkgfuIj78lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.112.0/22
91.242.192.0/21
Signature Algorithm: sha256WithRSAEncryption
13:43:c7:01:1d:a4:f3:e2:47:45:9f:5a:7f:58:77:02:d8:15:
80:71:c8:d6:2c:d2:00:3b:6c:52:f2:9c:dd:cf:c0:85:cc:6e:
ec:22:c2:f8:12:1c:47:4c:83:95:f7:34:94:54:e9:5b:a3:00:
72:18:f6:2e:57:d4:3e:1c:68:e5:5f:65:6b:3c:d2:27:73:1c:
b3:63:5c:76:90:f3:11:41:c6:b4:b1:cd:12:ed:22:48:5b:a0:
98:5f:cd:2d:eb:50:4d:31:34:e1:ef:3f:e0:63:02:be:2f:78:
aa:a6:35:00:13:c0:d1:b7:e4:c8:0b:8c:aa:a5:33:44:5d:bd:
23:82:08:84:e5:05:46:dc:90:90:63:36:15:25:e5:62:3c:1b:
6e:a7:ca:7a:dc:b1:7a:29:2e:e2:37:56:a6:08:32:5b:97:84:
f8:35:6a:d5:5b:46:b7:e3:09:bb:0a:b2:23:ed:a9:fe:ea:08:
6d:32:6f:82:b5:0c:c9:1e:64:fc:20:df:1f:f5:07:99:51:a4:
60:20:f3:c2:19:23:2e:85:bf:fe:7b:a5:55:33:cf:62:c1:42:
a9:8d:9e:d9:c9:a6:d4:61:9a:22:8e:e7:6a:c3:45:a5:02:ae:
2a:b2:85:70:1b:bb:53:66:74:0c:8d:89:14:a3:04:7a:b0:74:
12:92:28:a6
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICepgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTBh
YTk5ZWI4YzFiMThiMWFhN2Q0MjQ1Y2U0ODFmYjg4OGZiZjI1NDAeFw0yMjA0MTUx
OTE5NTdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGEwNjZmN2QxODZiMTM2
NTAxMWU1Y2Q4ZTdiOGU1NjU3MmUwZGE3MWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwAN5vhG6jPSq77DlNxObUwwc6AuKmQA+aQ+nFBuX9WN9RejEN
fvzOlyPeaeIkxDIsEPlOwL6zQFf6DuGXynQ3n5UTT19oluc2p5lQg2W2Wjxu3+W4
nGdTMmquLKrjdzEEMRjQ+GHMl5BWUzoCWGcN5+HC1tCFdiA+/HgWJE6gznefSHqn
5FCc59llD9X5ixyEXbgu++PgZyU2mu2ACDeubvEGqgGj69mqTDkF4uOftPKvq4ee
S4MbJqqgRIyYEgI5tGO7r33n5lHDDOb/Ejh7wta/KqYVmj1R65YLP/oK6NZWXFo+
QHF5XzDM//WPuYqMT0gfXr0dzFVqk3DC66PRAgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUoGb30YaxNlAR5c2Oe45WVy4NpxswHwYDVR0jBBgwFoAUUKqZ64wbGLGqfUJF
zkgfuIj78lQwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9V
S3FaNjR3YkdMR3FmVUpGemtnZnVJajc4bFEuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2RhLzA4ODY3Ny04MGJlLTQxMzAtYjM2MC0xY2Y2ZmQ5ZjgwZmEvMS9v
R2IzMFlheE5sQVI1YzJPZTQ1V1Z5NE5weHMucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhLzA4
ODY3Ny04MGJlLTQxMzAtYjM2MC0xY2Y2ZmQ5ZjgwZmEvMS9VS3FaNjR3YkdMR3Fm
VUpGemtnZnVJajc4bFEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYI
KwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJb3nADBANb8sAwDQYJKoZIhvcNAQEL
BQADggEBABNDxwEdpPPiR0WfWn9YdwLYFYBxyNYs0gA7bFLynN3PwIXMbuwiwvgS
HEdMg5X3NJRU6VujAHIY9i5X1D4caOVfZWs80idzHLNjXHaQ8xFBxrSxzRLtIkhb
oJhfzS3rUE0xNOHvP+BjAr4veKqmNQATwNG35MgLjKqlM0RdvSOCCITlBUbckJBj
NhUl5WI8G26nynrcsXopLuI3VqYIMluXhPg1atVbRrfjCbsKsiPtqf7qCG0yb4K1
DMkeZPwg3x/1B5lRpGAg88IZIy6Fv/57pVUzz2LBQqmNntnJptRhmiKO52rDRaUC
riqyhXAbu1NmdAyNiRSjBHqwdBKSKKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:23 2024 by rpki-client on console-ams.rpki-client.org