Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mI6d82lw_PqTc-cl067PgAH-ZhQ.roa
File: mI6d82lw_PqTc-cl067PgAH-ZhQ.roa (raw, json)
Hash identifier: f+PyZo6F9hqZWuJALlg9wB3mJ8wqlutMh6DIOzbM3Tk=
Subject key identifier: 98:8E:9D:F3:69:70:FC:FA:93:73:E7:25:D3:AE:CF:80:01:FE:66:14
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0183F4E638A2D4AC3AADDA941F58827D16E3
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mI6d82lw_PqTc-cl067PgAH-ZhQ.roa
Signing time: Thu 20 Oct 2022 10:17:51 +0000
ROA not before: Thu 20 Oct 2022 10:17:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34918
IP address blocks: 91.239.214.0/24 maxlen: 24
185.126.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:e6:38:a2:d4:ac:3a:ad:da:94:1f:58:82:7d:16:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 20 10:17:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=988e9df36970fcfa9373e725d3aecf8001fe6614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:13:9e:03:1d:18:6b:23:97:14:56:c8:5a:c7:
48:33:c4:bf:0f:ea:a8:32:2f:0e:4f:63:b5:df:c4:
4f:75:4a:a3:e5:26:89:dd:e3:24:8f:e1:a6:8b:a1:
a1:54:6e:d8:12:62:9a:b8:7e:12:ce:1d:6e:ca:82:
fa:92:e9:99:22:20:b6:dc:30:2d:50:cc:e5:01:d1:
e8:e3:43:77:11:b4:5a:6d:86:f2:62:34:d3:a9:e6:
e7:b7:ea:f4:2b:37:db:29:ad:5d:40:77:32:aa:78:
86:40:a5:de:16:0e:dd:8e:01:8a:96:bb:21:0d:e1:
14:39:8d:1f:ab:39:fb:cd:1c:ae:5f:b6:b8:ed:dc:
a9:b8:e7:9f:a5:ff:89:28:72:c3:6e:f9:52:27:c6:
0a:26:b1:a5:10:95:45:10:5e:18:81:7f:c4:5d:a9:
5f:a9:40:6f:45:a5:fd:d6:20:0c:de:ae:a9:f2:ad:
5a:c0:c7:c8:44:ad:91:08:86:f2:9e:72:62:62:ca:
e1:cd:97:e3:e4:9d:1d:33:21:25:22:76:ed:60:bf:
0b:2d:dc:6b:6b:d0:f0:d5:a1:f2:fd:02:06:1e:ba:
ea:45:9d:58:ac:7d:63:09:de:86:de:0a:02:3d:50:
71:77:df:c9:e7:f4:64:45:4e:4e:c4:46:9a:8e:24:
b8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8E:9D:F3:69:70:FC:FA:93:73:E7:25:D3:AE:CF:80:01:FE:66:14
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mI6d82lw_PqTc-cl067PgAH-ZhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.214.0/24
185.126.8.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:61:b3:a3:1c:0b:36:d5:c3:a4:be:8b:fb:2c:cf:0f:c6:37:
f0:36:cf:d3:2e:ba:a5:2f:17:b2:d2:77:0a:05:f4:63:80:bf:
ac:e6:df:3a:74:f3:5b:1e:9d:36:e3:09:d5:eb:01:70:5d:8b:
5c:8d:7e:0e:c9:0d:c0:26:eb:0b:4e:1b:e8:c5:28:4b:19:25:
34:c8:6b:c8:93:4e:aa:44:d2:99:c0:93:d2:ca:cf:57:16:c1:
c9:59:ca:8c:00:b0:87:d2:3f:2f:8a:27:b5:ed:4c:6b:28:7c:
b6:1d:45:2f:11:5c:b5:12:b1:10:08:7c:8b:8f:8d:7a:f5:c1:
b6:36:03:a0:e1:9e:9c:b0:47:2e:61:b4:2b:73:21:f6:1b:15:
06:66:65:f4:3c:2a:2b:60:74:50:af:fb:03:cb:bd:de:04:a2:
40:7f:d8:42:e3:20:6b:33:ca:b8:42:7e:2f:de:85:af:5f:31:
c0:7e:41:0e:bf:a0:5c:b7:f8:0b:e7:94:0f:28:35:5b:21:cb:
96:f0:0a:51:ac:26:9f:38:06:a0:31:9f:6d:d0:56:97:95:b8:
7c:97:27:0d:b8:e2:97:f3:b6:d6:3b:ee:a3:98:84:0a:49:42:
3a:70:62:b3:d3:e6:52:dd:77:66:a9:a6:14:5d:3f:70:21:5f:
84:50:f6:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP05jii1Kw6rdqUH1iCfRbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIxMDIwMTAxNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhlOWRmMzY5NzBmY2ZhOTM3M2U3MjVkM2FlY2Y4MDAxZmU2NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhOeAx0YayOXFFbIWsdIM8S/D+qo
Mi8OT2O138RPdUqj5SaJ3eMkj+Gmi6GhVG7YEmKauH4Szh1uyoL6kumZIiC23DAt
UMzlAdHo40N3EbRabYbyYjTTqebnt+r0KzfbKa1dQHcyqniGQKXeFg7djgGKlrsh
DeEUOY0fqzn7zRyuX7a47dypuOefpf+JKHLDbvlSJ8YKJrGlEJVFEF4YgX/EXalf
qUBvRaX91iAM3q6p8q1awMfIRK2RCIbynnJiYsrhzZfj5J0dMyElInbtYL8LLdxr
a9Dw1aHy/QIGHrrqRZ1YrH1jCd6G3goCPVBxd9/J5/RkRU5OxEaajiS4awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJiOnfNpcPz6k3PnJdOuz4AB/mYUMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvbUk2ZDgybHdfUHFUYy1jbDA2N1BnQUgtWmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+/WAwQD
uX4IMA0GCSqGSIb3DQEBCwUAA4IBAQCOYbOjHAs21cOkvov7LM8PxjfwNs/TLrql
Lxey0ncKBfRjgL+s5t86dPNbHp024wnV6wFwXYtcjX4OyQ3AJusLThvoxShLGSU0
yGvIk06qRNKZwJPSys9XFsHJWcqMALCH0j8viie17UxrKHy2HUUvEVy1ErEQCHyL
j4169cG2NgOg4Z6csEcuYbQrcyH2GxUGZmX0PCorYHRQr/sDy73eBKJAf9hC4yBr
M8q4Qn4v3oWvXzHAfkEOv6Bct/gL55QPKDVbIcuW8ApRrCafOAagMZ9t0FaXlbh8
lycNuOKX87bWO+6jmIQKSUI6cGKz0+ZS3XdmqaYUXT9wIV+EUPbi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:54 2023 by rpki-client on console-fra.rpki-client.org