Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/1-APuUcfJjorHiJi6JWedn_AT_w8.roa
File: 1-APuUcfJjorHiJi6JWedn_AT_w8.roa (raw, json)
Hash identifier: WOSabhgtUz/SC9J+HgLxFw+4gF7xu+UQVFLPew8aA9Q=
Subject key identifier: F8:03:EE:51:C7:C9:8E:8A:C7:88:98:BA:25:67:9D:9F:F0:13:FF:0F
Certificate issuer: /CN=932460b78f6e8f4662aec7858e92051e856099f5
Certificate serial: 018382AD23ACFD159CC96CB33EB1F15F4B26
Authority key identifier: 93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/1-APuUcfJjorHiJi6JWedn_AT_w8.roa
Signing time: Wed 28 Sep 2022 05:58:48 +0000
ROA not before: Wed 28 Sep 2022 05:58:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47836
IP address blocks: 91.208.175.0/24 maxlen: 24
185.161.88.0/22 maxlen: 24
2a00:ddc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:82:ad:23:ac:fd:15:9c:c9:6c:b3:3e:b1:f1:5f:4b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=932460b78f6e8f4662aec7858e92051e856099f5
Validity
Not Before: Sep 28 05:58:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f803ee51c7c98e8ac78898ba25679d9ff013ff0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:90:eb:84:a4:9e:76:f2:81:54:d5:20:13:e2:
4b:a6:4a:ed:f6:1e:c2:ef:80:9e:88:40:0e:49:af:
5d:75:6b:db:75:79:7c:fb:f9:3e:e6:2e:08:28:2b:
5e:e3:fb:4d:db:fc:b8:3a:fc:65:f9:d5:7e:55:0b:
90:ba:53:63:90:b1:1a:bc:d6:46:e7:74:9e:03:50:
37:67:af:84:e2:7b:5f:99:8f:51:60:ea:2a:47:3d:
10:ce:c4:25:c3:4e:90:26:54:f5:aa:e3:2a:9c:c8:
3b:4f:3c:38:f5:1f:40:f4:b0:d5:c9:66:00:27:b9:
f7:30:6f:27:94:e1:8e:37:10:77:0f:f7:6d:74:69:
51:6c:e7:83:a4:57:66:23:fb:8d:ad:f3:8d:e3:2b:
40:55:38:b4:1a:dc:4c:24:d4:e4:2e:ff:dd:9a:e2:
fe:ea:06:d0:9b:3d:d0:7b:36:38:fa:db:22:a4:79:
bf:87:c6:9c:d6:d3:77:4c:77:ab:8f:d8:36:72:c3:
37:16:ca:63:65:b1:0c:28:91:37:ce:b3:2b:a8:a4:
4a:6e:b9:dc:6f:14:ff:70:a3:1a:56:b3:de:6e:63:
ad:b0:86:b3:6c:ae:a7:37:2a:1b:53:9b:67:d9:43:
16:bc:37:aa:f9:a1:7f:f9:5d:39:42:f1:b3:e7:4b:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:03:EE:51:C7:C9:8E:8A:C7:88:98:BA:25:67:9D:9F:F0:13:FF:0F
X509v3 Authority Key Identifier:
keyid:93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/1-APuUcfJjorHiJi6JWedn_AT_w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.175.0/24
185.161.88.0/22
IPv6:
2a00:ddc0::/32
Signature Algorithm: sha256WithRSAEncryption
84:e4:4b:5f:c9:2d:42:f1:67:c6:5c:ea:61:c8:c8:e4:8b:a8:
22:aa:57:b0:b3:ac:8c:92:68:1f:86:c1:e0:1e:b2:20:85:0d:
e0:0b:d0:68:1c:ca:1b:67:87:90:9a:71:a3:34:1a:f5:52:92:
f0:89:5d:76:8e:70:65:7f:8a:cf:a6:88:d1:57:b4:70:fc:35:
01:b6:49:ec:d8:d7:07:dd:ba:17:f7:19:38:4f:ac:b2:c7:78:
7b:c9:b7:8d:68:71:6b:20:b7:01:83:f6:ab:1d:08:69:dc:3c:
1b:4e:72:a4:c2:1f:2e:cc:8c:82:a5:4c:40:2b:c6:db:a5:5a:
8f:5f:17:95:ff:10:ab:93:41:66:0c:63:18:a3:41:7d:62:6a:
58:20:ef:c6:d7:da:a3:1e:6d:27:06:ae:a9:2a:f0:d3:16:16:
e3:1f:d4:b3:99:f6:0f:d9:87:be:cb:18:08:a9:73:5b:d7:f4:
83:eb:64:47:04:f0:ce:89:2f:6d:47:82:cc:8d:c3:b5:a0:4e:
98:8f:61:26:ef:4d:db:cb:28:90:e2:21:25:f3:f3:0e:22:5b:
4d:4a:37:bb:be:6d:90:b7:b4:8a:1b:cc:43:78:af:33:80:b3:
9f:0b:2e:a2:01:8f:ff:d4:ea:c4:a9:a0:7d:cf:5e:99:da:6a:
fc:98:83:5b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYOCrSOs/RWcyWyzPrHxX0smMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjQ2MGI3OGY2ZThmNDY2MmFlYzc4NThlOTIwNTFlODU2
MDk5ZjUwHhcNMjIwOTI4MDU1ODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAzZWU1MWM3Yzk4ZThhYzc4ODk4YmEyNTY3OWQ5ZmYwMTNmZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pDrhKSedvKBVNUgE+JLpkrt9h7C
74CeiEAOSa9ddWvbdXl8+/k+5i4IKCte4/tN2/y4Ovxl+dV+VQuQulNjkLEavNZG
53SeA1A3Z6+E4ntfmY9RYOoqRz0QzsQlw06QJlT1quMqnMg7Tzw49R9A9LDVyWYA
J7n3MG8nlOGONxB3D/dtdGlRbOeDpFdmI/uNrfON4ytAVTi0GtxMJNTkLv/dmuL+
6gbQmz3QezY4+tsipHm/h8ac1tN3THerj9g2csM3FspjZbEMKJE3zrMrqKRKbrnc
bxT/cKMaVrPebmOtsIazbK6nNyobU5tn2UMWvDeq+aF/+V05QvGz50tdXQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPgD7lHHyY6Kx4iYuiVnnZ/wE/8PMB8GA1UdIwQY
MBaAFJMkYLePbo9GYq7HhY6SBR6FYJn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMt
OGM5ZmNiYjNlYzUyLzEvMS1BUHVVY2ZKam9ySGlKaTZKV2Vkbl9BVF93OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGIvYzI1MWYxLWNiNzAtNDI4My04NDMzLThjOWZjYmIzZWM1
Mi8xL2t5Umd0NDl1ajBaaXJzZUZqcElGSG9WZ21mVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvQrwME
ArmhWDANBAIAAjAHAwUAKgDdwDANBgkqhkiG9w0BAQsFAAOCAQEAhORLX8ktQvFn
xlzqYcjI5IuoIqpXsLOsjJJoH4bB4B6yIIUN4AvQaBzKG2eHkJpxozQa9VKS8Ild
do5wZX+Kz6aI0Ve0cPw1AbZJ7NjXB926F/cZOE+sssd4e8m3jWhxayC3AYP2qx0I
adw8G05ypMIfLsyMgqVMQCvG26Vaj18Xlf8Qq5NBZgxjGKNBfWJqWCDvxtfaox5t
JwauqSrw0xYW4x/Us5n2D9mHvssYCKlzW9f0g+tkRwTwzokvbUeCzI3DtaBOmI9h
Ju9N28sokOIhJfPzDiJbTUo3u75tkLe0ihvMQ3ivM4CznwsuogGP/9TqxKmgfc9e
mdpq/JiDWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:13 2024 by rpki-client on console-fra.rpki-client.org